Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-31664 (GCVE-0-2026-31664)
Vulnerability from cvelistv5 – Published: 2026-04-24 14:45 – Updated: 2026-07-14 12:48| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < a5127501c8d30b5728791b1e340284ca5c9cc4bd
(git)
Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < e6f4ffe8596947a595c9544e73a73adcb0568b88 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < ac6985903db047eaff54db929e4bf6b06782788e (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < c221ed63a2769a0af8bd849dfe25740048f34ef4 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < eda30846ea54f8ed218468e5480c8305ca645e37 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < b1dfd6b27df35ef4f87825aa5f607378d23ff0f2 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < e1af65c669ebb1666c54576614c01a7f9ffcfff6 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 71a98248c63c535eaa4d4c22f099b68d902006d0 (git) |
|
| Linux | Linux |
Affected:
2.6.12
Unaffected: 0 , < 2.6.12 (semver) Unaffected: 5.10.258 , ≤ 5.10.* (semver) Unaffected: 5.15.209 , ≤ 5.15.* (semver) Unaffected: 6.1.169 , ≤ 6.1.* (semver) Unaffected: 6.6.135 , ≤ 6.6.* (semver) Unaffected: 6.12.82 , ≤ 6.12.* (semver) Unaffected: 6.18.23 , ≤ 6.18.* (semver) Unaffected: 6.19.13 , ≤ 6.19.* (semver) Unaffected: 7.0 , ≤ * (original_commit_for_fix) |
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.6 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.6 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.6 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
{
"containers": {
"adp": [
{
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-14T12:48:32.307Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/xfrm/xfrm_user.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "a5127501c8d30b5728791b1e340284ca5c9cc4bd",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "e6f4ffe8596947a595c9544e73a73adcb0568b88",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "ac6985903db047eaff54db929e4bf6b06782788e",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "c221ed63a2769a0af8bd849dfe25740048f34ef4",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "eda30846ea54f8ed218468e5480c8305ca645e37",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "b1dfd6b27df35ef4f87825aa5f607378d23ff0f2",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "e1af65c669ebb1666c54576614c01a7f9ffcfff6",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
},
{
"lessThan": "71a98248c63c535eaa4d4c22f099b68d902006d0",
"status": "affected",
"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/xfrm/xfrm_user.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.12"
},
{
"lessThan": "2.6.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.258",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.209",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.169",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.135",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.82",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.258",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.209",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.169",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.135",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.82",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.23",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19.13",
"versionStartIncluding": "2.6.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0",
"versionStartIncluding": "2.6.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire()."
}
],
"providerMetadata": {
"dateUpdated": "2026-06-01T16:13:15.231Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/a5127501c8d30b5728791b1e340284ca5c9cc4bd"
},
{
"url": "https://git.kernel.org/stable/c/e6f4ffe8596947a595c9544e73a73adcb0568b88"
},
{
"url": "https://git.kernel.org/stable/c/ac6985903db047eaff54db929e4bf6b06782788e"
},
{
"url": "https://git.kernel.org/stable/c/c221ed63a2769a0af8bd849dfe25740048f34ef4"
},
{
"url": "https://git.kernel.org/stable/c/eda30846ea54f8ed218468e5480c8305ca645e37"
},
{
"url": "https://git.kernel.org/stable/c/b1dfd6b27df35ef4f87825aa5f607378d23ff0f2"
},
{
"url": "https://git.kernel.org/stable/c/e1af65c669ebb1666c54576614c01a7f9ffcfff6"
},
{
"url": "https://git.kernel.org/stable/c/71a98248c63c535eaa4d4c22f099b68d902006d0"
}
],
"title": "xfrm: clear trailing padding in build_polexpire()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-31664",
"datePublished": "2026-04-24T14:45:13.922Z",
"dateReserved": "2026-03-09T15:48:24.129Z",
"dateUpdated": "2026-07-14T12:48:32.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-31664",
"date": "2026-07-14",
"epss": "0.00114",
"percentile": "0.0177"
},
"microsoft_vex": {
"current_release_date": "2026-05-01T14:44:28.000Z",
"cve": "CVE-2026-31664",
"id": "msrc_CVE-2026-31664",
"initial_release_date": "2026-04-02T00:00:00.000Z",
"product_status:fixed": "1",
"product_status:known_affected": "3",
"source": "Microsoft CSAF VEX",
"status": "final",
"title": "xfrm: clear trailing padding in build_polexpire()",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-31664.json",
"version": "5"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-31664\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-04-24T15:16:46.043\",\"lastModified\":\"2026-07-14T13:18:47.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nxfrm: clear trailing padding in build_polexpire()\\n\\nbuild_expire() clears the trailing padding bytes of struct\\nxfrm_user_expire after setting the hard field via memset_after(),\\nbut the analogous function build_polexpire() does not do this for\\nstruct xfrm_user_polexpire.\\n\\nThe padding bytes after the __u8 hard field are left\\nuninitialized from the heap allocation, and are then sent to\\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\\nleaking kernel heap memory contents.\\n\\nAdd the missing memset_after() call, matching build_expire().\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"net/xfrm/xfrm_user.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"a5127501c8d30b5728791b1e340284ca5c9cc4bd\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"e6f4ffe8596947a595c9544e73a73adcb0568b88\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"ac6985903db047eaff54db929e4bf6b06782788e\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"c221ed63a2769a0af8bd849dfe25740048f34ef4\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"eda30846ea54f8ed218468e5480c8305ca645e37\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"b1dfd6b27df35ef4f87825aa5f607378d23ff0f2\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"e1af65c669ebb1666c54576614c01a7f9ffcfff6\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2\",\"lessThan\":\"71a98248c63c535eaa4d4c22f099b68d902006d0\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"net/xfrm/xfrm_user.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"2.6.12\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"2.6.12\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.10.258\",\"lessThanOrEqual\":\"5.10.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.15.209\",\"lessThanOrEqual\":\"5.15.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.169\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.135\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.82\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.23\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.19.13\",\"lessThanOrEqual\":\"6.19.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]},{\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\",\"affectedData\":[{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.6\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.6\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.6\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.6\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.6\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"Siemens\",\"product\":\"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\",\"defaultStatus\":\"unknown\",\"versions\":[{\"version\":\"V3.1.5\",\"lessThan\":\"*\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.12.1\",\"versionEndExcluding\":\"6.1.169\",\"matchCriteriaId\":\"2FCFBA57-878B-4D11-8528-850CE9FB4CB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.135\",\"matchCriteriaId\":\"15C1A1B2-14EE-494C-AF3E-D5A7BA640B39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.82\",\"matchCriteriaId\":\"02904CAE-71D2-45B3-9EC3-F6A9D18B6307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.23\",\"matchCriteriaId\":\"E9E09FDD-9EE3-4A56-92E2-2B30AFD0072F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.13\",\"matchCriteriaId\":\"1490EF9B-9080-481C-8D22-1306AAE664E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F76C298-81DC-43E4-8FC9-DC005A2116EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AB349B2-3F78-4197-882B-90ADB3BF645A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AC88830-A9BC-4607-B572-A4B502FC9FD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"476CB3A5-D022-4F13-AAEF-CB6A5785516A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F253B622-8837-4245-BCE5-A7BF8FC76A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F666C8D8-6538-46D4-B318-87610DE64C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"02259FDA-961B-47BC-AE7F-93D7EC6E90C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2315C0-D46F-4F85-9754-F9E5E11374A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"512EE3A8-A590-4501-9A94-5D4B268D6138\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/71a98248c63c535eaa4d4c22f099b68d902006d0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a5127501c8d30b5728791b1e340284ca5c9cc4bd\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ac6985903db047eaff54db929e4bf6b06782788e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b1dfd6b27df35ef4f87825aa5f607378d23ff0f2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c221ed63a2769a0af8bd849dfe25740048f34ef4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e1af65c669ebb1666c54576614c01a7f9ffcfff6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e6f4ffe8596947a595c9544e73a73adcb0568b88\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/eda30846ea54f8ed218468e5480c8305ca645e37\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-019113.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"redhat_vex": {
"aggregate_severity": "Low",
"current_release_date": "2026-06-28T07:27:04+00:00",
"cve": "CVE-2026-31664",
"id": "CVE-2026-31664",
"initial_release_date": "2026-04-24T00:00:00+00:00",
"product_status:known_affected": "274",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "kernel: xfrm: clear trailing padding in build_polexpire()",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31664.json",
"version": "3"
}
}
}
SSA-019113
Vulnerability from csaf_siemens - Published: 2026-07-14 00:00 - Updated: 2026-07-14 00:00sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the created ct will not be confirmed, like in OVS and TC conntrack in the following patches. This patch allows exp not to be removed by setting IPS_CONFIRMED in the status of the tmpl.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index With numa balancing on, when a numa system is running where a numa node doesn't have its local memory so it has no managed zones, the following oops has been observed. It's because wakeup_kswapd() is called with a wrong zone index, -1. Fixed it by checking the index before calling wakeup_kswapd(). > BUG: unable to handle page fault for address: 00000000000033f3 > #PF: supervisor read access in kernel mode > #PF: error_code(0x0000) - not-present page > PGD 0 P4D 0 > Oops: 0000 [#1] PREEMPT SMP NOPTI > CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255 > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS > rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 > RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812) > Code: (omitted) > RSP: 0000:ffffc90004257d58 EFLAGS: 00010286 > RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003 > RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480 > RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff > R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003 > R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940 > FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > PKRU: 55555554 > Call Trace: > <TASK> > ? __die > ? page_fault_oops > ? __pte_offset_map_lock > ? exc_page_fault > ? asm_exc_page_fault > ? wakeup_kswapd > migrate_misplaced_page > __handle_mm_fault > handle_mm_fault > do_user_addr_fault > exc_page_fault > asm_exc_page_fault > RIP: 0033:0x55b897ba0808 > Code: (omitted) > RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287 > RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0 > RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0 > RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075 > R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 > R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000 > </TASK>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated by the firmware. In the unusual event that no packets have been send on TID 0, the queue will not have been allocated and this causes a crash. Fix this by ensuring the queue exist at suspend time.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb() As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access in __ip_make_skb()") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6->flowi6_flags instead of testing HDRINCL on the socket to avoid a race condition which causes uninit-value access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in __ip_make_skb() KMSAN reported uninit-value access in __ip_make_skb() [1]. __ip_make_skb() tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt(2) with IP_HDRINCL changes HDRINCL while __ip_make_skb() is running, the function will access icmphdr in the skb even if it is not included. This causes the issue reported by KMSAN. Check FLOWI_FLAG_KNOWN_NH on fl4->flowi4_flags instead of testing HDRINCL on the socket. Also, fl4->fl4_icmp_type and fl4->fl4_icmp_code are not initialized. These are union in struct flowi4 and are implicitly initialized by flowi4_init_output(), but we should not rely on specific union layout. Initialize these explicitly in raw_sendmsg(). [1] BUG: KMSAN: uninit-value in __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481 __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481 ip_finish_skb include/net/ip.h:243 [inline] ip_push_pending_frames+0x4c/0x5c0 net/ipv4/ip_output.c:1508 raw_sendmsg+0x2381/0x2690 net/ipv4/raw.c:654 inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x274/0x3c0 net/socket.c:745 __sys_sendto+0x62c/0x7b0 net/socket.c:2191 __do_sys_sendto net/socket.c:2203 [inline] __se_sys_sendto net/socket.c:2199 [inline] __x64_sys_sendto+0x130/0x200 net/socket.c:2199 do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x6d/0x75 Uninit was created at: slab_post_alloc_hook mm/slub.c:3804 [inline] slab_alloc_node mm/slub.c:3845 [inline] kmem_cache_alloc_node+0x5f6/0xc50 mm/slub.c:3888 kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:577 __alloc_skb+0x35a/0x7c0 net/core/skbuff.c:668 alloc_skb include/linux/skbuff.h:1318 [inline] __ip_append_data+0x49ab/0x68c0 net/ipv4/ip_output.c:1128 ip_append_data+0x1e7/0x260 net/ipv4/ip_output.c:1365 raw_sendmsg+0x22b1/0x2690 net/ipv4/raw.c:648 inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:730 [inline] __sock_sendmsg+0x274/0x3c0 net/socket.c:745 __sys_sendto+0x62c/0x7b0 net/socket.c:2191 __do_sys_sendto net/socket.c:2203 [inline] __se_sys_sendto net/socket.c:2199 [inline] __x64_sys_sendto+0x130/0x200 net/socket.c:2199 do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x6d/0x75 CPU: 1 PID: 15709 Comm: syz-executor.7 Not tainted 6.8.0-11567-gb3603fcb79b1 #25 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to provide exclusion against gfs2_log_flush(). In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before dereferencing it. Otherwise, we could run into a NULL pointer dereference when outstanding glock work races with an unmount (glock_work_func -> run_queue -> do_xmote -> inode_go_sync -> gfs2_log_flush).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF The fscache_cookie_lru_timer is initialized when the fscache module is inserted, but is not deleted when the fscache module is removed. If timer_reduce() is called before removing the fscache module, the fscache_cookie_lru_timer will be added to the timer list of the current cpu. Afterwards, a use-after-free will be triggered in the softIRQ after removing the fscache module, as follows: ================================================================== BUG: unable to handle page fault for address: fffffbfff803c9e9 PF: supervisor read access in kernel mode PF: error_code(0x0000) - not-present page PGD 21ffea067 P4D 21ffea067 PUD 21ffe6067 PMD 110a7c067 PTE 0 Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.11.0-rc3 #855 Tainted: [W]=WARN RIP: 0010:__run_timer_base.part.0+0x254/0x8a0 Call Trace: <IRQ> tmigr_handle_remote_up+0x627/0x810 __walk_groups.isra.0+0x47/0x140 tmigr_handle_remote+0x1fa/0x2f0 handle_softirqs+0x180/0x590 irq_exit_rcu+0x84/0xb0 sysvec_apic_timer_interrupt+0x6e/0x90 </IRQ> <TASK> asm_sysvec_apic_timer_interrupt+0x1a/0x20 RIP: 0010:default_idle+0xf/0x20 default_idle_call+0x38/0x60 do_idle+0x2b5/0x300 cpu_startup_entry+0x54/0x60 start_secondary+0x20d/0x280 common_startup_64+0x13e/0x148 </TASK> Modules linked in: [last unloaded: netfs] ================================================================== Therefore delete fscache_cookie_lru_timer when removing the fscahe module.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking into the crafted fuzzed image, I found it's formed with several overlapped big pclusters as below: Ext: logical offset | length : physical offset | length 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384 1: 16384.. 32768 | 16384 : 155648.. 172032 | 16384 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384 ... Here, extent 0/1 are physically overlapped although it's entirely _impossible_ for normal filesystem images generated by mkfs. First, managed folios containing compressed data will be marked as up-to-date and then unlocked immediately (unlike in-place folios) when compressed I/Os are complete. If physical blocks are not submitted in the incremental order, there should be separate BIOs to avoid dependency issues. However, the current code mis-arranges z_erofs_fill_bio_vec() and BIO submission which causes unexpected BIO waits. Second, managed folios will be connected to their own pclusters for efficient inter-queries. However, this is somewhat hard to implement easily if overlapped big pclusters exist. Again, these only appear in fuzzed images so let's simply fall back to temporary short-lived pages for correctness. Additionally, it justifies that referenced managed folios cannot be truncated for now and reverts part of commit 2080ca1ed3e4 ("erofs: tidy up `struct z_erofs_bvec`") for simplicity although it shouldn't be any difference.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called from request_lock() as lkb->lkb_resource is not assigned yet, only after validate_lock_args() by calling attach_lkb(). Another issue is that a resource name could be a non printable bytearray and we cannot assume to be ASCII coded. The log functionality is probably never being hit when DLM is used in normal way and no debug logging is enabled. The null pointer dereference can only occur on a new created lkb that does not have the resource assigned yet, it probably never hits the null pointer dereference but we should be sure that other changes might not change this behaviour and we actually can hit the mentioned null pointer dereference. In this patch we just drop the printout of the resource name, the lkb id is enough to make a possible connection to a resource name if this exists.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: filesystems without casefold feature cannot be mounted with siphash When mounting the ext4 filesystem, if the default hash version is set to DX_HASH_SIPHASH but the casefold feature is not set, exit the mounting.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: block: fix integer overflow in BLKSECDISCARD I independently rediscovered commit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 block: fix overflow in blk_ioctl_discard() but for secure erase. Same problem: uint64_t r[2] = {512, 18446744073709551104ULL}; ioctl(fd, BLKSECDISCARD, r); will enter near infinite loop inside blkdev_issue_secure_erase(): a.out: attempt to access beyond end of device loop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048 bio_check_eod: 3286214 callbacks suppressed
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is unique among DSA drivers in that it calls dev_get_drvdata() at "arbitrary runtime" (not probe, not shutdown, not remove): phy_state_machine() -> ... -> dsa_user_phy_read() -> ds->ops->phy_read() -> lan9303_phy_read() -> chip->ops->phy_read() -> lan9303_mdio_phy_read() -> dev_get_drvdata() But we never stop the phy_state_machine(), so it may continue to run after dsa_switch_shutdown(). Our common pattern in all DSA drivers is to set drvdata to NULL to suppress the remove() method that may come afterwards. But in this case it will result in an NPD. The second problem is that the way in which we set dp->conduit->dsa_ptr = NULL; is concurrent with receive packet processing. dsa_switch_rcv() checks once whether dev->dsa_ptr is NULL, but afterwards, rather than continuing to use that non-NULL value, dev->dsa_ptr is dereferenced again and again without NULL checks: dsa_conduit_find_user() and many other places. In between dereferences, there is no locking to ensure that what was valid once continues to be valid. Both problems have the common aspect that closing the conduit interface solves them. In the first case, dev_close(conduit) triggers the NETDEV_GOING_DOWN event in dsa_user_netdevice_event() which closes user ports as well. dsa_port_disable_rt() calls phylink_stop(), which synchronously stops the phylink state machine, and ds->ops->phy_read() will thus no longer call into the driver after this point. In the second case, dev_close(conduit) should do this, as per Documentation/networking/driver.rst: | Quiescence | ---------- | | After the ndo_stop routine has been called, the hardware must | not receive or transmit any data. All in flight packets must | be aborted. If necessary, poll or wait for completion of | any reset commands. So it should be sufficient to ensure that later, when we zeroize conduit->dsa_ptr, there will be no concurrent dsa_switch_rcv() call on this conduit. The addition of the netif_device_detach() function is to ensure that ioctls, rtnetlinks and ethtool requests on the user ports no longer propagate down to the driver - we're no longer prepared to handle them. The race condition actually did not exist when commit 0650bf52b31f ("net: dsa: be compatible with masters which unregister on shutdown") first introduced dsa_switch_shutdown(). It was created later, when we stopped unregistering the user interfaces from a bad spot, and we just replaced that sequence with a racy zeroization of conduit->dsa_ptr (one which doesn't ensure that the interfaces aren't up).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when executed against a filesystem with fast-commit feature enabled: INFO: trying to register non-static key. The code is fine but needs lockdep annotation, or maybe you didn't initialize this object before use? turning off the locking correctness validator. CPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x66/0x90 register_lock_class+0x759/0x7d0 __lock_acquire+0x85/0x2630 ? __find_get_block+0xb4/0x380 lock_acquire+0xd1/0x2d0 ? __ext4_journal_get_write_access+0xd5/0x160 _raw_spin_lock+0x33/0x40 ? __ext4_journal_get_write_access+0xd5/0x160 __ext4_journal_get_write_access+0xd5/0x160 ext4_reserve_inode_write+0x61/0xb0 __ext4_mark_inode_dirty+0x79/0x270 ? ext4_ext_replay_set_iblocks+0x2f8/0x450 ext4_ext_replay_set_iblocks+0x330/0x450 ext4_fc_replay+0x14c8/0x1540 ? jread+0x88/0x2e0 ? rcu_is_watching+0x11/0x40 do_one_pass+0x447/0xd00 jbd2_journal_recover+0x139/0x1b0 jbd2_journal_load+0x96/0x390 ext4_load_and_init_journal+0x253/0xd40 ext4_fill_super+0x2cc6/0x3180 ... In the replay path there's an attempt to lock sbi->s_bdev_wb_lock in function ext4_check_bdev_write_error(). Unfortunately, at this point this spinlock has not been initialized yet. Moving it's initialization to an earlier point in __ext4_fill_super() fixes this splat.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tail call between progs attached to different hooks bpf progs can be attached to kernel functions, and the attached functions can take different parameters or return different return values. If prog attached to one kernel function tail calls prog attached to another kernel function, the ctx access or return value verification could be bypassed. For example, if prog1 is attached to func1 which takes only 1 parameter and prog2 is attached to func2 which takes two parameters. Since verifier assumes the bpf ctx passed to prog2 is constructed based on func2's prototype, verifier allows prog2 to access the second parameter from the bpf ctx passed to it. The problem is that verifier does not prevent prog1 from passing its bpf ctx to prog2 via tail call. In this case, the bpf ctx passed to prog2 is constructed from func1 instead of func2, that is, the assumption for ctx access verification is bypassed. Another example, if BPF LSM prog1 is attached to hook file_alloc_security, and BPF LSM prog2 is attached to hook bpf_lsm_audit_rule_known. Verifier knows the return value rules for these two hooks, e.g. it is legal for bpf_lsm_audit_rule_known to return positive number 1, and it is illegal for file_alloc_security to return positive number. So verifier allows prog2 to return positive number 1, but does not allow prog1 to return positive number. The problem is that verifier does not prevent prog1 from calling prog2 via tail call. In this case, prog2's return value 1 will be used as the return value for prog1's hook file_alloc_security. That is, the return value rule is bypassed. This patch adds restriction for tail call to prevent such bypasses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix overloading of MEM_UNINIT's meaning Lonial reported an issue in the BPF verifier where check_mem_size_reg() has the following code: if (!tnum_is_const(reg->var_off)) /* For unprivileged variable accesses, disable raw * mode so that the program is required to * initialize all the memory that the helper could * just partially fill up. */ meta = NULL; This means that writes are not checked when the register containing the size of the passed buffer has not a fixed size. Through this bug, a BPF program can write to a map which is marked as read-only, for example, .rodata global maps. The problem is that MEM_UNINIT's initial meaning that "the passed buffer to the BPF helper does not need to be initialized" which was added back in commit 435faee1aae9 ("bpf, verifier: add ARG_PTR_TO_RAW_STACK type") got overloaded over time with "the passed buffer is being written to". The problem however is that checks such as the above which were added later via 06c1c049721a ("bpf: allow helpers access to variable memory") set meta to NULL in order force the user to always initialize the passed buffer to the helper. Due to the current double meaning of MEM_UNINIT, this bypasses verifier write checks to the memory (not boundary checks though) and only assumes the latter memory is read instead. Fix this by reverting MEM_UNINIT back to its original meaning, and having MEM_WRITE as an annotation to BPF helpers in order to then trigger the BPF verifier checks for writing to memory. Some notes: check_arg_pair_ok() ensures that for ARG_CONST_SIZE{,_OR_ZERO} we can access fn->arg_type[arg - 1] since it must contain a preceding ARG_PTR_TO_MEM. For check_mem_reg() the meta argument can be removed altogether since we do check both BPF_READ and BPF_WRITE. Same for the equivalent check_kfunc_mem_size_reg().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is enabled. However, net_device_ops::ndo_set_vf_mac() may be called before VF is enabled to configure the MAC address of VF. If this is the case, enetc_pf_set_vf_mac() will access vf_state, resulting in access to a null pointer. The simplified error log is as follows. root@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89 [ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 [ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy [ 173.641973] lr : do_setlink+0x4a8/0xec8 [ 173.732292] Call trace: [ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80 [ 173.738847] __rtnl_newlink+0x530/0x89c [ 173.742692] rtnl_newlink+0x50/0x7c [ 173.746189] rtnetlink_rcv_msg+0x128/0x390 [ 173.750298] netlink_rcv_skb+0x60/0x130 [ 173.754145] rtnetlink_rcv+0x18/0x24 [ 173.757731] netlink_unicast+0x318/0x380 [ 173.761665] netlink_sendmsg+0x17c/0x3c8
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules linked in: CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 RIP: 0010:inet_sock_destruct+0x1c5/0x1e0 Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 <0f> 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00 RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206 RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007 RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00 RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007 R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00 R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78 FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? __warn+0x88/0x130 ? inet_sock_destruct+0x1c5/0x1e0 ? report_bug+0x18e/0x1a0 ? handle_bug+0x53/0x90 ? exc_invalid_op+0x18/0x70 ? asm_exc_invalid_op+0x1a/0x20 ? inet_sock_destruct+0x1c5/0x1e0 __sk_destruct+0x2a/0x200 rcu_do_batch+0x1aa/0x530 ? rcu_do_batch+0x13b/0x530 rcu_core+0x159/0x2f0 handle_softirqs+0xd3/0x2b0 ? __pfx_smpboot_thread_fn+0x10/0x10 run_ksoftirqd+0x25/0x30 smpboot_thread_fn+0xdd/0x1d0 kthread+0xd3/0x100 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x34/0x50 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> ---[ end trace 0000000000000000 ]--- Its possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add() concurrently when sk->sk_state == TCP_LISTEN with sk->sk_lock unlocked, which triggers a data-race around sk->sk_forward_alloc: tcp_v6_rcv tcp_v6_do_rcv skb_clone_and_charge_r sk_rmem_schedule __sk_mem_schedule sk_forward_alloc_add() skb_set_owner_r sk_mem_charge sk_forward_alloc_add() __kfree_skb skb_release_all skb_release_head_state sock_rfree sk_mem_uncharge sk_forward_alloc_add() sk_mem_reclaim // set local var reclaimable __sk_mem_reclaim sk_forward_alloc_add() In this syzkaller testcase, two threads call tcp_v6_do_rcv() with skb->truesize=768, the sk_forward_alloc changes like this: (cpu 1) | (cpu 2) | sk_forward_alloc ... | ... | 0 __sk_mem_schedule() | | +4096 = 4096 | __sk_mem_schedule() | +4096 = 8192 sk_mem_charge() | | -768 = 7424 | sk_mem_charge() | -768 = 6656 ... | ... | sk_mem_uncharge() | | +768 = 7424 reclaimable=7424 | | | sk_mem_uncharge() | +768 = 8192 | reclaimable=8192 | __sk_mem_reclaim() | | -4096 = 4096 | __sk_mem_reclaim() | -8192 = -4096 != 0 The skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when sk->sk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock(). Fix the same issue in dccp_v6_do_rcv().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: block: fix uaf for flush rq while iterating tags blk_mq_clear_flush_rq_mapping() is not called during scsi probe, by checking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared in del_gendisk by commit aec89dc5d421 ("block: keep q_usage_counter in atomic mode after del_gendisk"), hence for disk like scsi, following blk_mq_destroy_queue() will not clear flush rq from tags->rqs[] as well, cause following uaf that is found by our syzkaller for v6.6: ================================================================== BUG: KASAN: slab-use-after-free in blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261 Read of size 4 at addr ffff88811c969c20 by task kworker/1:2H/224909 CPU: 1 PID: 224909 Comm: kworker/1:2H Not tainted 6.6.0-ga836a5060850 #32 Workqueue: kblockd blk_mq_timeout_work Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106 print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364 print_report+0x3e/0x70 mm/kasan/report.c:475 kasan_report+0xb8/0xf0 mm/kasan/report.c:588 blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261 bt_iter block/blk-mq-tag.c:288 [inline] __sbitmap_for_each_set include/linux/sbitmap.h:295 [inline] sbitmap_for_each_set include/linux/sbitmap.h:316 [inline] bt_for_each+0x455/0x790 block/blk-mq-tag.c:325 blk_mq_queue_tag_busy_iter+0x320/0x740 block/blk-mq-tag.c:534 blk_mq_timeout_work+0x1a3/0x7b0 block/blk-mq.c:1673 process_one_work+0x7c4/0x1450 kernel/workqueue.c:2631 process_scheduled_works kernel/workqueue.c:2704 [inline] worker_thread+0x804/0xe40 kernel/workqueue.c:2785 kthread+0x346/0x450 kernel/kthread.c:388 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293 Allocated by task 942: kasan_save_stack+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 ____kasan_kmalloc mm/kasan/common.c:374 [inline] __kasan_kmalloc mm/kasan/common.c:383 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380 kasan_kmalloc include/linux/kasan.h:198 [inline] __do_kmalloc_node mm/slab_common.c:1007 [inline] __kmalloc_node+0x69/0x170 mm/slab_common.c:1014 kmalloc_node include/linux/slab.h:620 [inline] kzalloc_node include/linux/slab.h:732 [inline] blk_alloc_flush_queue+0x144/0x2f0 block/blk-flush.c:499 blk_mq_alloc_hctx+0x601/0x940 block/blk-mq.c:3788 blk_mq_alloc_and_init_hctx+0x27f/0x330 block/blk-mq.c:4261 blk_mq_realloc_hw_ctxs+0x488/0x5e0 block/blk-mq.c:4294 blk_mq_init_allocated_queue+0x188/0x860 block/blk-mq.c:4350 blk_mq_init_queue_data block/blk-mq.c:4166 [inline] blk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176 scsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335 scsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189 __scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727 scsi_scan_channel drivers/scsi/scsi_scan.c:1815 [inline] scsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791 scsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844 scsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151 store_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191 dev_attr_store+0x5c/0x90 drivers/base/core.c:2388 sysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136 kernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338 call_write_iter include/linux/fs.h:2083 [inline] new_sync_write+0x1b4/0x2d0 fs/read_write.c:493 vfs_write+0x76c/0xb00 fs/read_write.c:586 ksys_write+0x127/0x250 fs/read_write.c:639 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x78/0xe2 Freed by task 244687: kasan_save_stack+0x22/0x50 mm/kasan/common.c:45 kasan_set_track+0x25/0x30 mm/kasan/common.c:52 kasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522 ____kasan_slab_free mm/kasan/common.c:236 [inline] __kasan_slab_free+0x12a/0x1b0 mm/kasan/common.c:244 kasan_slab_free include/linux/kasan.h:164 [in ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary to set bsg_queue to NULL after removing it to prevent potential use-after-free (UAF) access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release() Fix a use-after-free bug in sg_release(), detected by syzbot with KASAN: BUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30 kernel/locking/lockdep.c:5838 __mutex_unlock_slowpath+0xe2/0x750 kernel/locking/mutex.c:912 sg_release+0x1f4/0x2e0 drivers/scsi/sg.c:407 In sg_release(), the function kref_put(&sfp->f_ref, sg_remove_sfp) is called before releasing the open_rel_lock mutex. The kref_put() call may decrement the reference count of sfp to zero, triggering its cleanup through sg_remove_sfp(). This cleanup includes scheduling deferred work via sg_remove_sfp_usercontext(), which ultimately frees sfp. After kref_put(), sg_release() continues to unlock open_rel_lock and may reference sfp or sdp. If sfp has already been freed, this results in a slab-use-after-free error. Move the kref_put(&sfp->f_ref, sg_remove_sfp) call after unlocking the open_rel_lock mutex. This ensures: - No references to sfp or sdp occur after the reference count is decremented. - Cleanup functions such as sg_remove_sfp() and sg_remove_sfp_usercontext() can safely execute without impacting the mutex handling in sg_release(). The fix has been tested and validated by syzbot. This patch closes the bug reported at the following syzkaller link and ensures proper sequencing of resource cleanup and mutex operations, eliminating the risk of use-after-free errors in sg_release().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6_select_path under high next hop churn Soft lockups have been observed on a cluster of Linux-based edge routers located in a highly dynamic environment. Using the `bird` service, these routers continuously update BGP-advertised routes due to frequently changing nexthop destinations, while also managing significant IPv6 traffic. The lockups occur during the traversal of the multipath circular linked-list in the `fib6_select_path` function, particularly while iterating through the siblings in the list. The issue typically arises when the nodes of the linked list are unexpectedly deleted concurrently on a different core—indicated by their 'next' and 'previous' elements pointing back to the node itself and their reference count dropping to zero. This results in an infinite loop, leading to a soft lockup that triggers a system panic via the watchdog timer. Apply RCU primitives in the problematic code sections to resolve the issue. Where necessary, update the references to fib6_siblings to annotate or use the RCU APIs. Include a test script that reproduces the issue. The script periodically updates the routing table while generating a heavy load of outgoing IPv6 traffic through multiple iperf3 clients. It consistently induces infinite soft lockups within a couple of minutes. Kernel log: 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d -- <IRQ stack> -- 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb [exception RIP: fib6_select_path+299] RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287 RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000 RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618 RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200 R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830 R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007 ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c 10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c 11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5 12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47 13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0 14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274 15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474 16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615 17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec 18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3 19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9 20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice] 21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice] 22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice] 23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000 24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581 25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9 26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47 27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30 28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f 29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64 30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data") moved the assignment of tx_skbuff_dma[]'s members to be later in stmmac_tso_xmit(). The buf (dma cookie) and len stored in this structure are passed to dma_unmap_single() by stmmac_tx_clean(). The DMA API requires that the dma cookie passed to dma_unmap_single() is the same as the value returned from dma_map_single(). However, by moving the assignment later, this is not the case when priv->dma_cap.addr64 > 32 as "des" is offset by proto_hdr_len. This causes problems such as: dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed and with DMA_API_DEBUG enabled: DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes] Fix this by maintaining "des" as the original DMA cookie, and use tso_des to pass the offset DMA cookie to stmmac_tso_allocator(). Full details of the crashes can be found at: https://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/ https://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values (15 and 11) from vsnprintf("%*pbl ", ...) test:keyward is WARNING in kvasprintf WARNING: CPU: 55 PID: 1168477 at lib/kasprintf.c:30 kvasprintf+0x121/0x130 Call Trace: kvasprintf+0x121/0x130 kasprintf+0xa6/0xe0 bitmap_print_to_buf+0x89/0x100 core_siblings_list_read+0x7e/0xb0 kernfs_file_read_iter+0x15b/0x270 new_sync_read+0x153/0x260 vfs_read+0x215/0x290 ksys_read+0xb9/0x160 do_syscall_64+0x56/0x100 entry_SYSCALL_64_after_hwframe+0x78/0xe2 The call trace shows that kvasprintf() reported this warning during the printing of core_siblings_list. kvasprintf() has several steps: (1) First, calculate the length of the resulting formatted string. (2) Allocate a buffer based on the returned length. (3) Then, perform the actual string formatting. (4) Check whether the lengths of the formatted strings returned in steps (1) and (2) are consistent. If the core_cpumask is modified between steps (1) and (3), the lengths obtained in these two steps may not match. Indeed our test includes cpu hotplugging, which should modify core_cpumask while printing. To fix this issue, cache the cpumask into a temporary variable before calling cpumap_print_{list, cpumask}_to_buf(), to keep it unchanged during the printing process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() method that may fail for various reasons. The legacy users of exportfs_encode_fh(), namely, nfsd and name_to_handle_at(2) syscall are ready to cope with the possibility of failure to encode a file handle. There are a few other users of exportfs_encode_{fh,fid}() that currently have a WARN_ON() assertion when ->encode_fh() fails. Relax those assertions because they are wrong. The second linked bug report states commit 16aac5ad1fa9 ("ovl: support encoding non-decodable file handles") in v6.6 as the regressing commit, but this is not accurate. The aforementioned commit only increases the chances of the assertion and allows triggering the assertion with the reproducer using overlayfs, inotify and drop_caches. Triggering this assertion was always possible with other filesystems and other reasons of ->encode_fh() failures and more particularly, it was also possible with the exact same reproducer using overlayfs that is mounted with options index=on,nfs_export=on also on kernels < v6.6. Therefore, I am not listing the aforementioned commit as a Fixes commit. Backport hint: this patch will have a trivial conflict applying to v6.6.y, and other trivial conflicts applying to stable kernels < v6.6.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: rdma/cxgb4: Prevent potential integer overflow on 32bit The "gl->tot_len" variable is controlled by the user. It comes from process_responses(). On 32bit systems, the "gl->tot_len + sizeof(struct cpl_pass_accept_req) + sizeof(struct rss_header)" addition could have an integer wrapping bug. Use size_add() to prevent this.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered. watchdog: BUG: soft lockup - CPU#2 stuck for 23s! [VM Thread:1503066] CPU: 2 PID: 1503066 Comm: VM Thread Kdump: loaded Tainted: G Hardware name: Huawei Cloud OpenStack Nova, BIOS RIP: 0010:console_unlock+0x343/0x540 RSP: 0000:ffffb751447db9a0 EFLAGS: 00000247 ORIG_RAX: ffffffffffffff13 RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000ffffffff RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000247 RBP: ffffffffafc71f90 R08: 0000000000000000 R09: 0000000000000040 R10: 0000000000000080 R11: 0000000000000000 R12: ffffffffafc74bd0 R13: ffffffffaf60a220 R14: 0000000000000247 R15: 0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f2fe6ad91f0 CR3: 00000004b2076003 CR4: 0000000000360ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: vprintk_emit+0x193/0x280 printk+0x52/0x6e dump_task+0x114/0x130 mem_cgroup_scan_tasks+0x76/0x100 dump_header+0x1fe/0x210 oom_kill_process+0xd1/0x100 out_of_memory+0x125/0x570 mem_cgroup_out_of_memory+0xb5/0xd0 try_charge+0x720/0x770 mem_cgroup_try_charge+0x86/0x180 mem_cgroup_try_charge_delay+0x1c/0x40 do_anonymous_page+0xb5/0x390 handle_mm_fault+0xc4/0x1f0 This is because thousands of processes are in the OOM cgroup, it takes a long time to traverse all of them. As a result, this lead to soft lockup in the OOM process. To fix this issue, call 'cond_resched' in the 'mem_cgroup_scan_tasks' function per 1000 iterations. For global OOM, call 'touch_softlockup_watchdog' per 1000 iterations to avoid this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing a consistent use-after-free in sys_exit() from gpsd when rebooting: pps pps1: removed ------------[ cut here ]------------ kobject: '(null)' (00000000db4bec24): is not initialized, yet kobject_put() is being called. WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150 CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1 Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT) pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : kobject_put+0x120/0x150 lr : kobject_put+0x120/0x150 sp : ffffffc0803d3ae0 x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001 x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440 x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600 x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000 x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20 x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000 x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000 x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000 Call trace: kobject_put+0x120/0x150 cdev_put+0x20/0x3c __fput+0x2c4/0x2d8 ____fput+0x1c/0x38 task_work_run+0x70/0xfc do_exit+0x2a0/0x924 do_group_exit+0x34/0x90 get_signal+0x7fc/0x8c0 do_signal+0x128/0x13b4 do_notify_resume+0xdc/0x160 el0_svc+0xd4/0xf8 el0t_64_sync_handler+0x140/0x14c el0t_64_sync+0x190/0x194 ---[ end trace 0000000000000000 ]--- ...followed by more symptoms of corruption, with similar stacks: refcount_t: underflow; use-after-free. kernel BUG at lib/list_debug.c:62! Kernel panic - not syncing: Oops - BUG: Fatal exception This happens because pps_device_destruct() frees the pps_device with the embedded cdev immediately after calling cdev_del(), but, as the comment above cdev_del() notes, fops for previously opened cdevs are still callable even after cdev_del() returns. I think this bug has always been there: I can't explain why it suddenly started happening every time I reboot this particular board. In commit d953e0e837e6 ("pps: Fix a use-after free bug when unregistering a source."), George Spelvin suggested removing the embedded cdev. That seems like the simplest way to fix this, so I've implemented his suggestion, using __register_chrdev() with pps_idr becoming the source of truth for which minor corresponds to which device. But now that pps_idr defines userspace visibility instead of cdev_add(), we need to be sure the pps->dev refcount can't reach zero while userspace can still find it again. So, the idr_remove() call moves to pps_unregister_cdev(), and pps_idr now holds a reference to pps->dev. pps_core: source serial1 got cdev (251:1) <...> pps pps1: removed pps_core: unregistering pps1 pps_core: deallocating pps1
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check for adev == NULL Not all devices have an ACPI companion fwnode, so adev might be NULL. This can e.g. (theoretically) happen when a user manually binds one of the int3472 drivers to another i2c/platform device through sysfs. Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: safesetid: check size of policy writes syzbot attempts to write a buffer with a large size to a sysfs entry with writes handled by handle_policy_update(), triggering a warning in kmalloc. Check the size specified for write buffers before allocating. [PM: subject tweak]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: Add NULL check in mt_input_configured devm_kasprintf() can return a NULL pointer on failure,but this returned value in mt_input_configured() is not checked. Add NULL check in mt_input_configured(), to handle kernel NULL pointer dereference error.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Fix ida_free call while not allocated In the rproc_alloc() function, on error, put_device(&rproc->dev) is called, leading to the call of the rproc_type_release() function. An error can occurs before ida_alloc is called. In such case in rproc_type_release(), the condition (rproc->index >= 0) is true as rproc->index has been initialized to 0. ida_free() is called reporting a warning: [ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164 [ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0 [ 4.188854] ida_free called for id=0 which is not allocated. [ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000 [ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+) [ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442 [ 4.231481] Hardware name: STM32 (Device Tree Support) [ 4.236627] Workqueue: events_unbound deferred_probe_work_func [ 4.242504] Call trace: [ 4.242522] unwind_backtrace from show_stack+0x10/0x14 [ 4.250218] show_stack from dump_stack_lvl+0x50/0x64 [ 4.255274] dump_stack_lvl from __warn+0x80/0x12c [ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188 [ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164 [ 4.270565] ida_free from rproc_type_release+0x38/0x60 [ 4.275832] rproc_type_release from device_release+0x30/0xa0 [ 4.281601] device_release from kobject_put+0xc4/0x294 [ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c [ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4 [ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc] [ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc Calling ida_alloc earlier in rproc_alloc ensures that the rproc->index is properly set.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ubifs: skip dumping tnc tree when zroot is null Clearing slab cache will free all znode in memory and make c->zroot.znode = NULL, then dumping tnc tree will access c->zroot.znode which cause null pointer dereference.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARN_ON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all links in the debugfs write directly.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop active perfmon if it is being destroyed If the active performance monitor (`v3d->active_perfmon`) is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction, leaving the `v3d->active_perfmon` pointer stale. This can lead to undefined behavior and instability. This patch ensures that the active perfmon is stopped before being destroyed, aligning with the behavior introduced in commit 7d1fd3638ee3 ("drm/v3d: Stop the active perfmon before being destroyed").
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it Wakeup for IRQ1 should be disabled only in cases where i8042 had actually enabled it, otherwise "wake_depth" for this IRQ will try to drop below zero and there will be an unpleasant WARN() logged: kernel: atkbd serio0: Disabling IRQ1 wakeup source to avoid platform firmware bug kernel: ------------[ cut here ]------------ kernel: Unbalanced IRQ 1 wake disable kernel: WARNING: CPU: 10 PID: 6431 at kernel/irq/manage.c:920 irq_set_irq_wake+0x147/0x1a0 The PMC driver uses DEFINE_SIMPLE_DEV_PM_OPS() to define its dev_pm_ops which sets amd_pmc_suspend_handler() to the .suspend, .freeze, and .poweroff handlers. i8042_pm_suspend(), however, is only set as the .suspend handler. Fix the issue by call PMC suspend handler only from the same set of dev_pm_ops handlers as i8042_pm_suspend(), which currently means just the .suspend handler. To reproduce this issue try hibernating (S4) the machine after a fresh boot without putting it into s2idle first. [ij: edited the commit message.]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INT_MAX Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. See: 0708a0afe291 ("mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls") Note: hashtable resize is only possible from init_netns.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, but when dropping the reference to the io_ev_fd, it calls io_eventfd_free() directly if the refcount drops to zero. This isn't correct, as any potential freeing of the io_ev_fd should be deferred another RCU grace period. Just call io_eventfd_put() rather than open-code the dec-and-test and free, which will correctly defer it another RCU grace period.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle page_pool_dev_alloc_pages error The fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did not handle the case when it returned NULL. There was a WARN_ON(!new_page) but it would still proceed to use the NULL pointer and then crash. This case does seem somewhat rare but when the system is under memory pressure it can happen. One case where I can duplicate this with some frequency is when writing over a smbd share to a SATA HDD attached to an imx6q. Setting /proc/sys/vm/min_free_kbytes to higher values also seems to solve the problem for my test case. But it still seems wrong that the fec driver ignores the memory allocation error and can crash. This commit handles the allocation error by dropping the current packet.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp # ip li set dev eth0 xdp off # ethtool -k eth0 | grep gro rx-gro-hw: off [requested on] After: # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp # ip li set dev eth0 xdp off # ethtool -k eth0 | grep gro rx-gro-hw: on The fact that HW-GRO doesn't get re-enabled automatically is just a minor annoyance. The real issue is that the features will randomly come back during another reconfiguration which just happens to invoke netdev_update_features(). The driver doesn't handle reconfiguring two things at a time very robustly. Starting with commit 98ba1d931f61 ("bnxt_en: Fix RSS logic in __bnxt_reserve_rings()") we only reconfigure the RSS hash table if the "effective" number of Rx rings has changed. If HW-GRO is enabled "effective" number of rings is 2x what user sees. So if we are in the bad state, with HW-GRO re-enablement "pending" after XDP off, and we lower the rings by / 2 - the HW-GRO rings doing 2x and the ethtool -L doing / 2 may cancel each other out, and the: if (old_rx_rings != bp->hw_resc.resv_rx_rings && condition in __bnxt_reserve_rings() will be false. The RSS map won't get updated, and we'll crash with: BUG: kernel NULL pointer dereference, address: 0000000000000168 RIP: 0010:__bnxt_hwrm_vnic_set_rss+0x13a/0x1a0 bnxt_hwrm_vnic_rss_cfg_p5+0x47/0x180 __bnxt_setup_vnic_p5+0x58/0x110 bnxt_init_nic+0xb72/0xf50 __bnxt_open_nic+0x40d/0xab0 bnxt_open_nic+0x2b/0x60 ethtool_set_channels+0x18c/0x1d0 As we try to access a freed ring. The issue is present since XDP support was added, really, but prior to commit 98ba1d931f61 ("bnxt_en: Fix RSS logic in __bnxt_reserve_rings()") it wasn't causing major issues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifo_tail_enqueue() enqueue new packet and increase scheduler's qlen by one. Finally, pfifo_tail_enqueue() return `NET_XMIT_CN` status code. Weird behaviour: In case we set `sch->limit == 0` and trigger pfifo_tail_enqueue() on a scheduler that has no packet, the 'drop a packet' step will do nothing. This means the scheduler's qlen still has value equal 0. Then, we continue to enqueue new packet and increase scheduler's qlen by one. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by one and return `NET_XMIT_CN` status code. The problem is: Let's say we have two qdiscs: Qdisc_A and Qdisc_B. - Qdisc_A's type must have '->graft()' function to create parent/child relationship. Let's say Qdisc_A's type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`. - Qdisc_B's type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`. - Qdisc_B is configured to have `sch->limit == 0`. - Qdisc_A is configured to route the enqueued's packet to Qdisc_B. Enqueue packet through Qdisc_A will lead to: - hfsc_enqueue(Qdisc_A) -> pfifo_tail_enqueue(Qdisc_B) - Qdisc_B->q.qlen += 1 - pfifo_tail_enqueue() return `NET_XMIT_CN` - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` => hfsc_enqueue() don't increase qlen of Qdisc_A. The whole process lead to a situation where Qdisc_A->q.qlen == 0 and Qdisc_B->q.qlen == 1. Replace 'hfsc' with other type (for example: 'drr') still lead to the same problem. This violate the design where parent's qlen should equal to the sum of its childrens'qlen. Bug impact: This issue can be used for user->kernel privilege escalation when it is reachable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: handle fastopen disconnect correctly Syzbot was able to trigger a data stream corruption: WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024 Modules linked in: CPU: 0 UID: 0 PID: 9846 Comm: syz-executor351 Not tainted 6.13.0-rc2-syzkaller-00059-g00a5acdbf398 #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024 RIP: 0010:__mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024 Code: fa ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 8e fa ff ff 48 8b 7c 24 18 e8 e0 db 54 f6 e9 7f fa ff ff e8 e6 80 ee f5 90 <0f> 0b 90 4c 8b 6c 24 40 4d 89 f4 e9 04 f5 ff ff 44 89 f1 80 e1 07 RSP: 0018:ffffc9000c0cf400 EFLAGS: 00010293 RAX: ffffffff8bb0dd5a RBX: ffff888033f5d230 RCX: ffff888059ce8000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc9000c0cf518 R08: ffffffff8bb0d1dd R09: 1ffff110170c8928 R10: dffffc0000000000 R11: ffffed10170c8929 R12: 0000000000000000 R13: ffff888033f5d220 R14: dffffc0000000000 R15: ffff8880592b8000 FS: 00007f6e866496c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f6e86f491a0 CR3: 00000000310e6000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> __mptcp_clean_una_wakeup+0x7f/0x2d0 net/mptcp/protocol.c:1074 mptcp_release_cb+0x7cb/0xb30 net/mptcp/protocol.c:3493 release_sock+0x1aa/0x1f0 net/core/sock.c:3640 inet_wait_for_connect net/ipv4/af_inet.c:609 [inline] __inet_stream_connect+0x8bd/0xf30 net/ipv4/af_inet.c:703 mptcp_sendmsg_fastopen+0x2a2/0x530 net/mptcp/protocol.c:1755 mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1830 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x1a6/0x270 net/socket.c:726 ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583 ___sys_sendmsg net/socket.c:2637 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2669 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f6e86ebfe69 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f6e86649168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f6e86f491b8 RCX: 00007f6e86ebfe69 RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003 RBP: 00007f6e86f491b0 R08: 00007f6e866496c0 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e86f491bc R13: 000000000000006e R14: 00007ffe445d9420 R15: 00007ffe445d9508 </TASK> The root cause is the bad handling of disconnect() generated internally by the MPTCP protocol in case of connect FASTOPEN errors. Address the issue increasing the socket disconnect counter even on such a case, to allow other threads waiting on the same socket lock to properly error out.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: only set fullmesh for subflow endp With the in-kernel path-manager, it is possible to change the 'fullmesh' flag. The code in mptcp_pm_nl_fullmesh() expects to change it only on 'subflow' endpoints, to recreate more or less subflows using the linked address. Unfortunately, the set_flags() hook was a bit more permissive, and allowed 'implicit' endpoints to get the 'fullmesh' flag while it is not allowed before. That's what syzbot found, triggering the following warning: WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline] WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline] WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline] WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064 Modules linked in: CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline] RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline] RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline] RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064 Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 <0f> 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48 RSP: 0018:ffffc9000d307240 EFLAGS: 00010293 RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0 R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline] genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347 netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:726 ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583 ___sys_sendmsg net/socket.c:2637 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2669 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f5fe8785d29 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29 RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007 RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000 ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: consolidate suboption status MPTCP maintains the received sub-options status is the bitmask carrying the received suboptions and in several bitfields carrying per suboption additional info. Zeroing the bitmask before parsing is not enough to ensure a consistent status, and the MPTCP code has to additionally clear some bitfiled depending on the actually parsed suboption. The above schema is fragile, and syzbot managed to trigger a path where a relevant bitfield is not cleared/initialized: BUG: KMSAN: uninit-value in __mptcp_expand_seq net/mptcp/options.c:1030 [inline] BUG: KMSAN: uninit-value in mptcp_expand_seq net/mptcp/protocol.h:864 [inline] BUG: KMSAN: uninit-value in ack_update_msk net/mptcp/options.c:1060 [inline] BUG: KMSAN: uninit-value in mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209 __mptcp_expand_seq net/mptcp/options.c:1030 [inline] mptcp_expand_seq net/mptcp/protocol.h:864 [inline] ack_update_msk net/mptcp/options.c:1060 [inline] mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209 tcp_data_queue+0xb4/0x7be0 net/ipv4/tcp_input.c:5233 tcp_rcv_established+0x1061/0x2510 net/ipv4/tcp_input.c:6264 tcp_v4_do_rcv+0x7f3/0x11a0 net/ipv4/tcp_ipv4.c:1916 tcp_v4_rcv+0x51df/0x5750 net/ipv4/tcp_ipv4.c:2351 ip_protocol_deliver_rcu+0x2a3/0x13d0 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233 NF_HOOK include/linux/netfilter.h:314 [inline] ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254 dst_input include/net/dst.h:460 [inline] ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447 NF_HOOK include/linux/netfilter.h:314 [inline] ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567 __netif_receive_skb_one_core net/core/dev.c:5704 [inline] __netif_receive_skb+0x319/0xa00 net/core/dev.c:5817 process_backlog+0x4ad/0xa50 net/core/dev.c:6149 __napi_poll+0xe7/0x980 net/core/dev.c:6902 napi_poll net/core/dev.c:6971 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:7093 handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561 __do_softirq+0x14/0x1a kernel/softirq.c:595 do_softirq+0x9a/0x100 kernel/softirq.c:462 __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389 local_bh_enable include/linux/bottom_half.h:33 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline] __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4493 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1468 tcp_transmit_skb net/ipv4/tcp_output.c:1486 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2829 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3012 tcp_send_fin+0x9f6/0xf50 net/ipv4/tcp_output.c:3618 __tcp_close+0x140c/0x1550 net/ipv4/tcp.c:3130 __mptcp_close_ssk+0x74e/0x16f0 net/mptcp/protocol.c:2496 mptcp_close_ssk+0x26b/0x2c0 net/mptcp/protocol.c:2550 mptcp_pm_nl_rm_addr_or_subflow+0x635/0xd10 net/mptcp/pm_netlink.c:889 mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:924 [inline] mptcp_pm_flush_addrs_and_subflows net/mptcp/pm_netlink.c:1688 [inline] mptcp_nl_flush_addrs_list net/mptcp/pm_netlink.c:1709 [inline] mptcp_pm_nl_flush_addrs_doit+0xe10/0x1630 net/mptcp/pm_netlink.c:1750 genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline] ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174 Read of size 2 at addr ffff88802f09b82a by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: <IRQ> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0x169/0x550 mm/kasan/report.c:489 kasan_report+0x143/0x180 mm/kasan/report.c:602 rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174 call_timer_fn+0x187/0x650 kernel/time/timer.c:1793 expire_timers kernel/time/timer.c:1844 [inline] __run_timers kernel/time/timer.c:2418 [inline] __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430 run_timer_base kernel/time/timer.c:2439 [inline] run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449 handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561 __do_softirq kernel/softirq.c:595 [inline] invoke_softirq kernel/softirq.c:435 [inline] __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049 </IRQ>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nbd: don't allow reconnect after disconnect Following process can cause nbd_config UAF: 1) grab nbd_config temporarily; 2) nbd_genl_disconnect() flush all recv_work() and release the initial reference: nbd_genl_disconnect nbd_disconnect_and_put nbd_disconnect flush_workqueue(nbd->recv_workq) if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...)) nbd_config_put -> due to step 1), reference is still not zero 3) nbd_genl_reconfigure() queue recv_work() again; nbd_genl_reconfigure config = nbd_get_config_unlocked(nbd) if (!config) -> succeed if (!test_bit(NBD_RT_BOUND, ...)) -> succeed nbd_reconnect_socket queue_work(nbd->recv_workq, &args->work) 4) step 1) release the reference; 5) Finially, recv_work() will trigger UAF: recv_work nbd_config_put(nbd) -> nbd_config is freed atomic_dec(&config->recv_threads) -> UAF Fix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so that nbd_genl_reconfigure() will fail.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exit(), so causes the class's subsystem refcount leakage. Fix by ending the iterating with class_dev_iter_exit().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndisc_send_skb() ndisc_send_skb() can be called without RTNL or RCU held. Acquire rcu_read_lock() earlier, so that we can use dev_net_rcu() and avoid a potential UAF.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4_shutdown_callback If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped. This patch modifies nfsd4_run_cb_work to skip the RPC call if nfs4_client is in courtesy state.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the released posix_acl, which will trigger a WARNING in nfs3svc_release_getacl like this: ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 26 PID: 3199 at lib/refcount.c:28 refcount_warn_saturate+0xb5/0x170 Modules linked in: CPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted 6.12.0-rc6-00079-g04ae226af01f-dirty #8 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 RIP: 0010:refcount_warn_saturate+0xb5/0x170 Code: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75 e4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff <0f> 0b eb cd 0f b6 1d 8a3 RSP: 0018:ffffc90008637cd8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380 RBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56 R10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001 R13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0 FS: 0000000000000000(0000) GS:ffff88871ed00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? refcount_warn_saturate+0xb5/0x170 ? __warn+0xa5/0x140 ? refcount_warn_saturate+0xb5/0x170 ? report_bug+0x1b1/0x1e0 ? handle_bug+0x53/0xa0 ? exc_invalid_op+0x17/0x40 ? asm_exc_invalid_op+0x1a/0x20 ? tick_nohz_tick_stopped+0x1e/0x40 ? refcount_warn_saturate+0xb5/0x170 ? refcount_warn_saturate+0xb5/0x170 nfs3svc_release_getacl+0xc9/0xe0 svc_process_common+0x5db/0xb60 ? __pfx_svc_process_common+0x10/0x10 ? __rcu_read_unlock+0x69/0xa0 ? __pfx_nfsd_dispatch+0x10/0x10 ? svc_xprt_received+0xa1/0x120 ? xdr_init_decode+0x11d/0x190 svc_process+0x2a7/0x330 svc_handle_xprt+0x69d/0x940 svc_recv+0x180/0x2d0 nfsd+0x168/0x200 ? __pfx_nfsd+0x10/0x10 kthread+0x1a2/0x1e0 ? kthread+0xf4/0x1e0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x34/0x60 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> Kernel panic - not syncing: kernel: panic_on_warn set ... Clear acl_access/acl_default after posix_acl_release is called to prevent UAF from being triggered.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each ae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at the time, because it removes all the ae_dev nodes, and it may cause oops. But we can't simply use hnae3_common_lock for this. Because in the process flow of pci_disable_sriov(), it will trigger the remove flow of VF, which will also take hnae3_common_lock. To fixes it, introduce a new mutex to protect the unload process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ptp: Ensure info->enable callback is always set The ioctl and sysfs handlers unconditionally call the ->enable callback. Not all drivers implement that callback, leading to NULL dereferences. Example of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c. Instead use a dummy callback if no better was specified by the driver.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In [1] it was reported that the acct(2) system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when pointing acc(2) to /sys/power/resume. At the point the where the write to this file happens the calling task has already exited and called exit_fs(). A lookup will thus trigger a NULL-deref when accessing current->fs. Reorganize the code so that the the final write happens from the workqueue but with the caller's credentials. This preserves the (strange) permission model and has almost no regression risk. This api should stop to exist though.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freeze_mutex during mmap operation We use map->freeze_mutex to prevent races between map_freeze() and memory mapping BPF map contents with writable permissions. The way we naively do this means we'll hold freeze_mutex for entire duration of all the mm and VMA manipulations, which is completely unnecessary. This can potentially also lead to deadlocks, as reported by syzbot in [0]. So, instead, hold freeze_mutex only during writeability checks, bump (proactively) "write active" count for the map, unlock the mutex and proceed with mmap logic. And only if something went wrong during mmap logic, then undo that "write active" counter increment. [0] https://lore.kernel.org/bpf/678dcbc9.050a0220.303755.0066.GAE@google.com/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() If migration succeeded, we called folio_migrate_flags()->mem_cgroup_migrate() to migrate the memcg from the old to the new folio. This will set memcg_data of the old folio to 0. Similarly, if migration failed, memcg_data of the dst folio is left unset. If we call folio_putback_lru() on such folios (memcg_data == 0), we will add the folio to be freed to the LRU, making memcg code unhappy. Running the hmm selftests: # ./hmm-tests ... # RUN hmm.hmm_device_private.migrate ... [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00 [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff) [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9 [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000 [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg && !mem_cgroup_disabled()) [ 102.087230][T14893] ------------[ cut here ]------------ [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170 [ 102.090478][T14893] Modules linked in: [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151 [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170 [ 102.096104][T14893] Code: ... [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293 [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426 [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880 [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8 [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000 [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000 [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0 [ 102.113478][T14893] PKRU: 55555554 [ 102.114172][T14893] Call Trace: [ 102.114805][T14893] <TASK> [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170 [ 102.116547][T14893] ? __warn.cold+0x110/0x210 [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170 [ 102.118667][T14893] ? report_bug+0x1b9/0x320 [ 102.119571][T14893] ? handle_bug+0x54/0x90 [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50 [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20 [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0 [ 102.123506][T14893] ? dump_page+0x4f/0x60 [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170 [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200 [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10 [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720 [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10 [ 102.129550][T14893] folio_putback_lru+0x16/0x80 [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530 [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0 [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80 Likely, nothing else goes wrong: putting the last folio reference will remove the folio from the LRU again. So besides memcg complaining, adding the folio to be freed to the LRU is just an unnecessary step. The new flow resembles what we have in migrate_folio_move(): add the dst to the lru, rem ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6_tunnel_net_exit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the pair of netns The xfrm_state found on spi_byaddr was not deleted at the time we delete the netns, because we still have a reference on it. This lingering reference comes from a secpath (which holds a ref on the xfrm_state), which is still attached to an skb. This skb is not leaked, it ends up on sk_receive_queue and then gets defer-free'd by skb_attempt_defer_free. The problem happens when we defer freeing an skb (push it on one CPU's defer_list), and don't flush that list before the netns is deleted. In that case, we still have a reference on the xfrm_state that we don't expect at this point. We already drop the skb's dst in the TCP receive path when it's no longer needed, so let's also drop the secpath. At this point, tcp_filter has already called into the LSM hooks that may require the secpath, so it should not be needed anymore. However, in some of those places, the MPTCP extension has just been attached to the skb, so we cannot simply drop all extensions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() KMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The cause of the issue was that eth_skb_pkt_type() accessed skb's data that didn't contain an Ethernet header. This occurs when bpf_prog_test_run_xdp() passes an invalid value as the user_data argument to bpf_test_init(). Fix this by returning an error when user_data is less than ETH_HLEN in bpf_test_init(). Additionally, remove the check for "if (user_size > size)" as it is unnecessary. [1] BUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline] BUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165 eth_skb_pkt_type include/linux/etherdevice.h:627 [inline] eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165 __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635 xdp_recv_frames net/bpf/test_run.c:272 [inline] xdp_test_run_batch net/bpf/test_run.c:361 [inline] bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390 bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318 bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371 __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777 __do_sys_bpf kernel/bpf/syscall.c:5866 [inline] __se_sys_bpf kernel/bpf/syscall.c:5864 [inline] __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864 x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: free_pages_prepare mm/page_alloc.c:1056 [inline] free_unref_page+0x156/0x1320 mm/page_alloc.c:2657 __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838 bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline] ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235 bpf_map_free kernel/bpf/syscall.c:838 [inline] bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862 process_one_work kernel/workqueue.c:3229 [inline] process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310 worker_thread+0xedf/0x1550 kernel/workqueue.c:3391 kthread+0x535/0x6b0 kernel/kthread.c:389 ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 CPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline] WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline] WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788 Modules linked in: CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0 Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline] RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline] RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788 Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 <0f> 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283 RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000 RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408 RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000 R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0 R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00 FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59 mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486 mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline] mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629 genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline] genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline] netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348 netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892 sock_sendmsg_nosec net/socket.c:718 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:733 ____sys_sendmsg+0x53a/0x860 net/socket.c:2573 ___sys_sendmsg net/socket.c:2627 [inline] __sys_sendmsg+0x269/0x350 net/socket.c:2659 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f7e9998cde9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9 RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007 RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088 Indeed the PM can try to send a RM_ADDR over a msk without acquiring first the msk socket lock. The bugged code-path comes from an early optimization: when there are no subflows, the PM should (usually) not send RM_ADDR notifications. The above statement is incorrect, as without locks another process could concur ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up The issue was caused by dput(upper) being called before ovl_dentry_update_reval(), while upper->d_flags was still accessed in ovl_dentry_remote(). Move dput(upper) after its last use to prevent use-after-free. BUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline] BUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114 print_address_description mm/kasan/report.c:377 [inline] print_report+0xc3/0x620 mm/kasan/report.c:488 kasan_report+0xd9/0x110 mm/kasan/report.c:601 ovl_dentry_remote fs/overlayfs/util.c:162 [inline] ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167 ovl_link_up fs/overlayfs/copy_up.c:610 [inline] ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170 ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223 ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136 vfs_rename+0xf84/0x20a0 fs/namei.c:4893 ... </TASK>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() Xen doesn't offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results in the following warning: unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0) Call Trace: xen_read_msr+0x1e/0x30 amd_get_mmconfig_range+0x2b/0x80 quirk_amd_mmconfig_area+0x28/0x100 pnp_fixup_device+0x39/0x50 __pnp_add_device+0xf/0x150 pnp_add_device+0x3d/0x100 pnpacpi_add_device_handler+0x1f9/0x280 acpi_ns_get_device_callback+0x104/0x1c0 acpi_ns_walk_namespace+0x1d0/0x260 acpi_get_devices+0x8a/0xb0 pnpacpi_init+0x50/0x80 do_one_initcall+0x46/0x2e0 kernel_init_freeable+0x1da/0x2f0 kernel_init+0x16/0x1b0 ret_from_fork+0x30/0x50 ret_from_fork_asm+0x1b/0x30 based on quirks for a "PNP0c01" device. Treating MMCFG as disabled is the right course of action, so no change is needed there. This was most likely exposed by fixing the Xen MSR accessors to not be silently-safe.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list child_cfs_rq_on_list attempts to convert a 'prev' pointer to a cfs_rq. This 'prev' pointer can originate from struct rq's leaf_cfs_rq_list, making the conversion invalid and potentially leading to memory corruption. Depending on the relative positions of leaf_cfs_rq_list and the task group (tg) pointer within the struct, this can cause a memory fault or access garbage data. The issue arises in list_add_leaf_cfs_rq, where both cfs_rq->leaf_cfs_rq_list and rq->leaf_cfs_rq_list are added to the same leaf list. Also, rq->tmp_alone_branch can be set to rq->leaf_cfs_rq_list. This adds a check `if (prev == &rq->leaf_cfs_rq_list)` after the main conditional in child_cfs_rq_on_list. This ensures that the container_of operation will convert a correct cfs_rq struct. This check is sufficient because only cfs_rqs on the same CPU are added to the list, so verifying the 'prev' pointer against the current rq's list head is enough. Fixes a potential memory corruption issue that due to current struct layout might not be manifesting as a crash but could lead to unpredictable behavior when the layout changes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: llc: do not use skb_get() before dev_queue_xmit() syzbot is able to crash hosts [1], using llc and devices not supporting IFF_TX_SKB_SHARING. In this case, e1000 driver calls eth_skb_pad(), while the skb is shared. Simply replace skb_get() by skb_clone() in net/llc/llc_s_ac.c Note that e1000 driver might have an issue with pktgen, because it does not clear IFF_TX_SKB_SHARING, this is an orthogonal change. We need to audit other skb_get() uses in net/llc. [1] kernel BUG at net/core/skbuff.c:2178 ! Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI CPU: 0 UID: 0 PID: 16371 Comm: syz.2.2764 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:pskb_expand_head+0x6ce/0x1240 net/core/skbuff.c:2178 Call Trace: <TASK> __skb_pad+0x18a/0x610 net/core/skbuff.c:2466 __skb_put_padto include/linux/skbuff.h:3843 [inline] skb_put_padto include/linux/skbuff.h:3862 [inline] eth_skb_pad include/linux/etherdevice.h:656 [inline] e1000_xmit_frame+0x2d99/0x5800 drivers/net/ethernet/intel/e1000/e1000_main.c:3128 __netdev_start_xmit include/linux/netdevice.h:5151 [inline] netdev_start_xmit include/linux/netdevice.h:5160 [inline] xmit_one net/core/dev.c:3806 [inline] dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3822 sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343 __dev_xmit_skb net/core/dev.c:4045 [inline] __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4621 dev_queue_xmit include/linux/netdevice.h:3313 [inline] llc_sap_action_send_test_c+0x268/0x320 net/llc/llc_s_ac.c:144 llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline] llc_sap_next_state net/llc/llc_sap.c:182 [inline] llc_sap_state_process+0x239/0x510 net/llc/llc_sap.c:209 llc_ui_sendmsg+0xd0d/0x14e0 net/llc/af_llc.c:993 sock_sendmsg_nosec net/socket.c:718 [inline]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment In __udp_gso_segment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the following bug: kernel BUG at ./include/linux/skbuff.h:3312! (skb_orphan) RIP: 0010:ip_rcv_core+0x8b2/0xca0 Call Trace: ip_rcv+0xab/0x6e0 __netif_receive_skb_one_core+0x168/0x1b0 process_backlog+0x384/0x1100 __napi_poll.constprop.0+0xa1/0x370 net_rx_action+0x925/0xe50 The above can happen following a sequence of events when using OpenVSwitch, when an OVS_ACTION_ATTR_USERSPACE action precedes an OVS_ACTION_ATTR_OUTPUT action: 1. OVS_ACTION_ATTR_USERSPACE is handled (in do_execute_actions): the skb goes through queue_gso_packets and then __udp_gso_segment, where its destructor is removed. 2. The segments' data are copied and sent to userspace. 3. OVS_ACTION_ATTR_OUTPUT is handled (in do_execute_actions) and the same original skb is sent to its path. 4. If it later hits skb_orphan, we hit the bug. Fix this by also removing the reference to the socket in __udp_gso_segment.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr If multiple connection requests attempt to create an implicit mptcp endpoint in parallel, more than one caller may end up in mptcp_pm_nl_append_new_local_addr because none found the address in local_addr_list during their call to mptcp_pm_nl_get_local_id. In this case, the concurrent new_local_addr calls may delete the address entry created by the previous caller. These deletes use synchronize_rcu, but this is not permitted in some of the contexts where this function may be called. During packet recv, the caller may be in a rcu read critical section and have preemption disabled. An example stack: BUG: scheduling while atomic: swapper/2/0/0x00000302 Call Trace: <IRQ> dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1)) dump_stack (lib/dump_stack.c:124) __schedule_bug (kernel/sched/core.c:5943) schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970) __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621) schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818) schedule_timeout (kernel/time/timer.c:2160) wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148) __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444) synchronize_rcu (kernel/rcu/tree.c:3609) mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061) mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164) mptcp_pm_get_local_id (net/mptcp/pm.c:420) subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213) subflow_v4_route_req (net/mptcp/subflow.c:305) tcp_conn_request (net/ipv4/tcp_input.c:7216) subflow_v4_conn_request (net/mptcp/subflow.c:651) tcp_rcv_state_process (net/ipv4/tcp_input.c:6709) tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934) tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334) ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1)) ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234) ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254) ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580) ip_sublist_rcv (net/ipv4/ip_input.c:640) ip_list_rcv (net/ipv4/ip_input.c:675) __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631) netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774) napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114) igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb __napi_poll (net/core/dev.c:6582) net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787) handle_softirqs (kernel/softirq.c:553) __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636) irq_exit_rcu (kernel/softirq.c:651) common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14)) </IRQ> This problem seems particularly prevalent if the user advertises an endpoint that has a different external vs internal address. In the case where the external address is advertised and multiple connections already exist, multiple subflow SYNs arrive in parallel which tends to trigger the race during creation of the first local_addr_list entries which have the internal address instead. Fix by skipping the replacement of an existing implicit local address if called via mptcp_pm_nl_get_local_id.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() Since commit b36e4523d4d5 ("netfilter: nf_conncount: fix garbage collection confirm race"), `cpu` and `jiffies32` were introduced to the struct nf_conncount_tuple. The commit made nf_conncount_add() initialize `conn->cpu` and `conn->jiffies32` when allocating the struct. In contrast, count_tree() was not changed to initialize them. By commit 34848d5c896e ("netfilter: nf_conncount: Split insert and traversal"), count_tree() was split and the relevant allocation code now resides in insert_tree(). Initialize `conn->cpu` and `conn->jiffies32` in insert_tree(). BUG: KMSAN: uninit-value in find_or_evict net/netfilter/nf_conncount.c:117 [inline] BUG: KMSAN: uninit-value in __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143 find_or_evict net/netfilter/nf_conncount.c:117 [inline] __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143 count_tree net/netfilter/nf_conncount.c:438 [inline] nf_conncount_count+0x82f/0x1e80 net/netfilter/nf_conncount.c:521 connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72 __nft_match_eval net/netfilter/nft_compat.c:403 [inline] nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288 nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663 NF_HOOK_LIST include/linux/netfilter.h:350 [inline] ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633 ip_list_rcv+0x9ef/0xa40 net/ipv4/ip_input.c:669 __netif_receive_skb_list_ptype net/core/dev.c:5936 [inline] __netif_receive_skb_list_core+0x15c5/0x1670 net/core/dev.c:5983 __netif_receive_skb_list net/core/dev.c:6035 [inline] netif_receive_skb_list_internal+0x1085/0x1700 net/core/dev.c:6126 netif_receive_skb_list+0x5a/0x460 net/core/dev.c:6178 xdp_recv_frames net/bpf/test_run.c:280 [inline] xdp_test_run_batch net/bpf/test_run.c:361 [inline] bpf_test_run_xdp_live+0x2e86/0x3480 net/bpf/test_run.c:390 bpf_prog_test_run_xdp+0xf1d/0x1ae0 net/bpf/test_run.c:1316 bpf_prog_test_run+0x5e5/0xa30 kernel/bpf/syscall.c:4407 __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5813 __do_sys_bpf kernel/bpf/syscall.c:5902 [inline] __se_sys_bpf kernel/bpf/syscall.c:5900 [inline] __ia32_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5900 ia32_sys_call+0x394d/0x4180 arch/x86/include/generated/asm/syscalls_32.h:358 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline] __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/common.c:387 do_fast_syscall_32+0x38/0x80 arch/x86/entry/common.c:412 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:450 entry_SYSENTER_compat_after_hwframe+0x84/0x8e Uninit was created at: slab_post_alloc_hook mm/slub.c:4121 [inline] slab_alloc_node mm/slub.c:4164 [inline] kmem_cache_alloc_noprof+0x915/0xe10 mm/slub.c:4171 insert_tree net/netfilter/nf_conncount.c:372 [inline] count_tree net/netfilter/nf_conncount.c:450 [inline] nf_conncount_count+0x1415/0x1e80 net/netfilter/nf_conncount.c:521 connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72 __nft_match_eval net/netfilter/nft_compat.c:403 [inline] nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288 nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663 NF_HOOK_LIST include/linux/netfilter.h:350 [inline] ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633 ip_list_rcv+0x9ef/0xa40 net/ip ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered is a bug unless use_pde/unuse_pde() pair has been used. use_pde/unuse_pde can be avoided (2 atomic ops!) because pde->proc_ops never changes so information necessary for inode instantiation can be saved _before_ proc_register() in PDE itself and used later, avoiding pde->proc_ops->... dereference. rmmod lookup sys_delete_module proc_lookup_de pde_get(de); proc_get_inode(dir->i_sb, de); mod->exit() proc_remove remove_proc_subtree proc_entry_rundown(de); free_module(mod); if (S_ISREG(inode->i_mode)) if (de->proc_ops->proc_read_iter) --> As module is already freed, will trigger UAF BUG: unable to handle page fault for address: fffffbfff80a702b PGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0 Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:proc_get_inode+0x302/0x6e0 RSP: 0018:ffff88811c837998 EFLAGS: 00010a06 RAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007 RDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158 RBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20 R10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0 R13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001 FS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> proc_lookup_de+0x11f/0x2e0 __lookup_slow+0x188/0x350 walk_component+0x2ab/0x4f0 path_lookupat+0x120/0x660 filename_lookup+0x1ce/0x560 vfs_statx+0xac/0x150 __do_sys_newstat+0x96/0x110 do_syscall_64+0x5f/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e [adobriyan@gmail.com: don't do 2 atomic ops on the common path]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). fib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything when it fails. Commit 7dd73168e273 ("ipv6: Always allocate pcpu memory in a fib6_nh") moved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init() but forgot to add cleanup for fib6_nh->nh_common.nhc_pcpu_rth_output in case it fails to allocate fib6_nh->rt6i_pcpu, resulting in memleak. Let's call fib_nh_common_release() and clear nhc_pcpu_rth_output in the error path. Note that we can remove the fib6_nh_release() call in nh_create_ipv6() later in net-next.git.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mm/migrate: fix shmem xarray update during migration A shmem folio can be either in page cache or in swap cache, but not at the same time. Namely, once it is in swap cache, folio->mapping should be NULL, and the folio is no longer in a shmem mapping. In __folio_migrate_mapping(), to determine the number of xarray entries to update, folio_test_swapbacked() is used, but that conflates shmem in page cache case and shmem in swap cache case. It leads to xarray multi-index entry corruption, since it turns a sibling entry to a normal entry during xas_store() (see [1] for a userspace reproduction). Fix it by only using folio_test_swapcache() to determine whether xarray is storing swap cache entries or not to choose the right number of xarray entries to update. [1] https://lore.kernel.org/linux-mm/Z8idPCkaJW1IChjT@casper.infradead.org/ Note: In __split_huge_page(), folio_test_anon() && folio_test_swapcache() is used to get swap_cache address space, but that ignores the shmem folio in swap cache case. It could lead to NULL pointer dereferencing when a in-swap-cache shmem folio is split at __xa_store(), since !folio_test_anon() is true and folio->mapping is NULL. But fortunately, its caller split_huge_page_to_list_to_order() bails out early with EBUSY when folio->mapping is NULL. So no need to take care of it here.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix geneve_opt length integer overflow struct geneve_opt uses 5 bit length for each single option, which means every vary size option should be smaller than 128 bytes. However, all current related Netlink policies cannot promise this length condition and the attacker can exploit a exact 128-byte size option to *fake* a zero length option and confuse the parsing logic, further achieve heap out-of-bounds read. One example crash log is like below: [ 3.905425] ================================================================== [ 3.905925] BUG: KASAN: slab-out-of-bounds in nla_put+0xa9/0xe0 [ 3.906255] Read of size 124 at addr ffff888005f291cc by task poc/177 [ 3.906646] [ 3.906775] CPU: 0 PID: 177 Comm: poc-oob-read Not tainted 6.1.132 #1 [ 3.907131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 3.907784] Call Trace: [ 3.907925] <TASK> [ 3.908048] dump_stack_lvl+0x44/0x5c [ 3.908258] print_report+0x184/0x4be [ 3.909151] kasan_report+0xc5/0x100 [ 3.909539] kasan_check_range+0xf3/0x1a0 [ 3.909794] memcpy+0x1f/0x60 [ 3.909968] nla_put+0xa9/0xe0 [ 3.910147] tunnel_key_dump+0x945/0xba0 [ 3.911536] tcf_action_dump_1+0x1c1/0x340 [ 3.912436] tcf_action_dump+0x101/0x180 [ 3.912689] tcf_exts_dump+0x164/0x1e0 [ 3.912905] fw_dump+0x18b/0x2d0 [ 3.913483] tcf_fill_node+0x2ee/0x460 [ 3.914778] tfilter_notify+0xf4/0x180 [ 3.915208] tc_new_tfilter+0xd51/0x10d0 [ 3.918615] rtnetlink_rcv_msg+0x4a2/0x560 [ 3.919118] netlink_rcv_skb+0xcd/0x200 [ 3.919787] netlink_unicast+0x395/0x530 [ 3.921032] netlink_sendmsg+0x3d0/0x6d0 [ 3.921987] __sock_sendmsg+0x99/0xa0 [ 3.922220] __sys_sendto+0x1b7/0x240 [ 3.922682] __x64_sys_sendto+0x72/0x90 [ 3.922906] do_syscall_64+0x5e/0x90 [ 3.923814] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 3.924122] RIP: 0033:0x7e83eab84407 [ 3.924331] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf [ 3.925330] RSP: 002b:00007ffff505e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c [ 3.925752] RAX: ffffffffffffffda RBX: 00007e83eaafa740 RCX: 00007e83eab84407 [ 3.926173] RDX: 00000000000001a8 RSI: 00007ffff505e3c0 RDI: 0000000000000003 [ 3.926587] RBP: 00007ffff505f460 R08: 00007e83eace1000 R09: 000000000000000c [ 3.926977] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffff505f3c0 [ 3.927367] R13: 00007ffff505f5c8 R14: 00007e83ead1b000 R15: 00005d4fbbe6dcb8 Fix these issues by enforing correct length condition in related policies.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_tunnel: fix geneve_opt type confusion addition When handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the parsing logic should place every geneve_opt structure one by one compactly. Hence, when deciding the next geneve_opt position, the pointer addition should be in units of char *. However, the current implementation erroneously does type conversion before the addition, which will lead to heap out-of-bounds write. [ 6.989857] ================================================================== [ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70 [ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178 [ 6.991162] [ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1 [ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 [ 6.992281] Call Trace: [ 6.992423] <TASK> [ 6.992586] dump_stack_lvl+0x44/0x5c [ 6.992801] print_report+0x184/0x4be [ 6.993790] kasan_report+0xc5/0x100 [ 6.994252] kasan_check_range+0xf3/0x1a0 [ 6.994486] memcpy+0x38/0x60 [ 6.994692] nft_tunnel_obj_init+0x977/0xa70 [ 6.995677] nft_obj_init+0x10c/0x1b0 [ 6.995891] nf_tables_newobj+0x585/0x950 [ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020 [ 6.998997] nfnetlink_rcv+0x1df/0x220 [ 6.999537] netlink_unicast+0x395/0x530 [ 7.000771] netlink_sendmsg+0x3d0/0x6d0 [ 7.001462] __sock_sendmsg+0x99/0xa0 [ 7.001707] ____sys_sendmsg+0x409/0x450 [ 7.002391] ___sys_sendmsg+0xfd/0x170 [ 7.003145] __sys_sendmsg+0xea/0x170 [ 7.004359] do_syscall_64+0x5e/0x90 [ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 7.006127] RIP: 0033:0x7ec756d4e407 [ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf [ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e [ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407 [ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003 [ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000 [ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8 Fix this bug with correct pointer addition and conversion in parse and dump code.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: Prevent parser TCAM memory corruption Protect the parser TCAM/SRAM memory, and the cached (shadow) SRAM information, from concurrent modifications. Both the TCAM and SRAM tables are indirectly accessed by configuring an index register that selects the row to read or write to. This means that operations must be atomic in order to, e.g., avoid spreading writes across multiple rows. Since the shadow SRAM array is used to find free rows in the hardware table, it must also be protected in order to avoid TOCTOU errors where multiple cores allocate the same row. This issue was detected in a situation where `mvpp2_set_rx_mode()` ran concurrently on two CPUs. In this particular case the MVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the classifier unit to drop all incoming unicast - indicated by the `rx_classifier_drops` counter.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint If vhost_scsi_set_endpoint is called multiple times without a vhost_scsi_clear_endpoint between them, we can hit multiple bugs found by Haoran Zhang: 1. Use-after-free when no tpgs are found: This fixes a use after free that occurs when vhost_scsi_set_endpoint is called more than once and calls after the first call do not find any tpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds tpgs to add to the vs_tpg array match=true, so we will do: vhost_vq_set_backend(vq, vs_tpg); ... kfree(vs->vs_tpg); vs->vs_tpg = vs_tpg; If vhost_scsi_set_endpoint is called again and no tpgs are found match=false so we skip the vhost_vq_set_backend call leaving the pointer to the vs_tpg we then free via: kfree(vs->vs_tpg); vs->vs_tpg = vs_tpg; If a scsi request is then sent we do: vhost_scsi_handle_vq -> vhost_scsi_get_req -> vhost_vq_get_backend which sees the vs_tpg we just did a kfree on. 2. Tpg dir removal hang: This patch fixes an issue where we cannot remove a LIO/target layer tpg (and structs above it like the target) dir due to the refcount dropping to -1. The problem is that if vhost_scsi_set_endpoint detects a tpg is already in the vs->vs_tpg array or if the tpg has been removed so target_depend_item fails, the undepend goto handler will do target_undepend_item on all tpgs in the vs_tpg array dropping their refcount to 0. At this time vs_tpg contains both the tpgs we have added in the current vhost_scsi_set_endpoint call as well as tpgs we added in previous calls which are also in vs->vs_tpg. Later, when vhost_scsi_clear_endpoint runs it will do target_undepend_item on all the tpgs in the vs->vs_tpg which will drop their refcount to -1. Userspace will then not be able to remove the tpg and will hang when it tries to do rmdir on the tpg dir. 3. Tpg leak: This fixes a bug where we can leak tpgs and cause them to be un-removable because the target name is overwritten when vhost_scsi_set_endpoint is called multiple times but with different target names. The bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup a vhost-scsi device to target/tpg mapping, then calls VHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we haven't seen before (target1 has tpg1 but target2 has tpg2). When this happens we don't teardown the old target tpg mapping and just overwrite the target name and the vs->vs_tpg array. Later when we do vhost_scsi_clear_endpoint, we are passed in either target1 or target2's name and we will only match that target's tpgs when we loop over the vs->vs_tpg. We will then return from the function without doing target_undepend_item on the tpgs. Because of all these bugs, it looks like being able to call vhost_scsi_set_endpoint multiple times was never supported. The major user, QEMU, already has checks to prevent this use case. So to fix the issues, this patch prevents vhost_scsi_set_endpoint from being called if it's already successfully added tpgs. To add, remove or change the tpg config or target name, you must do a vhost_scsi_clear_endpoint first.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to the maple tree. As fork() fails, we'll cleanup the maple tree, and stumble over the dst VMA for which we neither performed any reservation nor copied any page tables. Consequently untrack_pfn() will see VM_PAT and try obtaining the PAT information from the page table -- which fails because the page table was not copied. The easiest fix would be to simply clear the VM_PAT flag of the dst VMA if track_pfn_copy() fails. However, the whole thing is about "simply" clearing the VM_PAT flag is shaky as well: if we passed track_pfn_copy() and performed a reservation, but copying the page tables fails, we'll simply clear the VM_PAT flag, not properly undoing the reservation ... which is also wrong. So let's fix it properly: set the VM_PAT flag only if the reservation succeeded (leaving it clear initially), and undo the reservation if anything goes wrong while copying the page tables: clearing the VM_PAT flag after undoing the reservation. Note that any copied page table entries will get zapped when the VMA will get removed later, after copy_page_range() succeeded; as VM_PAT is not set then, we won't try cleaning VM_PAT up once more and untrack_pfn() will be happy. Note that leaving these page tables in place without a reservation is not a problem, as we are aborting fork(); this process will never run. A reproducer can trigger this usually at the first try: https://gitlab.com/davidhildenbrand/scratchspace/-/raw/main/reproducers/pat_fork.c WARNING: CPU: 26 PID: 11650 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0xf6/0x110 Modules linked in: ... CPU: 26 UID: 0 PID: 11650 Comm: repro3 Not tainted 6.12.0-rc5+ #92 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014 RIP: 0010:get_pat_info+0xf6/0x110 ... Call Trace: <TASK> ... untrack_pfn+0x52/0x110 unmap_single_vma+0xa6/0xe0 unmap_vmas+0x105/0x1f0 exit_mmap+0xf6/0x460 __mmput+0x4b/0x120 copy_process+0x1bf6/0x2aa0 kernel_clone+0xab/0x440 __do_sys_clone+0x66/0x90 do_syscall_64+0x95/0x180 Likely this case was missed in: d155df53f310 ("x86/mm/pat: clear VM_PAT if copy_p4d_range failed") ... and instead of undoing the reservation we simply cleared the VM_PAT flag. Keep the documentation of these functions in include/linux/pgtable.h, one place is more than sufficient -- we should clean that up for the other functions like track_pfn_remap/untrack_pfn separately.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulator_bulk_get() If the regulator_bulk_get() returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to the regulator_bulk_free() will result in a kernel panic. While at it, print the error value, as we cannot return an error upwards as the kernel will WARN() on an error from add_bus(). [kwilczynski: commit log, use comma in the message to match style with other similar messages]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() There are actually 2 problems: - deleting the last element doesn't require the memmove of elements [i + 1, end) over it. Actually, element i+1 is out of bounds. - The memmove itself should move size - i - 1 elements, because the last element is out of bounds. The out-of-bounds element still remains out of bounds after being accessed, so the problem is only that we touch it, not that it becomes in active use. But I suppose it can lead to issues if the out-of-bounds element is part of an unmapped page.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF. SIOCBRDELIF is passed to dev_ioctl() first and later forwarded to br_ioctl_call(), which causes unnecessary RTNL dance and the splat below [0] under RTNL pressure. Let's say Thread A is trying to detach a device from a bridge and Thread B is trying to remove the bridge. In dev_ioctl(), Thread A bumps the bridge device's refcnt by netdev_hold() and releases RTNL because the following br_ioctl_call() also re-acquires RTNL. In the race window, Thread B could acquire RTNL and try to remove the bridge device. Then, rtnl_unlock() by Thread B will release RTNL and wait for netdev_put() by Thread A. Thread A, however, must hold RTNL after the unlock in dev_ifsioc(), which may take long under RTNL pressure, resulting in the splat by Thread B. Thread A (SIOCBRDELIF) Thread B (SIOCBRDELBR) ---------------------- ---------------------- sock_ioctl sock_ioctl `- sock_do_ioctl `- br_ioctl_call `- dev_ioctl `- br_ioctl_stub |- rtnl_lock | |- dev_ifsioc ' ' |- dev = __dev_get_by_name(...) |- netdev_hold(dev, ...) . / |- rtnl_unlock ------. | | |- br_ioctl_call `---> |- rtnl_lock Race | | `- br_ioctl_stub |- br_del_bridge Window | | | |- dev = __dev_get_by_name(...) | | | May take long | `- br_dev_delete(dev, ...) | | | under RTNL pressure | `- unregister_netdevice_queue(dev, ...) | | | | `- rtnl_unlock \ | |- rtnl_lock <-' `- netdev_run_todo | |- ... `- netdev_run_todo | `- rtnl_unlock |- __rtnl_unlock | |- netdev_wait_allrefs_any |- netdev_put(dev, ...) <----------------' Wait refcnt decrement and log splat below To avoid blocking SIOCBRDELBR unnecessarily, let's not call dev_ioctl() for SIOCBRADDIF and SIOCBRDELIF. In the dev_ioctl() path, we do the following: 1. Copy struct ifreq by get_user_ifreq in sock_do_ioctl() 2. Check CAP_NET_ADMIN in dev_ioctl() 3. Call dev_load() in dev_ioctl() 4. Fetch the master dev from ifr.ifr_name in dev_ifsioc() 3. can be done by request_module() in br_ioctl_call(), so we move 1., 2., and 4. to br_ioctl_stub(). Note that 2. is also checked later in add_del_if(), but it's better performed before RTNL. SIOCBRADDIF and SIOCBRDELIF have been processed in dev_ioctl() since the pre-git era, and there seems to be no specific reason to process them there. [0]: unregister_netdevice: waiting for wpan3 to become free. Usage count = 2 ref_tracker: wpan3@ffff8880662d8608 has 1/1 users at __netdev_tracker_alloc include/linux/netdevice.h:4282 [inline] netdev_hold include/linux/netdevice.h:4311 [inline] dev_ifsioc+0xc6a/0x1160 net/core/dev_ioctl.c:624 dev_ioctl+0x255/0x10c0 net/core/dev_ioctl.c:826 sock_do_ioctl+0x1ca/0x260 net/socket.c:1213 sock_ioctl+0x23a/0x6c0 net/socket.c:1318 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:906 [inline] __se_sys_ioctl fs/ioctl.c:892 [inline] __x64_sys_ioctl+0x1a4/0x210 fs/ioctl.c:892 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() There's issue as follows: BUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID: 15172 Comm: syz-executor.0 Call Trace: __dump_stack lib/dump_stack.c:82 [inline] dump_stack+0xbe/0xfd lib/dump_stack.c:123 print_address_description.constprop.0+0x1e/0x280 mm/kasan/report.c:400 __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560 kasan_report+0x3a/0x50 mm/kasan/report.c:585 ext4_xattr_inode_dec_ref_all+0x6ff/0x790 fs/ext4/xattr.c:1137 ext4_xattr_delete_inode+0x4c7/0xda0 fs/ext4/xattr.c:2896 ext4_evict_inode+0xb3b/0x1670 fs/ext4/inode.c:323 evict+0x39f/0x880 fs/inode.c:622 iput_final fs/inode.c:1746 [inline] iput fs/inode.c:1772 [inline] iput+0x525/0x6c0 fs/inode.c:1758 ext4_orphan_cleanup fs/ext4/super.c:3298 [inline] ext4_fill_super+0x8c57/0xba40 fs/ext4/super.c:5300 mount_bdev+0x355/0x410 fs/super.c:1446 legacy_get_tree+0xfe/0x220 fs/fs_context.c:611 vfs_get_tree+0x8d/0x2f0 fs/super.c:1576 do_new_mount fs/namespace.c:2983 [inline] path_mount+0x119a/0x1ad0 fs/namespace.c:3316 do_mount+0xfc/0x110 fs/namespace.c:3329 __do_sys_mount fs/namespace.c:3540 [inline] __se_sys_mount+0x219/0x2e0 fs/namespace.c:3514 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x67/0xd1 Memory state around the buggy address: ffff88807b002f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff88807b002f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff88807b003000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ^ ffff88807b003080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff88807b003100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Above issue happens as ext4_xattr_delete_inode() isn't check xattr is valid if xattr is in inode. To solve above issue call xattr_check_inode() check if xattr if valid in inode. In fact, we can directly verify in ext4_iget_extra_inode(), so that there is no divergent verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 ("platform/x86: int3472: Check for adev == NULL"). Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in int3402_thermal_probe(). Note, under the same directory, int3400_thermal_probe() has such a check. [ rjw: Subject edit, added Fixes: ]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. When I ran the repro [0] and waited a few seconds, I observed two LOCKDEP splats: a warning immediately followed by a null-ptr-deref. [1] Reproduction Steps: 1) Mount CIFS 2) Add an iptables rule to drop incoming FIN packets for CIFS 3) Unmount CIFS 4) Unload the CIFS module 5) Remove the iptables rule At step 3), the CIFS module calls sock_release() for the underlying TCP socket, and it returns quickly. However, the socket remains in FIN_WAIT_1 because incoming FIN packets are dropped. At this point, the module's refcnt is 0 while the socket is still alive, so the following rmmod command succeeds. # ss -tan State Recv-Q Send-Q Local Address:Port Peer Address:Port FIN-WAIT-1 0 477 10.0.2.15:51062 10.0.0.137:445 # lsmod | grep cifs cifs 1159168 0 This highlights a discrepancy between the lifetime of the CIFS module and the underlying TCP socket. Even after CIFS calls sock_release() and it returns, the TCP socket does not die immediately in order to close the connection gracefully. While this is generally fine, it causes an issue with LOCKDEP because CIFS assigns a different lock class to the TCP socket's sk->sk_lock using sock_lock_init_class_and_name(). Once an incoming packet is processed for the socket or a timer fires, sk->sk_lock is acquired. Then, LOCKDEP checks the lock context in check_wait_context(), where hlock_class() is called to retrieve the lock class. However, since the module has already been unloaded, hlock_class() logs a warning and returns NULL, triggering the null-ptr-deref. If LOCKDEP is enabled, we must ensure that a module calling sock_lock_init_class_and_name() (CIFS, NFS, etc) cannot be unloaded while such a socket is still alive to prevent this issue. Let's hold the module reference in sock_lock_init_class_and_name() and release it when the socket is freed in sk_prot_free(). Note that sock_lock_init() clears sk->sk_owner for svc_create_socket() that calls sock_lock_init_class_and_name() for a listening socket, which clones a socket by sk_clone_lock() without GFP_ZERO. [0]: CIFS_SERVER="10.0.0.137" CIFS_PATH="//${CIFS_SERVER}/Users/Administrator/Desktop/CIFS_TEST" DEV="enp0s3" CRED="/root/WindowsCredential.txt" MNT=$(mktemp -d /tmp/XXXXXX) mount -t cifs ${CIFS_PATH} ${MNT} -o vers=3.0,credentials=${CRED},cache=none,echo_interval=1 iptables -A INPUT -s ${CIFS_SERVER} -j DROP for i in $(seq 10); do umount ${MNT} rmmod cifs sleep 1 done rm -r ${MNT} iptables -D INPUT -s ${CIFS_SERVER} -j DROP [1]: DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 10 PID: 0 at kernel/locking/lockdep.c:234 hlock_class (kernel/locking/lockdep.c:234 kernel/locking/lockdep.c:223) Modules linked in: cifs_arc4 nls_ucs2_utils cifs_md4 [last unloaded: cifs] CPU: 10 UID: 0 PID: 0 Comm: swapper/10 Not tainted 6.14.0 #36 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:hlock_class (kernel/locking/lockdep.c:234 kernel/locking/lockdep.c:223) ... Call Trace: <IRQ> __lock_acquire (kernel/locking/lockdep.c:4853 kernel/locking/lockdep.c:5178) lock_acquire (kernel/locking/lockdep.c:469 kernel/locking/lockdep.c:5853 kernel/locking/lockdep.c:5816) _raw_spin_lock_nested (kernel/locking/spinlock.c:379) tcp_v4_rcv (./include/linux/skbuff.h:1678 ./include/net/tcp.h:2547 net/ipv4/tcp_ipv4.c:2350) ... BUG: kernel NULL pointer dereference, address: 00000000000000c4 PF: supervisor read access in kernel mode PF: error_code(0x0000) - not-present page PGD 0 Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 10 UID: 0 PID: 0 Comm: swapper/10 Tainted: G W 6.14.0 #36 Tainted: [W]=WARN Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:__lock_acquire (kernel/ ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with rec_len == block size results in out-of-bounds read (later on, when the corrupted directory is removed). ext4_empty_dir() assumes every ext4 directory contains at least '.' and '..' as directory entries in the first data block. It first loads the '.' dir entry, performs sanity checks by calling ext4_check_dir_entry() and then uses its rec_len member to compute the location of '..' dir entry (in ext4_next_entry). It assumes the '..' dir entry fits into the same data block. If the rec_len of '.' is precisely one block (4KB), it slips through the sanity checks (it is considered the last directory entry in the data block) and leaves "struct ext4_dir_entry_2 *de" point exactly past the memory slot allocated to the data block. The following call to ext4_check_dir_entry() on new value of de then dereferences this pointer which results in out-of-bounds mem access. Fix this by extending __ext4_check_dir_entry() to check for '.' dir entries that reach the end of data block. Make sure to ignore the phony dir entries for checksum (by checking name_len for non-zero). Note: This is reported by KASAN as use-after-free in case another structure was recently freed from the slot past the bound, but it is really an OOB read. This issue was found by syzkaller tool. Call Trace: [ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710 [ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375 [ 38.595158] [ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1 [ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 38.595304] Call Trace: [ 38.595308] <TASK> [ 38.595311] dump_stack_lvl+0xa7/0xd0 [ 38.595325] print_address_description.constprop.0+0x2c/0x3f0 [ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710 [ 38.595349] print_report+0xaa/0x250 [ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710 [ 38.595368] ? kasan_addr_to_slab+0x9/0x90 [ 38.595378] kasan_report+0xab/0xe0 [ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710 [ 38.595400] __ext4_check_dir_entry+0x67e/0x710 [ 38.595410] ext4_empty_dir+0x465/0x990 [ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10 [ 38.595432] ext4_rmdir.part.0+0x29a/0xd10 [ 38.595441] ? __dquot_initialize+0x2a7/0xbf0 [ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10 [ 38.595464] ? __pfx___dquot_initialize+0x10/0x10 [ 38.595478] ? down_write+0xdb/0x140 [ 38.595487] ? __pfx_down_write+0x10/0x10 [ 38.595497] ext4_rmdir+0xee/0x140 [ 38.595506] vfs_rmdir+0x209/0x670 [ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190 [ 38.595529] do_rmdir+0x363/0x3c0 [ 38.595537] ? __pfx_do_rmdir+0x10/0x10 [ 38.595544] ? strncpy_from_user+0x1ff/0x2e0 [ 38.595561] __x64_sys_unlinkat+0xf0/0x130 [ 38.595570] do_syscall_64+0x5b/0x180 [ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Fix memleak issue when GSO enabled Always map the `skb` to the LS descriptor. Previously skb was mapped to EXT descriptor when the number of fragments is zero with GSO enabled. Mapping the skb to EXT descriptor prevents it from being freed, leading to a memory leak
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock and spin_unlock in mtk_star_emac driver to avoid spinlock recursion occurrence that can happen when enabling the DMA interrupts again in rx/tx poll. ``` BUG: spinlock recursion on CPU#0, swapper/0/0 lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0, .owner_cpu: 0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT Hardware name: MediaTek MT8365 Open Platform EVK (DT) Call trace: show_stack+0x18/0x24 (C) dump_stack_lvl+0x60/0x80 dump_stack+0x18/0x24 spin_dump+0x78/0x88 do_raw_spin_lock+0x11c/0x120 _raw_spin_lock+0x20/0x2c mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac] __handle_irq_event_percpu+0x48/0x140 handle_irq_event+0x4c/0xb0 handle_fasteoi_irq+0xa0/0x1bc handle_irq_desc+0x34/0x58 generic_handle_domain_irq+0x1c/0x28 gic_handle_irq+0x4c/0x120 do_interrupt_handler+0x50/0x84 el1_interrupt+0x34/0x68 el1h_64_irq_handler+0x18/0x24 el1h_64_irq+0x6c/0x70 regmap_mmio_read32le+0xc/0x20 (P) _regmap_bus_reg_read+0x6c/0xac _regmap_read+0x60/0xdc regmap_read+0x4c/0x80 mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac] __napi_poll+0x38/0x188 net_rx_action+0x164/0x2c0 handle_softirqs+0x100/0x244 __do_softirq+0x14/0x20 ____do_softirq+0x10/0x20 call_on_irq_stack+0x24/0x64 do_softirq_own_stack+0x1c/0x40 __irq_exit_rcu+0xd4/0x10c irq_exit_rcu+0x10/0x1c el1_interrupt+0x38/0x68 el1h_64_irq_handler+0x18/0x24 el1h_64_irq+0x6c/0x70 cpuidle_enter_state+0xac/0x320 (P) cpuidle_enter+0x38/0x50 do_idle+0x1e4/0x260 cpu_startup_entry+0x34/0x3c rest_init+0xdc/0xe0 console_on_rootfs+0x0/0x6c __primary_switched+0x88/0x90 ```
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsa_switch_suspend() and dsa_switch_resume() from their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz 2. Those who don't: all others. The above methods should be optional. For type 1, dsa_switch_suspend() calls dsa_user_suspend() -> phylink_stop(), and dsa_switch_resume() calls dsa_user_resume() -> phylink_start(). These seem good candidates for setting mac_managed_pm = true because that is essentially its definition [1], but that does not seem to be the biggest problem for now, and is not what this change focuses on. Talking strictly about the 2nd category of DSA drivers here (which do not have MAC managed PM, meaning that for their attached PHYs, mdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full), I have noticed that the following warning from mdio_bus_phy_resume() is triggered: WARN_ON(phydev->state != PHY_HALTED && phydev->state != PHY_READY && phydev->state != PHY_UP); because the PHY state machine is running. It's running as a result of a previous dsa_user_open() -> ... -> phylink_start() -> phy_start() having been initiated by the user. The previous mdio_bus_phy_suspend() was supposed to have called phy_stop_machine(), but it didn't. So this is why the PHY is in state PHY_NOLINK by the time mdio_bus_phy_resume() runs. mdio_bus_phy_suspend() did not call phy_stop_machine() because for phylink, the phydev->adjust_link function pointer is NULL. This seems a technicality introduced by commit fddd91016d16 ("phylib: fix PAL state machine restart on resume"). That commit was written before phylink existed, and was intended to avoid crashing with consumer drivers which don't use the PHY state machine - phylink always does, when using a PHY. But phylink itself has historically not been developed with suspend/resume in mind, and apparently not tested too much in that scenario, allowing this bug to exist unnoticed for so long. Plus, prior to the WARN_ON(), it would have likely been invisible. This issue is not in fact restricted to type 2 DSA drivers (according to the above ad-hoc classification), but can be extrapolated to any MAC driver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where the issue was reported. Assuming mac_managed_pm is set correctly, a quick search indicates the following other drivers might be affected: $ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm drivers/net/ethernet/atheros/ag71xx.c drivers/net/ethernet/microchip/sparx5/sparx5_main.c drivers/net/ethernet/microchip/lan966x/lan966x_main.c drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c drivers/net/ethernet/freescale/fs_enet/fs_enet-main.c drivers/net/ethernet/freescale/dpaa/dpaa_eth.c drivers/net/ethernet/freescale/ucc_geth.c drivers/net/ethernet/freescale/enetc/enetc_pf_common.c drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c drivers/net/ethernet/marvell/mvneta.c drivers/net/ethernet/marvell/prestera/prestera_main.c drivers/net/ethernet/mediatek/mtk_eth_soc.c drivers/net/ethernet/altera/altera_tse_main.c drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c drivers/net/ethernet/meta/fbnic/fbnic_phylink.c drivers/net/ethernet/tehuti/tn40_phy.c drivers/net/ethernet/mscc/ocelot_net.c Make the existing conditions dependent on the PHY device having a phydev->phy_link_change() implementation equal to the default phy_link_change() provided by phylib. Otherwise, we implicitly know that the phydev has the phylink-provided phylink_phy_change() callback, and when phylink is used, the PHY state machine always needs to be stopped/ started on the suspend/resume path. The code is structured as such that if phydev->phy_link_change() is absent, it is a matter of time until the kernel will crash - no need to further complicate the test. Thus, for the situation where the PM is not managed b ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Scrub packet on bpf_redirect_peer When bpf_redirect_peer is used to redirect packets to a device in another network namespace, the skb isn't scrubbed. That can lead skb information from one namespace to be "misused" in another namespace. As one example, this is causing Cilium to drop traffic when using bpf_redirect_peer to redirect packets that just went through IPsec decryption to a container namespace. The following pwru trace shows (1) the packet path from the host's XFRM layer to the container's XFRM layer where it's dropped and (2) the number of active skb extensions at each function. NETNS MARK IFACE TUPLE FUNC 4026533547 d00 eth0 10.244.3.124:35473->10.244.2.158:53 xfrm_rcv_cb .active_extensions = (__u8)2, 4026533547 d00 eth0 10.244.3.124:35473->10.244.2.158:53 xfrm4_rcv_cb .active_extensions = (__u8)2, 4026533547 d00 eth0 10.244.3.124:35473->10.244.2.158:53 gro_cells_receive .active_extensions = (__u8)2, [...] 4026533547 0 eth0 10.244.3.124:35473->10.244.2.158:53 skb_do_redirect .active_extensions = (__u8)2, 4026534999 0 eth0 10.244.3.124:35473->10.244.2.158:53 ip_rcv .active_extensions = (__u8)2, 4026534999 0 eth0 10.244.3.124:35473->10.244.2.158:53 ip_rcv_core .active_extensions = (__u8)2, [...] 4026534999 0 eth0 10.244.3.124:35473->10.244.2.158:53 udp_queue_rcv_one_skb .active_extensions = (__u8)2, 4026534999 0 eth0 10.244.3.124:35473->10.244.2.158:53 __xfrm_policy_check .active_extensions = (__u8)2, 4026534999 0 eth0 10.244.3.124:35473->10.244.2.158:53 __xfrm_decode_session .active_extensions = (__u8)2, 4026534999 0 eth0 10.244.3.124:35473->10.244.2.158:53 security_xfrm_decode_session .active_extensions = (__u8)2, 4026534999 0 eth0 10.244.3.124:35473->10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY) .active_extensions = (__u8)2, In this case, there are no XFRM policies in the container's network namespace so the drop is unexpected. When we decrypt the IPsec packet, the XFRM state used for decryption is set in the skb extensions. This information is preserved across the netns switch. When we reach the XFRM policy check in the container's netns, __xfrm_policy_check drops the packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM policy can't be found that matches the (host-side) XFRM state used for decryption. This patch fixes this by scrubbing the packet when using bpf_redirect_peer, as is done on typical netns switches via veth devices except skb->mark and skb->tstamp are not zeroed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate window where TLB flushes may be inadvertently skipped tl;dr: There is a window in the mm switching code where the new CR3 is set and the CPU should be getting TLB flushes for the new mm. But should_flush_tlb() has a bug and suppresses the flush. Fix it by widening the window where should_flush_tlb() sends an IPI. Long Version: === History === There were a few things leading up to this. First, updating mm_cpumask() was observed to be too expensive, so it was made lazier. But being lazy caused too many unnecessary IPIs to CPUs due to the now-lazy mm_cpumask(). So code was added to cull mm_cpumask() periodically[2]. But that culling was a bit too aggressive and skipped sending TLB flushes to CPUs that need them. So here we are again. === Problem === The too-aggressive code in should_flush_tlb() strikes in this window: // Turn on IPIs for this CPU/mm combination, but only // if should_flush_tlb() agrees: cpumask_set_cpu(cpu, mm_cpumask(next)); next_tlb_gen = atomic64_read(&next->context.tlb_gen); choose_new_asid(next, next_tlb_gen, &new_asid, &need_flush); load_new_mm_cr3(need_flush); // ^ After 'need_flush' is set to false, IPIs *MUST* // be sent to this CPU and not be ignored. this_cpu_write(cpu_tlbstate.loaded_mm, next); // ^ Not until this point does should_flush_tlb() // become true! should_flush_tlb() will suppress TLB flushes between load_new_mm_cr3() and writing to 'loaded_mm', which is a window where they should not be suppressed. Whoops. === Solution === Thankfully, the fuzzy "just about to write CR3" window is already marked with loaded_mm==LOADED_MM_SWITCHING. Simply checking for that state in should_flush_tlb() is sufficient to ensure that the CPU is targeted with an IPI. This will cause more TLB flush IPIs. But the window is relatively small and I do not expect this to cause any kind of measurable performance impact. Update the comment where LOADED_MM_SWITCHING is written since it grew yet another user. Peter Z also raised a concern that should_flush_tlb() might not observe 'loaded_mm' and 'is_lazy' in the same order that switch_mm_irqs_off() writes them. Add a barrier to ensure that they are observed in the order they are written.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: Input: mtk-pmic-keys - fix possible null pointer dereference In mtk_pmic_keys_probe, the regs parameter is only set if the button is parsed in the device tree. However, on hardware where the button is left floating, that node will most likely be removed not to enable that input. In that case the code will try to dereference a null pointer. Let's use the regs struct instead as it is defined for all supported platforms. Note that it is ok setting the key reg even if that latter is disabled as the interrupt won't be enabled anyway.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is successful but the function later encounters an error, we need to clean up the blk_mq_sysfs resources. Add the missing blk_mq_sysfs_unregister() call in the error path to properly clean up these resources and prevent a memory leak.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: make sure that ptp_rate is not 0 before configuring EST If the ptp_rate recorded earlier in the driver happens to be 0, this bogus value will propagate up to EST configuration, where it will trigger a division by 0. Prevent this division by 0 by adding the corresponding check and error code.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc->field_len[] maximum value is U8_MAX multiplied by NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case. - NFT_PIPAPO_BUCKETS(f->bb) is 2^8, worst case. - sizeof(unsigned long), from sizeof(*f->lt), lt in struct nft_pipapo_field. Then, use check_mul_overflow() to multiply by bucket size and then use check_add_overflow() to the alignment for avx2 (if needed). Finally, add lt_size_check_overflow() helper and use it to consolidate this. While at it, replace leftover allocation using the GFP_KERNEL to GFP_KERNEL_ACCOUNT for consistency, in pipapo_resize().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address: 0000000000000000 ip6_rcv_core (net/ipv6/ip6_input.c:190:20) ipv6_rcv (net/ipv6/ip6_input.c:306:8) process_backlog (net/core/dev.c:6186:4) napi_poll (net/core/dev.c:6906:9) net_rx_action (net/core/dev.c:7028:13) do_softirq (kernel/softirq.c:462:3) netif_rx (net/core/dev.c:5326:3) dev_loopback_xmit (net/core/dev.c:4015:2) ip_mc_finish_output (net/ipv4/ip_output.c:363:8) NF_HOOK (./include/linux/netfilter.h:314:9) ip_mc_output (net/ipv4/ip_output.c:400:5) dst_output (./include/net/dst.h:459:9) ip_local_out (net/ipv4/ip_output.c:130:9) ip_send_skb (net/ipv4/ip_output.c:1496:8) udp_send_skb (net/ipv4/udp.c:1040:8) udp_sendmsg (net/ipv4/udp.c:1328:10) The output interface has a 4->6 program attached at ingress. We try to loop the multicast skb back to the sending socket. Ingress BPF runs as part of netif_rx(), pushes a valid v6 hdr and changes skb->protocol to v6. We enter ip6_rcv_core which tries to use skb_dst(). But the dst is still an IPv4 one left after IPv4 mcast output. Clear the dst in all BPF helpers which change the protocol. Try to preserve metadata dsts, those may carry non-routing metadata.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. Similar to: b541ba7d1f5a ("netfilter: conntrack: clamp maximum hashtable size to INT_MAX")
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix race between nfsd registration and exports_proc As of now nfsd calls create_proc_exports_entry() at start of init_nfsd and cleanup by remove_proc_entry() at last of exit_nfsd. Which causes kernel OOPs if there is race between below 2 operations: (i) exportfs -r (ii) mount -t nfsd none /proc/fs/nfsd for 5.4 kernel ARM64: CPU 1: el1_irq+0xbc/0x180 arch_counter_get_cntvct+0x14/0x18 running_clock+0xc/0x18 preempt_count_add+0x88/0x110 prep_new_page+0xb0/0x220 get_page_from_freelist+0x2d8/0x1778 __alloc_pages_nodemask+0x15c/0xef0 __vmalloc_node_range+0x28c/0x478 __vmalloc_node_flags_caller+0x8c/0xb0 kvmalloc_node+0x88/0xe0 nfsd_init_net+0x6c/0x108 [nfsd] ops_init+0x44/0x170 register_pernet_operations+0x114/0x270 register_pernet_subsys+0x34/0x50 init_nfsd+0xa8/0x718 [nfsd] do_one_initcall+0x54/0x2e0 CPU 2 : Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 PC is at : exports_net_open+0x50/0x68 [nfsd] Call trace: exports_net_open+0x50/0x68 [nfsd] exports_proc_open+0x2c/0x38 [nfsd] proc_reg_open+0xb8/0x198 do_dentry_open+0x1c4/0x418 vfs_open+0x38/0x48 path_openat+0x28c/0xf18 do_filp_open+0x70/0xe8 do_sys_open+0x154/0x248 Sometimes it crashes at exports_net_open() and sometimes cache_seq_next_rcu(). and same is happening on latest 6.14 kernel as well: [ 0.000000] Linux version 6.14.0-rc5-next-20250304-dirty ... [ 285.455918] Unable to handle kernel paging request at virtual address 00001f4800001f48 ... [ 285.464902] pc : cache_seq_next_rcu+0x78/0xa4 ... [ 285.469695] Call trace: [ 285.470083] cache_seq_next_rcu+0x78/0xa4 (P) [ 285.470488] seq_read+0xe0/0x11c [ 285.470675] proc_reg_read+0x9c/0xf0 [ 285.470874] vfs_read+0xc4/0x2fc [ 285.471057] ksys_read+0x6c/0xf4 [ 285.471231] __arm64_sys_read+0x1c/0x28 [ 285.471428] invoke_syscall+0x44/0x100 [ 285.471633] el0_svc_common.constprop.0+0x40/0xe0 [ 285.471870] do_el0_svc_compat+0x1c/0x34 [ 285.472073] el0_svc_compat+0x2c/0x80 [ 285.472265] el0t_32_sync_handler+0x90/0x140 [ 285.472473] el0t_32_sync+0x19c/0x1a0 [ 285.472887] Code: f9400885 93407c23 937d7c27 11000421 (f86378a3) [ 285.473422] ---[ end trace 0000000000000000 ]--- It reproduced simply with below script: while [ 1 ] do /exportfs -r done & while [ 1 ] do insmod /nfsd.ko mount -t nfsd none /proc/fs/nfsd umount /proc/fs/nfsd rmmod nfsd done & So exporting interfaces to user space shall be done at last and cleanup at first place. With change there is no Kernel OOPs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix crash in icl_update_topdown_event() The perf_fuzzer found a hard-lockup crash on a RaptorLake machine: Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000 CPU: 23 UID: 0 PID: 0 Comm: swapper/23 Tainted: [W]=WARN Hardware name: Dell Inc. Precision 9660/0VJ762 RIP: 0010:native_read_pmc+0x7/0x40 Code: cc e8 8d a9 01 00 48 89 03 5b cd cc cc cc cc 0f 1f ... RSP: 000:fffb03100273de8 EFLAGS: 00010046 .... Call Trace: <TASK> icl_update_topdown_event+0x165/0x190 ? ktime_get+0x38/0xd0 intel_pmu_read_event+0xf9/0x210 __perf_event_read+0xf9/0x210 CPUs 16-23 are E-core CPUs that don't support the perf metrics feature. The icl_update_topdown_event() should not be invoked on these CPUs. It's a regression of commit: f9bdf1f95339 ("perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read") The bug introduced by that commit is that the is_topdown_event() function is mistakenly used to replace the is_topdown_count() call to check if the topdown functions for the perf metrics feature should be invoked. Fix it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject narrower access to pointer ctx fields The following BPF program, simplified from a syzkaller repro, causes a kernel warning: r0 = *(u8 *)(r1 + 169); exit; With pointer field sk being at offset 168 in __sk_buff. This access is detected as a narrower read in bpf_skb_is_valid_access because it doesn't match offsetof(struct __sk_buff, sk). It is therefore allowed and later proceeds to bpf_convert_ctx_access. Note that for the "is_narrower_load" case in the convert_ctx_accesses(), the insn->off is aligned, so the cnt may not be 0 because it matches the offsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However, the target_size stays 0 and the verifier errors with a kernel warning: verifier bug: error during ctx access conversion(1) This patch fixes that to return a proper "invalid bpf_context access off=X size=Y" error on the load instruction. The same issue affects multiple other fields in context structures that allow narrow access. Some other non-affected fields (for sk_msg, sk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for consistency. Note this syzkaller crash was reported in the "Closes" link below, which used to be about a different bug, fixed in commit fce7bd8e385a ("bpf/verifier: Handle BPF_LOAD_ACQ instructions in insn_def_regno()"). Because syzbot somehow confused the two bugs, the new crash and repro didn't get reported to the mailing list.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EP_MAX_NESTS+1 links. Currently, ep_loop_check_proc() ensures that the graph is loop-free and does some recursion depth checks, but those recursion depth checks don't limit the depth of the resulting tree for two reasons: - They don't look upwards in the tree. - If there are multiple downwards paths of different lengths, only one of the paths is actually considered for the depth check since commit 28d82dc1c4ed ("epoll: limit paths"). Essentially, the current recursion depth check in ep_loop_check_proc() just serves to prevent it from recursing too deeply while checking for loops. A more thorough check is done in reverse_path_check() after the new graph edge has already been created; this checks, among other things, that no paths going upwards from any non-epoll file with a length of more than 5 edges exist. However, this check does not apply to non-epoll files. As a result, it is possible to recurse to a depth of at least roughly 500, tested on v6.15. (I am unsure if deeper recursion is possible; and this may have changed with commit 8c44dac8add7 ("eventpoll: Fix priority inversion problem").) To fix it: 1. In ep_loop_check_proc(), note the subtree depth of each visited node, and use subtree depths for the total depth calculation even when a subtree has already been visited. 2. Add ep_get_upwards_depth_proc() for similarly determining the maximum depth of an upwards walk. 3. In ep_loop_check(), use these values to limit the total path length between epoll nodes to EP_MAX_NESTS edges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() Memory hot remove unmaps and tears down various kernel page table regions as required. The ptdump code can race with concurrent modifications of the kernel page tables. When leaf entries are modified concurrently, the dump code may log stale or inconsistent information for a VA range, but this is otherwise not harmful. But when intermediate levels of kernel page table are freed, the dump code will continue to use memory that has been freed and potentially reallocated for another purpose. In such cases, the ptdump code may dereference bogus addresses, leading to a number of potential problems. To avoid the above mentioned race condition, platforms such as arm64, riscv and s390 take memory hotplug lock, while dumping kernel page table via the sysfs interface /sys/kernel/debug/kernel_page_tables. Similar race condition exists while checking for pages that might have been marked W+X via /sys/kernel/debug/kernel_page_tables/check_wx_pages which in turn calls ptdump_check_wx(). Instead of solving this race condition again, let's just move the memory hotplug lock inside generic ptdump_check_wx() which will benefit both the scenarios. Drop get_online_mems() and put_online_mems() combination from all existing platform ptdump code paths.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's->nocb_cb_kthread does not exist, will be created, there is a situation where the rdp's rcuop kthreads creation fails, and then de-offload this CPU's rdp, does not assign this CPU's rdp->nocb_cb_kthread pointer, but this rdp's->nocb_gp_rdp and rdp's->rdp_gp->nocb_gp_kthread is still valid. This will cause the subsequent re-offload operation of this offline CPU, which will pass the conditional check and the kthread_unpark() will access invalid rdp's->nocb_cb_kthread pointer. This commit therefore use rdp's->nocb_gp_kthread instead of rdp_gp's->nocb_gp_kthread for safety check.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix refcount leak on table dump There is a reference count leak in ctnetlink_dump_table(): if (res < 0) { nf_conntrack_get(&ct->ct_general); // HERE cb->args[1] = (unsigned long)ct; ... While its very unlikely, its possible that ct == last. If this happens, then the refcount of ct was already incremented. This 2nd increment is never undone. This prevents the conntrack object from being released, which in turn keeps prevents cnet->count from dropping back to 0. This will then block the netns dismantle (or conntrack rmmod) as nf_conntrack_cleanup_net_list() will wait forever. This can be reproduced by running conntrack_resize.sh selftest in a loop. It takes ~20 minutes for me on a preemptible kernel on average before I see a runaway kworker spinning in nf_conntrack_cleanup_net_list. One fix would to change this to: if (res < 0) { if (ct != last) nf_conntrack_get(&ct->ct_general); But this reference counting isn't needed in the first place. We can just store a cookie value instead. A followup patch will do the same for ctnetlink_exp_dump_table, it looks to me as if this has the same problem and like ctnetlink_dump_table, we only need a 'skip hint', not the actual object so we can apply the same cookie strategy there as well.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: add phy_mask for ax88772 mdio bus Without setting phy_mask for ax88772 mdio bus, current driver may create at most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f. DLink DUB-E100 H/W Ver B1 is such a device. However, only one main phy device will bind to net phy driver. This is creating issue during system suspend/resume since phy_polling_mode() in phy_state_machine() will directly deference member of phydev->drv for non-main phy devices. Then NULL pointer dereference issue will occur. Due to only external phy or internal phy is necessary, add phy_mask for ax88772 mdio bus to workarnoud the issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rcvbuf) to check if the just increased rmem value fits into the socket's receive buffer. If not, it proceeds and tries to wait for the memory under: rmem + skb->truesize > READ_ONCE(sk->sk_rcvbuf) The checks don't cover the case when skb->truesize + sk->sk_rmem_alloc is equal to sk->sk_rcvbuf. Thus the function neither successfully accepts these conditions, nor manages to reschedule the task - and is called in retry loop for indefinite time which is caught as: rcu: INFO: rcu_sched self-detected stall on CPU rcu: 0-....: (25999 ticks this GP) idle=ef2/1/0x4000000000000000 softirq=262269/262269 fqs=6212 (t=26000 jiffies g=230833 q=259957) NMI backtrace for cpu 0 CPU: 0 PID: 22 Comm: kauditd Not tainted 5.10.240 #68 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc42 04/01/2014 Call Trace: <IRQ> dump_stack lib/dump_stack.c:120 nmi_cpu_backtrace.cold lib/nmi_backtrace.c:105 nmi_trigger_cpumask_backtrace lib/nmi_backtrace.c:62 rcu_dump_cpu_stacks kernel/rcu/tree_stall.h:335 rcu_sched_clock_irq.cold kernel/rcu/tree.c:2590 update_process_times kernel/time/timer.c:1953 tick_sched_handle kernel/time/tick-sched.c:227 tick_sched_timer kernel/time/tick-sched.c:1399 __hrtimer_run_queues kernel/time/hrtimer.c:1652 hrtimer_interrupt kernel/time/hrtimer.c:1717 __sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 asm_call_irq_on_stack arch/x86/entry/entry_64.S:808 </IRQ> netlink_attachskb net/netlink/af_netlink.c:1234 netlink_unicast net/netlink/af_netlink.c:1349 kauditd_send_queue kernel/audit.c:776 kauditd_thread kernel/audit.c:897 kthread kernel/kthread.c:328 ret_from_fork arch/x86/entry/entry_64.S:304 Restore the original behavior of the check which commit in Fixes accidentally missed when restructuring the code. Found by Linux Verification Center (linuxtesting.org).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_reject: don't leak dst refcount for loopback packets recent patches to add a WARN() when replacing skb dst entry found an old bug: WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline] WARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline] WARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234 [..] Call Trace: nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325 nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27 expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline] .. This is because blamed commit forgot about loopback packets. Such packets already have a dst_entry attached, even at PRE_ROUTING stage. Instead of checking hook just check if the skb already has a route attached to it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits (0-31). Without this mask, invalid PHY addresses could be used, potentially causing issues with MDIO bus operations. Fix this by masking the PHY address with 0x1f (31 decimal) to ensure it stays within the valid range.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been moved from common CPU initialization code to the vendor-specific BSP init helper, while Hygon didn't put that call in their code. This triggers a division by zero fault during early booting stage on our machines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries to calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale. Add the missing resctrl_cpu_detect() in the Hygon BSP init helper. [ bp: Massage commit message. ]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bh_read() helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.16.0-862.14.0.6.x86_64 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Call Trace: <IRQ> dump_stack_lvl+0x55/0x70 print_address_description.constprop.0+0x2c/0x390 print_report+0xb4/0x270 kasan_report+0xb8/0xf0 end_buffer_read_sync+0xe3/0x110 end_bio_bh_io_sync+0x56/0x80 blk_update_request+0x30a/0x720 scsi_end_request+0x51/0x2b0 scsi_io_completion+0xe3/0x480 ? scsi_device_unbusy+0x11e/0x160 blk_complete_reqs+0x7b/0x90 handle_softirqs+0xef/0x370 irq_exit_rcu+0xa5/0xd0 sysvec_apic_timer_interrupt+0x6e/0x90 </IRQ> Above issue happens when do ntfs3 filesystem mount, issue may happens as follows: mount IRQ ntfs_fill_super read_cache_page do_read_cache_folio filemap_read_folio mpage_read_folio do_mpage_readpage ntfs_get_block_vbo bh_read submit_bh wait_on_buffer(bh); blk_complete_reqs scsi_io_completion scsi_end_request blk_update_request end_bio_bh_io_sync end_buffer_read_sync __end_buffer_read_notouch unlock_buffer wait_on_buffer(bh);--> return will return to caller put_bh --> trigger stack-out-of-bounds In the mpage_read_folio() function, the stack variable 'map_bh' is passed to ntfs_get_block_vbo(). Once unlock_buffer() unlocks and wait_on_buffer() returns to continue processing, the stack variable is likely to be reclaimed. Consequently, during the end_buffer_read_sync() process, calling put_bh() may result in stack overrun. If the bh is not allocated on the stack, it belongs to a folio. Freeing a buffer head which belongs to a folio is done by drop_buffers() which will fail to free buffers which are still locked. So it is safe to call put_bh() before __end_buffer_read_notouch().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat_4xxx, in a tight loop can lead to a crash due to a use-after-free scenario. This occurs when a power management (PM) interrupt triggers just before the device-specific driver (e.g., qat_4xxx.ko) is unloaded, while the core driver (intel_qat.ko) remains loaded. Since the driver uses a shared workqueue (`qat_misc_wq`) across all devices and owned by intel_qat.ko, a deferred routine from the device-specific driver may still be pending in the queue. If this routine executes after the driver is unloaded, it can dereference freed memory, resulting in a page fault and kernel crash like the following: BUG: unable to handle page fault for address: ffa000002e50a01c #PF: supervisor read access in kernel mode RIP: 0010:pm_bh_handler+0x1d2/0x250 [intel_qat] Call Trace: pm_bh_handler+0x1d2/0x250 [intel_qat] process_one_work+0x171/0x340 worker_thread+0x277/0x3a0 kthread+0xf0/0x120 ret_from_fork+0x2d/0x50 To prevent this, flush the misc workqueue during device shutdown to ensure that all pending work items are completed before the driver is unloaded. Note: This approach may slightly increase shutdown latency if the workqueue contains jobs from other devices, but it ensures correctness and stability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Forget ranges when refining tnum after JSET Syzbot reported a kernel warning due to a range invariant violation on the following BPF program. 0: call bpf_get_netns_cookie 1: if r0 == 0 goto <exit> 2: if r0 & Oxffffffff goto <exit> The issue is on the path where we fall through both jumps. That path is unreachable at runtime: after insn 1, we know r0 != 0, but with the sign extension on the jset, we would only fallthrough insn 2 if r0 == 0. Unfortunately, is_branch_taken() isn't currently able to figure this out, so the verifier walks all branches. The verifier then refines the register bounds using the second condition and we end up with inconsistent bounds on this unreachable path: 1: if r0 == 0 goto <exit> r0: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0xffffffffffffffff) 2: if r0 & 0xffffffff goto <exit> r0 before reg_bounds_sync: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0) r0 after reg_bounds_sync: u64=[0x1, 0] var_off=(0, 0) Improving the range refinement for JSET to cover all cases is tricky. We also don't expect many users to rely on JSET given LLVM doesn't generate those instructions. So instead of improving the range refinement for JSETs, Eduard suggested we forget the ranges whenever we're narrowing tnums after a JSET. This patch implements that approach.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INT_MAX When sysctl_nr_open is set to a very high value (for example, 1073741816 as set by systemd), processes attempting to use file descriptors near the limit can trigger massive memory allocation attempts that exceed INT_MAX, resulting in a WARNING in mm/slub.c: WARNING: CPU: 0 PID: 44 at mm/slub.c:5027 __kvmalloc_node_noprof+0x21a/0x288 This happens because kvmalloc_array() and kvmalloc() check if the requested size exceeds INT_MAX and emit a warning when the allocation is not flagged with __GFP_NOWARN. Specifically, when nr_open is set to 1073741816 (0x3ffffff8) and a process calls dup2(oldfd, 1073741880), the kernel attempts to allocate: - File descriptor array: 1073741880 * 8 bytes = 8,589,935,040 bytes - Multiple bitmaps: ~400MB - Total allocation size: > 8GB (exceeding INT_MAX = 2,147,483,647) Reproducer: 1. Set /proc/sys/fs/nr_open to 1073741816: # echo 1073741816 > /proc/sys/fs/nr_open 2. Run a program that uses a high file descriptor: #include <unistd.h> #include <sys/resource.h> int main() { struct rlimit rlim = {1073741824, 1073741824}; setrlimit(RLIMIT_NOFILE, &rlim); dup2(2, 1073741880); // Triggers the warning return 0; } 3. Observe WARNING in dmesg at mm/slub.c:5027 systemd commit a8b627a introduced automatic bumping of fs.nr_open to the maximum possible value. The rationale was that systems with memory control groups (memcg) no longer need separate file descriptor limits since memory is properly accounted. However, this change overlooked that: 1. The kernel's allocation functions still enforce INT_MAX as a maximum size regardless of memcg accounting 2. Programs and tests that legitimately test file descriptor limits can inadvertently trigger massive allocations 3. The resulting allocations (>8GB) are impractical and will always fail systemd's algorithm starts with INT_MAX and keeps halving the value until the kernel accepts it. On most systems, this results in nr_open being set to 1073741816 (0x3ffffff8), which is just under 1GB of file descriptors. While processes rarely use file descriptors near this limit in normal operation, certain selftests (like tools/testing/selftests/core/unshare_test.c) and programs that test file descriptor limits can trigger this issue. Fix this by adding a check in alloc_fdtable() to ensure the requested allocation size does not exceed INT_MAX. This causes the operation to fail with -EMFILE instead of triggering a kernel warning and avoids the impractical >8GB memory allocation request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump resumption. AFAICS this has the same issue as the one resolved in the conntrack dumper, when we do if (!refcount_inc_not_zero(&exp->use)) to increment the refcount, there is a chance that exp == last, which causes a double-increment of the refcount and subsequent memory leak.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM When performing Generic Segmentation Offload (GSO) on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the egress device only advertises NETIF_F_IPV6_CSUM feature, which has a strict contract: it supports checksum offload only for plain TCP or UDP over IPv6 and explicitly does not support packets with extension headers. The current GSO logic violates this contract by failing to disable the feature for packets with extension headers, such as those used in GREoIPv6 tunnels. This violation results in the device being asked to perform an operation it cannot support, leading to a `skb_warn_bad_offload` warning and a collapse of network throughput. While device TSO/USO is correctly bypassed in favor of software GSO for these packets, the GSO stack must be explicitly told not to request checksum offload. Mask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4 in gso_features_check if the IPv6 header contains extension headers to compute checksum in software. The exception is a BIG TCP extension, which, as stated in commit 68e068cabd2c6c53 ("net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets"): "The feature is only enabled on devices that support BIG TCP TSO. The header is only present for PF_PACKET taps like tcpdump, and not transmitted by physical devices." kernel log output (truncated): WARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140 ... Call Trace: <TASK> skb_checksum_help+0x12a/0x1f0 validate_xmit_skb+0x1a3/0x2d0 validate_xmit_skb_list+0x4f/0x80 sch_direct_xmit+0x1a2/0x380 __dev_xmit_skb+0x242/0x670 __dev_queue_xmit+0x3fc/0x7f0 ip6_finish_output2+0x25e/0x5d0 ip6_finish_output+0x1fc/0x3f0 ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel] ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre] dev_hard_start_xmit+0x63/0x1c0 __dev_queue_xmit+0x6d0/0x7f0 ip6_finish_output2+0x214/0x5d0 ip6_finish_output+0x1fc/0x3f0 ip6_xmit+0x2ca/0x6f0 ip6_finish_output+0x1fc/0x3f0 ip6_xmit+0x2ca/0x6f0 inet6_csk_xmit+0xeb/0x150 __tcp_transmit_skb+0x555/0xa80 tcp_write_xmit+0x32a/0xe90 tcp_sendmsg_locked+0x437/0x1110 tcp_sendmsg+0x2f/0x50 ... skb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e skb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00 skb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00 skb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00 skb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00 skb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00 skb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9 skb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01 skb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in br_multicast_query_expired() When set multicast_query_interval to a large value, the local variable 'time' in br_multicast_send_query() may overflow. If the time is smaller than jiffies, the timer will expire immediately, and then call mod_timer() again, which creates a loop and may trigger the following soft lockup issue. watchdog: BUG: soft lockup - CPU#1 stuck for 221s! [rb_consumer:66] CPU: 1 UID: 0 PID: 66 Comm: rb_consumer Not tainted 6.16.0+ #259 PREEMPT(none) Call Trace: <IRQ> __netdev_alloc_skb+0x2e/0x3a0 br_ip6_multicast_alloc_query+0x212/0x1b70 __br_multicast_send_query+0x376/0xac0 br_multicast_send_query+0x299/0x510 br_multicast_query_expired.constprop.0+0x16d/0x1b0 call_timer_fn+0x3b/0x2a0 __run_timers+0x619/0x950 run_timer_softirq+0x11c/0x220 handle_softirqs+0x18e/0x560 __irq_exit_rcu+0x158/0x1a0 sysvec_apic_timer_interrupt+0x76/0x90 </IRQ> This issue can be reproduced with: ip link add br0 type bridge echo 1 > /sys/class/net/br0/bridge/multicast_querier echo 0xffffffffffffffff > /sys/class/net/br0/bridge/multicast_query_interval ip link set dev br0 up The multicast_startup_query_interval can also cause this issue. Similar to the commit 99b40610956a ("net: bridge: mcast: add and enforce query interval minimum"), add check for the query interval maximum to fix this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: jbd2: prevent softlockup in jbd2_log_do_checkpoint() Both jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list() periodically release j_list_lock after processing a batch of buffers to avoid long hold times on the j_list_lock. However, since both functions contend for j_list_lock, the combined time spent waiting and processing can be significant. jbd2_journal_shrink_checkpoint_list() explicitly calls cond_resched() when need_resched() is true to avoid softlockups during prolonged operations. But jbd2_log_do_checkpoint() only exits its loop when need_resched() is true, relying on potentially sleeping functions like __flush_batch() or wait_on_buffer() to trigger rescheduling. If those functions do not sleep, the kernel may hit a softlockup. watchdog: BUG: soft lockup - CPU#3 stuck for 156s! [kworker/u129:2:373] CPU: 3 PID: 373 Comm: kworker/u129:2 Kdump: loaded Not tainted 6.6.0+ #10 Hardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.27 06/13/2017 Workqueue: writeback wb_workfn (flush-7:2) pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : native_queued_spin_lock_slowpath+0x358/0x418 lr : jbd2_log_do_checkpoint+0x31c/0x438 [jbd2] Call trace: native_queued_spin_lock_slowpath+0x358/0x418 jbd2_log_do_checkpoint+0x31c/0x438 [jbd2] __jbd2_log_wait_for_space+0xfc/0x2f8 [jbd2] add_transaction_credits+0x3bc/0x418 [jbd2] start_this_handle+0xf8/0x560 [jbd2] jbd2__journal_start+0x118/0x228 [jbd2] __ext4_journal_start_sb+0x110/0x188 [ext4] ext4_do_writepages+0x3dc/0x740 [ext4] ext4_writepages+0xa4/0x190 [ext4] do_writepages+0x94/0x228 __writeback_single_inode+0x48/0x318 writeback_sb_inodes+0x204/0x590 __writeback_inodes_wb+0x54/0xf8 wb_writeback+0x2cc/0x3d8 wb_do_writeback+0x2e0/0x2f8 wb_workfn+0x80/0x2a8 process_one_work+0x178/0x3e8 worker_thread+0x234/0x3b8 kthread+0xf0/0x108 ret_from_fork+0x10/0x20 So explicitly call cond_resched() in jbd2_log_do_checkpoint() to avoid softlockup.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value. However, by finding the chunk_sectors value in bytes, we may overflow the unsigned int which holds chunk_sectors, so change the check to be based on sectors.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: rose: convert 'use' field to refcount_t The 'use' field in struct rose_neigh is used as a reference counter but lacks atomicity. This can lead to race conditions where a rose_neigh structure is freed while still being referenced by other code paths. For example, when rose_neigh->use becomes zero during an ioctl operation via rose_rt_ioctl(), the structure may be removed while its timer is still active, potentially causing use-after-free issues. This patch changes the type of 'use' from unsigned short to refcount_t and updates all code paths to use rose_neigh_hold() and rose_neigh_put() which operate reference counts atomically.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: rose: include node references in rose_neigh refcount Current implementation maintains two separate reference counting mechanisms: the 'count' field in struct rose_neigh tracks references from rose_node structures, while the 'use' field (now refcount_t) tracks references from rose_sock. This patch merges these two reference counting systems using 'use' field for proper reference management. Specifically, this patch adds incrementing and decrementing of rose_neigh->use when rose_neigh->count is incremented or decremented. This patch also modifies rose_rt_free(), rose_rt_device_down() and rose_clear_route() to properly release references to rose_neigh objects before freeing a rose_node through rose_remove_node(). These changes ensure rose_neigh structures are properly freed only when all references, including those from rose_node structures, are released. As a result, this resolves a slab-use-after-free issue reported by Syzbot.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() Define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure page tables are properly synchronized when calling p*d_populate_kernel(). For 5-level paging, synchronization is performed via pgd_populate_kernel(). In 4-level paging, pgd_populate() is a no-op, so synchronization is instead performed at the P4D level via p4d_populate_kernel(). This fixes intermittent boot failures on systems using 4-level paging and a large amount of persistent memory: BUG: unable to handle page fault for address: ffffe70000000034 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 0 P4D 0 Oops: 0002 [#1] SMP NOPTI RIP: 0010:__init_single_page+0x9/0x6d Call Trace: <TASK> __init_zone_device_page+0x17/0x5d memmap_init_zone_device+0x154/0x1bb pagemap_range+0x2e0/0x40f memremap_pages+0x10b/0x2f0 devm_memremap_pages+0x1e/0x60 dev_dax_probe+0xce/0x2ec [device_dax] dax_bus_probe+0x6d/0xc9 [... snip ...] </TASK> It also fixes a crash in vmemmap_set_pmd() caused by accessing vmemmap before sync_global_pgds() [1]: BUG: unable to handle page fault for address: ffffeb3ff1200000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 0 P4D 0 Oops: Oops: 0002 [#1] PREEMPT SMP NOPTI Tainted: [W]=WARN RIP: 0010:vmemmap_set_pmd+0xff/0x230 <TASK> vmemmap_populate_hugepages+0x176/0x180 vmemmap_populate+0x34/0x80 __populate_section_memmap+0x41/0x90 sparse_add_section+0x121/0x3e0 __add_pages+0xba/0x150 add_pages+0x1d/0x70 memremap_pages+0x3dc/0x810 devm_memremap_pages+0x1c/0x60 xe_devm_add+0x8b/0x100 [xe] xe_tile_init_noalloc+0x6a/0x70 [xe] xe_device_probe+0x48c/0x740 [xe] [... snip ...]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in __mark_inode_dirty() An use-after-free issue occurred when __mark_inode_dirty() get the bdi_writeback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1 ...... pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __mark_inode_dirty+0x124/0x418 lr : __mark_inode_dirty+0x118/0x418 sp : ffffffc08c9dbbc0 ........ Call trace: __mark_inode_dirty+0x124/0x418 generic_update_time+0x4c/0x60 file_modified+0xcc/0xd0 ext4_buffered_write_iter+0x58/0x124 ext4_file_write_iter+0x54/0x704 vfs_write+0x1c0/0x308 ksys_write+0x74/0x10c __arm64_sys_write+0x1c/0x28 invoke_syscall+0x48/0x114 el0_svc_common.constprop.0+0xc0/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x40/0xe4 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x194/0x198 Root cause is: systemd-random-seed kworker ---------------------------------------------------------------------- ___mark_inode_dirty inode_switch_wbs_work_fn spin_lock(&inode->i_lock); inode_attach_wb locked_inode_to_wb_and_lock_list get inode->i_wb spin_unlock(&inode->i_lock); spin_lock(&wb->list_lock) spin_lock(&inode->i_lock) inode_io_list_move_locked spin_unlock(&wb->list_lock) spin_unlock(&inode->i_lock) spin_lock(&old_wb->list_lock) inode_do_switch_wbs spin_lock(&inode->i_lock) inode->i_wb = new_wb spin_unlock(&inode->i_lock) spin_unlock(&old_wb->list_lock) wb_put_many(old_wb, nr_switched) cgwb_release old wb released wb_wakeup_delayed() accesses wb, then trigger the use-after-free issue Fix this race condition by holding inode spinlock until wb_wakeup_delayed() finished.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove improper idxd_free The call to idxd_free() introduces a duplicate put_device() leading to a reference count underflow: refcount_t: underflow; use-after-free. WARNING: CPU: 15 PID: 4428 at lib/refcount.c:28 refcount_warn_saturate+0xbe/0x110 ... Call Trace: <TASK> idxd_remove+0xe4/0x120 [idxd] pci_device_remove+0x3f/0xb0 device_release_driver_internal+0x197/0x200 driver_detach+0x48/0x90 bus_remove_driver+0x74/0xf0 pci_unregister_driver+0x2e/0xb0 idxd_exit_module+0x34/0x7a0 [idxd] __do_sys_delete_module.constprop.0+0x183/0x280 do_syscall_64+0x54/0xd70 entry_SYSCALL_64_after_hwframe+0x76/0x7e The idxd_unregister_devices() which is invoked at the very beginning of idxd_remove(), already takes care of the necessary put_device() through the following call path: idxd_unregister_devices() -> device_unregister() -> put_device() In addition, when CONFIG_DEBUG_KOBJECT_RELEASE is enabled, put_device() may trigger asynchronous cleanup via schedule_delayed_work(). If idxd_free() is called immediately after, it can result in a use-after-free. Remove the improper idxd_free() to avoid both the refcount underflow and potential memory corruption during module unload.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Set merge to zero early in af_alg_sendmsg If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into af_alg_sendmsg when it attempts to do a merge that can't be done. Fix this by setting ctx->merge to zero near the start of the loop.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: cgroup: split cgroup_destroy_wq into 3 workqueues A hung task can occur during [1] LTP cgroup testing when repeatedly mounting/unmounting perf_event and net_prio controllers with systemd.unified_cgroup_hierarchy=1. The hang manifests in cgroup_lock_and_drain_offline() during root destruction. Related case: cgroup_fj_function_perf_event cgroup_fj_function.sh perf_event cgroup_fj_function_net_prio cgroup_fj_function.sh net_prio Call Trace: cgroup_lock_and_drain_offline+0x14c/0x1e8 cgroup_destroy_root+0x3c/0x2c0 css_free_rwork_fn+0x248/0x338 process_one_work+0x16c/0x3b8 worker_thread+0x22c/0x3b0 kthread+0xec/0x100 ret_from_fork+0x10/0x20 Root Cause: CPU0 CPU1 mount perf_event umount net_prio cgroup1_get_tree cgroup_kill_sb rebind_subsystems // root destruction enqueues // cgroup_destroy_wq // kill all perf_event css // one perf_event css A is dying // css A offline enqueues cgroup_destroy_wq // root destruction will be executed first css_free_rwork_fn cgroup_destroy_root cgroup_lock_and_drain_offline // some perf descendants are dying // cgroup_destroy_wq max_active = 1 // waiting for css A to die Problem scenario: 1. CPU0 mounts perf_event (rebind_subsystems) 2. CPU1 unmounts net_prio (cgroup_kill_sb), queuing root destruction work 3. A dying perf_event CSS gets queued for offline after root destruction 4. Root destruction waits for offline completion, but offline work is blocked behind root destruction in cgroup_destroy_wq (max_active=1) Solution: Split cgroup_destroy_wq into three dedicated workqueues: cgroup_offline_wq – Handles CSS offline operations cgroup_release_wq – Manages resource release cgroup_free_wq – Performs final memory deallocation This separation eliminates blocking in the CSS free path while waiting for offline operations to complete. [1] https://github.com/linux-test-project/ltp/blob/master/runtest/controllers
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the server-side TCP Fast Open socket as a new client before the TFO socket completes 3WHS: 1. accept() 2. connect(AF_UNSPEC) 3. connect() to another destination As of accept(), sk->sk_state is TCP_SYN_RECV, and tcp_disconnect() changes it to TCP_CLOSE and makes connect() possible, which restarts timers. Since tcp_disconnect() forgot to clear tcp_sk(sk)->fastopen_rsk, the retransmit timer triggered the warning and the intended packet was not retransmitted. Let's call reqsk_fastopen_remove() in tcp_disconnect(). [0]: WARNING: CPU: 2 PID: 0 at net/ipv4/tcp_timer.c:542 tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7)) Modules linked in: CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.17.0-rc5-g201825fb4278 #62 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7)) Code: 41 55 41 54 55 53 48 8b af b8 08 00 00 48 89 fb 48 85 ed 0f 84 55 01 00 00 0f b6 47 12 3c 03 74 0c 0f b6 47 12 3c 04 74 04 90 <0f> 0b 90 48 8b 85 c0 00 00 00 48 89 ef 48 8b 40 30 e8 6a 4f 06 3e RSP: 0018:ffffc900002f8d40 EFLAGS: 00010293 RAX: 0000000000000002 RBX: ffff888106911400 RCX: 0000000000000017 RDX: 0000000002517619 RSI: ffffffff83764080 RDI: ffff888106911400 RBP: ffff888106d5c000 R08: 0000000000000001 R09: ffffc900002f8de8 R10: 00000000000000c2 R11: ffffc900002f8ff8 R12: ffff888106911540 R13: ffff888106911480 R14: ffff888106911840 R15: ffffc900002f8de0 FS: 0000000000000000(0000) GS:ffff88907b768000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8044d69d90 CR3: 0000000002c30003 CR4: 0000000000370ef0 Call Trace: <IRQ> tcp_write_timer (net/ipv4/tcp_timer.c:738) call_timer_fn (kernel/time/timer.c:1747) __run_timers (kernel/time/timer.c:1799 kernel/time/timer.c:2372) timer_expire_remote (kernel/time/timer.c:2385 kernel/time/timer.c:2376 kernel/time/timer.c:2135) tmigr_handle_remote_up (kernel/time/timer_migration.c:944 kernel/time/timer_migration.c:1035) __walk_groups.isra.0 (kernel/time/timer_migration.c:533 (discriminator 1)) tmigr_handle_remote (kernel/time/timer_migration.c:1096) handle_softirqs (./arch/x86/include/asm/jump_label.h:36 ./include/trace/events/irq.h:142 kernel/softirq.c:580) irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680 kernel/softirq.c:696) sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 (discriminator 35) arch/x86/kernel/apic/apic.c:1050 (discriminator 35)) </IRQ>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg Issuing two writes to the same af_alg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencies in the internal socket state. Disallow this by adding a new ctx->write field that indiciates exclusive ownership for writing.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule() futex_requeue() futex_proxy_trylock_atomic() futex_requeue_pi_prepare() requeue_pi_wake_futex() futex_requeue_pi_complete() /* preempt */ * timeout/ signal wakes T1 * futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED futex_hash_put() // back to userland, on stack futex_q is garbage /* back */ wake_up_state(q->task, TASK_NORMAL); In this scenario futex_wait_requeue_pi() is able to leave without using futex_q::lock_ptr for synchronization. This can be prevented by reading futex_q::task before updating the futex_q::requeue_state. A reference on the task_struct is not needed because requeue_pi_wake_futex() is invoked with a spinlock_t held which implies a RCU read section. Even if T1 terminates immediately after, the task_struct will remain valid during T2's wake_up_state(). A READ_ONCE on futex_q::task before futex_requeue_pi_complete() is enough because it ensures that the variable is read before the state is updated. Read futex_q::task before updating the requeue state, use it for the following wakeup.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() This code calls kfree_rcu(new_node, rcu) and then dereferences "new_node" and then dereferences it on the next line. Two lines later, we take a mutex so I don't think this is an RCU safe region. Re-order it to do the dereferences before queuing up the free.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nexthop: Forbid FDB status change while nexthop is in a group The kernel forbids the creation of non-FDB nexthop groups with FDB nexthops: # ip nexthop add id 1 via 192.0.2.1 fdb # ip nexthop add id 2 group 1 Error: Non FDB nexthop group cannot have fdb nexthops. And vice versa: # ip nexthop add id 3 via 192.0.2.2 dev dummy1 # ip nexthop add id 4 group 3 fdb Error: FDB nexthop group can only have fdb nexthops. However, as long as no routes are pointing to a non-FDB nexthop group, the kernel allows changing the type of a nexthop from FDB to non-FDB and vice versa: # ip nexthop add id 5 via 192.0.2.2 dev dummy1 # ip nexthop add id 6 group 5 # ip nexthop replace id 5 via 192.0.2.2 fdb # echo $? 0 This configuration is invalid and can result in a NPD [1] since FDB nexthops are not associated with a nexthop device: # ip route add 198.51.100.1/32 nhid 6 # ping 198.51.100.1 Fix by preventing nexthop FDB status change while the nexthop is in a group: # ip nexthop add id 7 via 192.0.2.2 dev dummy1 # ip nexthop add id 8 group 7 # ip nexthop replace id 7 via 192.0.2.2 fdb Error: Cannot change nexthop FDB status while in a group. [1] BUG: kernel NULL pointer dereference, address: 00000000000003c0 [...] Oops: Oops: 0000 [#1] SMP CPU: 6 UID: 0 PID: 367 Comm: ping Not tainted 6.17.0-rc6-virtme-gb65678cacc03 #1 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc41 04/01/2014 RIP: 0010:fib_lookup_good_nhc+0x1e/0x80 [...] Call Trace: <TASK> fib_table_lookup+0x541/0x650 ip_route_output_key_hash_rcu+0x2ea/0x970 ip_route_output_key_hash+0x55/0x80 __ip4_datagram_connect+0x250/0x330 udp_connect+0x2b/0x60 __sys_connect+0x9c/0xd0 __x64_sys_connect+0x18/0x20 do_syscall_64+0xa4/0x2a0 entry_SYSCALL_64_after_hwframe+0x4b/0x53
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Commit 1b34cbbf4f01 ("crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg") changed some fields from bool to 1-bit bitfields of type u32. However, some assignments to these fields, specifically 'more' and 'merge', assign values greater than 1. These relied on C's implicit conversion to bool, such that zero becomes false and nonzero becomes true. With a 1-bit bitfields of type u32 instead, mod 2 of the value is taken instead, resulting in 0 being assigned in some cases when 1 was intended. Fix this by restoring the bool type.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: pps: fix warning in pps_register_cdev when register device fail Similar to previous commit 2a934fdb01db ("media: v4l2-dev: fix error handling in __video_register_device()"), the release hook should be set before device_register(). Otherwise, when device_register() return error and put_device() try to callback the release function, the below warning may happen. ------------[ cut here ]------------ WARNING: CPU: 1 PID: 4760 at drivers/base/core.c:2567 device_release+0x1bd/0x240 drivers/base/core.c:2567 Modules linked in: CPU: 1 UID: 0 PID: 4760 Comm: syz.4.914 Not tainted 6.17.0-rc3+ #1 NONE RIP: 0010:device_release+0x1bd/0x240 drivers/base/core.c:2567 Call Trace: <TASK> kobject_cleanup+0x136/0x410 lib/kobject.c:689 kobject_release lib/kobject.c:720 [inline] kref_put include/linux/kref.h:65 [inline] kobject_put+0xe9/0x130 lib/kobject.c:737 put_device+0x24/0x30 drivers/base/core.c:3797 pps_register_cdev+0x2da/0x370 drivers/pps/pps.c:402 pps_register_source+0x2f6/0x480 drivers/pps/kapi.c:108 pps_tty_open+0x190/0x310 drivers/pps/clients/pps-ldisc.c:57 tty_ldisc_open+0xa7/0x120 drivers/tty/tty_ldisc.c:432 tty_set_ldisc+0x333/0x780 drivers/tty/tty_ldisc.c:563 tiocsetd drivers/tty/tty_io.c:2429 [inline] tty_ioctl+0x5d1/0x1700 drivers/tty/tty_io.c:2728 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:598 [inline] __se_sys_ioctl fs/ioctl.c:584 [inline] __x64_sys_ioctl+0x194/0x210 fs/ioctl.c:584 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x5f/0x2a0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x76/0x7e </TASK> Before commit c79a39dc8d06 ("pps: Fix a use-after-free"), pps_register_cdev() call device_create() to create pps->dev, which will init dev->release to device_create_release(). Now the comment is outdated, just remove it. Thanks for the reminder from Calvin Owens, 'kfree_pps' should be removed in pps_register_source() to avoid a double free in the failure case.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpf_sock_addr Syzkaller found a kernel warning on the following sock_addr program: 0: r0 = 0 1: r2 = *(u32 *)(r1 +60) 2: exit which triggers: verifier bug: error during ctx access conversion (0) This is happening because offset 60 in bpf_sock_addr corresponds to an implicit padding of 4 bytes, right after msg_src_ip4. Access to this padding isn't rejected in sock_addr_is_valid_access and it thus later fails to convert the access. This patch fixes it by explicitly checking the various fields of bpf_sock_addr in sock_addr_is_valid_access. I checked the other ctx structures and is_valid_access functions and didn't find any other similar cases. Other cases of (properly handled) padding are covered in new tests in a subsequent patch.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method. Explicitely accept TCP and UNIX stream sockets.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount When user calls open_by_handle_at() on some inode that is not cached, we will create disconnected dentry for it. If such dentry is a directory, exportfs_decode_fh_raw() will then try to connect this dentry to the dentry tree through reconnect_path(). It may happen for various reasons (such as corrupted fs or race with rename) that the call to lookup_one_unlocked() in reconnect_one() will fail to find the dentry we are trying to reconnect and instead create a new dentry under the parent. Now this dentry will not be marked as disconnected although the parent still may well be disconnected (at least in case this inconsistency happened because the fs is corrupted and .. doesn't point to the real parent directory). This creates inconsistency in disconnected flags but AFAICS it was mostly harmless. At least until commit f1ee616214cb ("VFS: don't keep disconnected dentries on d_anon") which removed adding of most disconnected dentries to sb->s_anon list. Thus after this commit cleanup of disconnected dentries implicitely relies on the fact that dput() will immediately reclaim such dentries. However when some leaf dentry isn't marked as disconnected, as in the scenario described above, the reclaim doesn't happen and the dentries are "leaked". Memory reclaim can eventually reclaim them but otherwise they stay in memory and if umount comes first, we hit infamous "Busy inodes after unmount" bug. Make sure all dentries created under a disconnected parent are marked as disconnected as well.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). get_netdev_for_sock() is called during setsockopt(), so not under RCU. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the only ->ndo_sk_get_lower_dev() user is bond_sk_get_lower_dev(), which uses RCU.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd ("PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV") tried to fix a race between the VF removal inside sriov_del_vfs() and concurrent hot unplug by taking the PCI rescan/remove lock in sriov_del_vfs(). Similarly the PCI rescan/remove lock was also taken in sriov_add_vfs() to protect addition of VFs. This approach however causes deadlock on trying to remove PFs with SR-IOV enabled because PFs disable SR-IOV during removal and this removal happens under the PCI rescan/remove lock. So the original fix had to be reverted. Instead of taking the PCI rescan/remove lock in sriov_add_vfs() and sriov_del_vfs(), fix the race that occurs with SR-IOV enable and disable vs hotplug higher up in the callchain by taking the lock in sriov_numvfs_store() before calling into the driver's sriov_configure() callback.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits for pending I/O to complete before returning, and an error can cause ->ioerr_work to be queued after cancel_work_sync() had been called. Move the call to cancel_work_sync() to be after nvme_fc_delete_association() to ensure ->ioerr_work is not running when the nvme_fc_ctrl object is freed. Otherwise the following can occur: [ 1135.911754] list_del corruption, ff2d24c8093f31f8->next is NULL [ 1135.917705] ------------[ cut here ]------------ [ 1135.922336] kernel BUG at lib/list_debug.c:52! [ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary) [ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025 [ 1135.950969] Workqueue: 0x0 (nvme-wq) [ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f [ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff <0f> 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b [ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046 [ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000 [ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0 [ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08 [ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100 [ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0 [ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000 [ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0 [ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 [ 1136.055910] PKRU: 55555554 [ 1136.058623] Call Trace: [ 1136.061074] <TASK> [ 1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0 [ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0 [ 1136.071898] ? move_linked_works+0x4a/0xa0 [ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.081744] ? __die_body.cold+0x8/0x12 [ 1136.085584] ? die+0x2e/0x50 [ 1136.088469] ? do_trap+0xca/0x110 [ 1136.091789] ? do_error_trap+0x65/0x80 [ 1136.095543] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.101289] ? exc_invalid_op+0x50/0x70 [ 1136.105127] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20 [ 1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.120806] move_linked_works+0x4a/0xa0 [ 1136.124733] worker_thread+0x216/0x3a0 [ 1136.128485] ? __pfx_worker_thread+0x10/0x10 [ 1136.132758] kthread+0xfa/0x240 [ 1136.135904] ? __pfx_kthread+0x10/0x10 [ 1136.139657] ret_from_fork+0x31/0x50 [ 1136.143236] ? __pfx_kthread+0x10/0x10 [ 1136.146988] ret_from_fork_asm+0x1a/0x30 [ 1136.150915] </TASK>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors after a VMexit. Since it is the userspace that consumes the poisoned branch predictors, conditionally issue an IBPB after a VMexit and before returning to userspace. Workloads that frequently switch between hypervisor and userspace will incur the most overhead from the new IBPB. This new IBPB is not integrated with the existing IBPB sites. For instance, a task can use the existing speculation control prctl() to get an IBPB at context switch time. With this implementation, the IBPB is doubled up: one at context switch and another before running userspace. The intent is to integrate and optimize these cases post-embargo. [ dhansen: elaborate on suboptimal IBPB solution ]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
CWE-159 - Improper Handling of Invalid Use of Special Elements| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
CWE-158 - Improper Neutralization of Null Byte or NUL Character| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload (IP, port) on the ftp control connection. This can require changes to the TCP length and expected seq / ack_seq. The easiest way to reproduce this issue is with PASV mode. Example ruleset: table inet ftp_nat { ct helper ftp_helper { type "ftp" protocol tcp l3proto inet } chain prerouting { type filter hook prerouting priority 0; policy accept; tcp dport 21 ct state new ct helper set "ftp_helper" } } table ip nat { chain prerouting { type nat hook prerouting priority -100; policy accept; tcp dport 21 dnat ip prefix to ip daddr map { 192.168.100.1 : 192.168.13.2/32 } } chain postrouting { type nat hook postrouting priority 100 ; policy accept; tcp sport 21 snat ip prefix to ip saddr map { 192.168.13.2 : 192.168.100.1/32 } } } Note that the ftp helper gets assigned *after* the dnat setup. The inverse (nat after helper assign) is handled by an existing check in nf_nat_setup_info() and will not show the problem. Topoloy: +-------------------+ +----------------------------------+ | FTP: 192.168.13.2 | <-> | NAT: 192.168.13.3, 192.168.100.1 | +-------------------+ +----------------------------------+ | +-----------------------+ | Client: 192.168.100.2 | +-----------------------+ ftp nat changes do not work as expected in this case: Connected to 192.168.100.1. [..] ftp> epsv EPSV/EPRT on IPv4 off. ftp> ls 227 Entering passive mode (192,168,100,1,209,129). 421 Service not available, remote server has closed connection. Kernel logs: Missing nfct_seqadj_ext_add() setup call WARNING: CPU: 1 PID: 0 at net/netfilter/nf_conntrack_seqadj.c:41 [..] __nf_nat_mangle_tcp_packet+0x100/0x160 [nf_nat] nf_nat_ftp+0x142/0x280 [nf_nat_ftp] help+0x4d1/0x880 [nf_conntrack_ftp] nf_confirm+0x122/0x2e0 [nf_conntrack] nf_hook_slow+0x3c/0xb0 .. Fix this by adding the required extension when a conntrack helper is assigned to a connection that has a nat binding.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() Fix a race between inline data destruction and block mapping. The function ext4_destroy_inline_data_nolock() changes the inode data layout by clearing EXT4_INODE_INLINE_DATA and setting EXT4_INODE_EXTENTS. At the same time, another thread may execute ext4_map_blocks(), which tests EXT4_INODE_EXTENTS to decide whether to call ext4_ext_map_blocks() or ext4_ind_map_blocks(). Without i_data_sem protection, ext4_ind_map_blocks() may receive inode with EXT4_INODE_EXTENTS flag and triggering assert. kernel BUG at fs/ext4/indirect.c:546! EXT4-fs (loop2): unmounting filesystem. invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:ext4_ind_map_blocks.cold+0x2b/0x5a fs/ext4/indirect.c:546 Call Trace: <TASK> ext4_map_blocks+0xb9b/0x16f0 fs/ext4/inode.c:681 _ext4_get_block+0x242/0x590 fs/ext4/inode.c:822 ext4_block_write_begin+0x48b/0x12c0 fs/ext4/inode.c:1124 ext4_write_begin+0x598/0xef0 fs/ext4/inode.c:1255 ext4_da_write_begin+0x21e/0x9c0 fs/ext4/inode.c:3000 generic_perform_write+0x259/0x5d0 mm/filemap.c:3846 ext4_buffered_write_iter+0x15b/0x470 fs/ext4/file.c:285 ext4_file_write_iter+0x8e0/0x17f0 fs/ext4/file.c:679 call_write_iter include/linux/fs.h:2271 [inline] do_iter_readv_writev+0x212/0x3c0 fs/read_write.c:735 do_iter_write+0x186/0x710 fs/read_write.c:861 vfs_iter_write+0x70/0xa0 fs/read_write.c:902 iter_file_splice_write+0x73b/0xc90 fs/splice.c:685 do_splice_from fs/splice.c:763 [inline] direct_splice_actor+0x10f/0x170 fs/splice.c:950 splice_direct_to_actor+0x33a/0xa10 fs/splice.c:896 do_splice_direct+0x1a9/0x280 fs/splice.c:1002 do_sendfile+0xb13/0x12c0 fs/read_write.c:1255 __do_sys_sendfile64 fs/read_write.c:1323 [inline] __se_sys_sendfile64 fs/read_write.c:1309 [inline] __x64_sys_sendfile64+0x1cf/0x210 fs/read_write.c:1309 do_syscall_x64 arch/x86/entry/common.c:51 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81 entry_SYSCALL_64_after_hwframe+0x6e/0xd8
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei->i_inline_size can become stale between the initial size check and when ext4_update_inline_data()/ext4_create_inline_data() use it. Although ext4_get_max_inline_size() reads the correct value at the time of the check, concurrent xattr operations can modify i_inline_size before ext4_write_lock_xattr() is acquired. This causes ext4_update_inline_data() and ext4_create_inline_data() to work with stale capacity values, leading to a BUG_ON() crash in ext4_write_inline_data(): kernel BUG at fs/ext4/inline.c:1331! BUG_ON(pos + len > EXT4_I(inode)->i_inline_size); The race window: 1. ext4_get_max_inline_size() reads i_inline_size = 60 (correct) 2. Size check passes for 50-byte write 3. [Another thread adds xattr, i_inline_size changes to 40] 4. ext4_write_lock_xattr() acquires lock 5. ext4_update_inline_data() uses stale i_inline_size = 60 6. Attempts to write 50 bytes but only 40 bytes actually available 7. BUG_ON() triggers Fix this by recalculating i_inline_size via ext4_find_inline_data_nolock() immediately after acquiring xattr_sem. This ensures ext4_update_inline_data() and ext4_create_inline_data() work with current values that are protected from concurrent modifications. This is similar to commit a54c4613dac1 ("ext4: fix race writing to an inline_data file while its xattrs are changing") which fixed i_inline_off staleness. This patch addresses the related i_inline_size staleness issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin request_queue lifetime The namespaces can access the controller's admin request_queue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin request_queue is active by moving the controller's 'put' to after all controller references have been released to ensure no one is can access the request_queue. This fixes a reported use-after-free bug: BUG: KASAN: slab-use-after-free in blk_queue_enter+0x41c/0x4a0 Read of size 8 at addr ffff88c0a53819f8 by task nvme/3287 CPU: 67 UID: 0 PID: 3287 Comm: nvme Tainted: G E 6.13.2-ga1582f1a031e #15 Tainted: [E]=UNSIGNED_MODULE Hardware name: Jabil /EGS 2S MB1, BIOS 1.00 06/18/2025 Call Trace: <TASK> dump_stack_lvl+0x4f/0x60 print_report+0xc4/0x620 ? _raw_spin_lock_irqsave+0x70/0xb0 ? _raw_read_unlock_irqrestore+0x30/0x30 ? blk_queue_enter+0x41c/0x4a0 kasan_report+0xab/0xe0 ? blk_queue_enter+0x41c/0x4a0 blk_queue_enter+0x41c/0x4a0 ? __irq_work_queue_local+0x75/0x1d0 ? blk_queue_start_drain+0x70/0x70 ? irq_work_queue+0x18/0x20 ? vprintk_emit.part.0+0x1cc/0x350 ? wake_up_klogd_work_func+0x60/0x60 blk_mq_alloc_request+0x2b7/0x6b0 ? __blk_mq_alloc_requests+0x1060/0x1060 ? __switch_to+0x5b7/0x1060 nvme_submit_user_cmd+0xa9/0x330 nvme_user_cmd.isra.0+0x240/0x3f0 ? force_sigsegv+0xe0/0xe0 ? nvme_user_cmd64+0x400/0x400 ? vfs_fileattr_set+0x9b0/0x9b0 ? cgroup_update_frozen_flag+0x24/0x1c0 ? cgroup_leave_frozen+0x204/0x330 ? nvme_ioctl+0x7c/0x2c0 blkdev_ioctl+0x1a8/0x4d0 ? blkdev_common_ioctl+0x1930/0x1930 ? fdget+0x54/0x380 __x64_sys_ioctl+0x129/0x190 do_syscall_64+0x5b/0x160 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7f765f703b0b Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d dd 52 0f 00 f7 d8 64 89 01 48 RSP: 002b:00007ffe2cefe808 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffe2cefe860 RCX: 00007f765f703b0b RDX: 00007ffe2cefe860 RSI: 00000000c0484e41 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000000 R10: 00007f765f611d50 R11: 0000000000000202 R12: 0000000000000003 R13: 00000000c0484e41 R14: 0000000000000001 R15: 00007ffe2cefea60 </TASK>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that S_IFMT bits of inode->i_mode can become bogus when the S_IFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes" field loaded from disk are corrupted. A documentation says that BFS uses only lower 9 bits of the "mode" field. But I can't find an explicit explanation that the unused upper 23 bits (especially, the S_IFMT bits) are initialized with 0. Therefore, ignore the S_IFMT bits of the "mode" field loaded from disk. Also, verify that the value of the "attributes" field loaded from disk is either BFS_VREG or BFS_VDIR (because BFS supports only regular files and the root directory).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcv_mss before calling tcp_send_active_reset() in mptcp_do_fastclose(). syzbot reported divide-by-zero in __tcp_select_window() by MPTCP socket. [0] We had a similar issue for the bare TCP and fixed in commit 499350a5a6e7 ("tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0"). Let's apply the same fix to mptcp_do_fastclose(). [0]: Oops: divide error: 0000 [#1] SMP KASAN PTI CPU: 0 UID: 0 PID: 6068 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 RIP: 0010:__tcp_select_window+0x824/0x1320 net/ipv4/tcp_output.c:3336 Code: ff ff ff 44 89 f1 d3 e0 89 c1 f7 d1 41 01 cc 41 21 c4 e9 a9 00 00 00 e8 ca 49 01 f8 e9 9c 00 00 00 e8 c0 49 01 f8 44 89 e0 99 <f7> 7c 24 1c 41 29 d4 48 bb 00 00 00 00 00 fc ff df e9 80 00 00 00 RSP: 0018:ffffc90003017640 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88807b469e40 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffc90003017730 R08: ffff888033268143 R09: 1ffff1100664d028 R10: dffffc0000000000 R11: ffffed100664d029 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 FS: 000055557faa0500(0000) GS:ffff888126135000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f64a1912ff8 CR3: 0000000072122000 CR4: 00000000003526f0 Call Trace: <TASK> tcp_select_window net/ipv4/tcp_output.c:281 [inline] __tcp_transmit_skb+0xbc7/0x3aa0 net/ipv4/tcp_output.c:1568 tcp_transmit_skb net/ipv4/tcp_output.c:1649 [inline] tcp_send_active_reset+0x2d1/0x5b0 net/ipv4/tcp_output.c:3836 mptcp_do_fastclose+0x27e/0x380 net/mptcp/protocol.c:2793 mptcp_disconnect+0x238/0x710 net/mptcp/protocol.c:3253 mptcp_sendmsg_fastopen+0x2f8/0x580 net/mptcp/protocol.c:1776 mptcp_sendmsg+0x1774/0x1980 net/mptcp/protocol.c:1855 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg+0xe5/0x270 net/socket.c:742 __sys_sendto+0x3bd/0x520 net/socket.c:2244 __do_sys_sendto net/socket.c:2251 [inline] __se_sys_sendto net/socket.c:2247 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2247 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f66e998f749 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffff9acedb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f66e9be5fa0 RCX: 00007f66e998f749 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007ffff9acee10 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007f66e9be5fa0 R14: 00007f66e9be5fa0 R15: 0000000000000006 </TASK>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted There's issue when file system corrupted: ------------[ cut here ]------------ kernel BUG at fs/jbd2/transaction.c:1289! Oops: invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 5 UID: 0 PID: 2031 Comm: mkdir Not tainted 6.18.0-rc1-next RIP: 0010:jbd2_journal_get_create_access+0x3b6/0x4d0 RSP: 0018:ffff888117aafa30 EFLAGS: 00010202 RAX: 0000000000000000 RBX: ffff88811a86b000 RCX: ffffffff89a63534 RDX: 1ffff110200ec602 RSI: 0000000000000004 RDI: ffff888100763010 RBP: ffff888100763000 R08: 0000000000000001 R09: ffff888100763028 R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 R13: ffff88812c432000 R14: ffff88812c608000 R15: ffff888120bfc000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f91d6970c99 CR3: 00000001159c4000 CR4: 00000000000006f0 Call Trace: <TASK> __ext4_journal_get_create_access+0x42/0x170 ext4_getblk+0x319/0x6f0 ext4_bread+0x11/0x100 ext4_append+0x1e6/0x4a0 ext4_init_new_dir+0x145/0x1d0 ext4_mkdir+0x326/0x920 vfs_mkdir+0x45c/0x740 do_mkdirat+0x234/0x2f0 __x64_sys_mkdir+0xd6/0x120 do_syscall_64+0x5f/0xfa0 entry_SYSCALL_64_after_hwframe+0x76/0x7e The above issue occurs with us in errors=continue mode when accompanied by storage failures. There have been many inconsistencies in the file system data. In the case of file system data inconsistency, for example, if the block bitmap of a referenced block is not set, it can lead to the situation where a block being committed is allocated and used again. As a result, the following condition will not be satisfied then trigger BUG_ON. Of course, it is entirely possible to construct a problematic image that can trigger this BUG_ON through specific operations. In fact, I have constructed such an image and easily reproduced this issue. Therefore, J_ASSERT() holds true only under ideal conditions, but it may not necessarily be satisfied in exceptional scenarios. Using J_ASSERT() directly in abnormal situations would cause the system to crash, which is clearly not what we want. So here we directly trigger a JBD abort instead of immediately invoking BUG_ON.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid Fixes a crash when layout is null during this call stack: write_inode -> nfs4_write_inode -> pnfs_layoutcommit_inode pnfs_set_layoutcommit relies on the lseg refcount to keep the layout around. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt to reference a null layout.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Check skb->transport_header is set in bpf_skb_check_mtu The bpf_skb_check_mtu helper needs to use skb->transport_header when the BPF_MTU_CHK_SEGS flag is used: bpf_skb_check_mtu(skb, ifindex, &mtu_len, 0, BPF_MTU_CHK_SEGS) The transport_header is not always set. There is a WARN_ON_ONCE report when CONFIG_DEBUG_NET is enabled + skb->gso_size is set + bpf_prog_test_run is used: WARNING: CPU: 1 PID: 2216 at ./include/linux/skbuff.h:3071 skb_gso_validate_network_len bpf_skb_check_mtu bpf_prog_3920e25740a41171_tc_chk_segs_flag # A test in the next patch bpf_test_run bpf_prog_test_run_skb For a normal ingress skb (not test_run), skb_reset_transport_header is performed but there is plan to avoid setting it as described in commit 2170a1f09148 ("net: no longer reset transport_header in __netif_receive_skb_core()"). This patch fixes the bpf helper by checking skb_transport_header_was_set(). The check is done just before skb->transport_header is used, to avoid breaking the existing bpf prog. The WARN_ON_ONCE is limited to bpf_prog_test_run, so targeting bpf-next.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading to use-after-free and other resource access issues. This race condition occurs because the abort handler may schedule a LUN reset concurrently with device removal via sdev_destroy(), leading to use-after-free and improper access to freed resources. - Check in the device reset handler if the device is still present in the controller's SCSI device list before running; if not, the reset is skipped. - Cancel any pending TMF work that has not started in sdev_destroy(). - Ensure device freeing in sdev_destroy() is done while holding the LUN reset mutex to avoid races with ongoing resets.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Use check_add_overflow() to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetric_key_id structure and return ERR_PTR(-EOVERFLOW) accordingly. This prevents a possible buffer overflow when copying data from potentially malicious X.509 certificate fields that can be arbitrarily large, such as ASN.1 INTEGER serial numbers, issuer names, etc.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skb_warn_bad_offload() from netif_skb_features() -> gso_features_check(). When a BPF program - triggered via BPF test infra - pushes the packet to the loopback device via bpf_clone_redirect() then mentioned offload warning can be seen. GSO-related features are then rightfully disabled. We get into this situation due to convert___skb_to_skb() setting gso_segs and gso_size but not gso_type. Technically, it makes sense that this warning triggers since the GSO properties are malformed due to the gso_type. Potentially, the gso_type could be marked non-trustworthy through setting it at least to SKB_GSO_DODGY without any other specific assumptions, but that also feels wrong given we should not go further into the GSO engine in the first place. The checks were added in 121d57af308d ("gso: validate gso_type in GSO handlers") because there were malicious (syzbot) senders that combine a protocol with a non-matching gso_type. If we would want to drop such packets, gso_features_check() currently only returns feature flags via netif_skb_features(), so one location for potentially dropping such skbs could be validate_xmit_unreadable_skb(), but then otoh it would be an additional check in the fast-path for a very corner case. Given bpf_clone_redirect() is the only place where BPF test infra could emit such packets, lets reject them right there.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog->stats access when update_effective_progs fails Syzkaller triggers an invalid memory access issue following fault injection in update_effective_progs. The issue can be described as follows: __cgroup_bpf_detach update_effective_progs compute_effective_progs bpf_prog_array_alloc <-- fault inject purge_effective_progs /* change to dummy_bpf_prog */ array->items[index] = &dummy_bpf_prog.prog ---softirq start--- __do_softirq ... __cgroup_bpf_run_filter_skb __bpf_prog_run_save_cb bpf_prog_run stats = this_cpu_ptr(prog->stats) /* invalid memory access */ flags = u64_stats_update_begin_irqsave(&stats->syncp) ---softirq end--- static_branch_dec(&cgroup_bpf_enabled_key[atype]) The reason is that fault injection caused update_effective_progs to fail and then changed the original prog into dummy_bpf_prog.prog in purge_effective_progs. Then a softirq came, and accessing the members of dummy_bpf_prog.prog in the softirq triggers invalid mem access. To fix it, skip updating stats when stats is NULL.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags When a filesystem is being automounted, it needs to preserve the user-set superblock mount options, such as the "ro" flag.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce ("spi: fsl-cpm: Use 16 bit mode for large transfers with even size") failed to make sure that the size is really even before switching to 16 bit mode. Until recently the problem went unnoticed because kernfs uses a pre-allocated bounce buffer of size PAGE_SIZE for reading EEPROM. But commit 8ad6249c51d0 ("eeprom: at25: convert to spi-mem API") introduced an additional dynamically allocated bounce buffer whose size is exactly the size of the transfer, leading to a buffer overrun in the fsl-cpm driver when that size is odd. Add the missing length parity verification and remain in 8 bit mode when the length is not even.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() prp_get_untagged_frame() calls __pskb_copy() to create frame->skb_std but doesn't check if the allocation failed. If __pskb_copy() returns NULL, skb_clone() is called with a NULL pointer, causing a crash: Oops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f] CPU: 0 UID: 0 PID: 5625 Comm: syz.1.18 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:skb_clone+0xd7/0x3a0 net/core/skbuff.c:2041 Code: 03 42 80 3c 20 00 74 08 4c 89 f7 e8 23 29 05 f9 49 83 3e 00 0f 85 a0 01 00 00 e8 94 dd 9d f8 48 8d 6b 7e 49 89 ee 49 c1 ee 03 <43> 0f b6 04 26 84 c0 0f 85 d1 01 00 00 44 0f b6 7d 00 41 83 e7 0c RSP: 0018:ffffc9000d00f200 EFLAGS: 00010207 RAX: ffffffff892235a1 RBX: 0000000000000000 RCX: ffff88803372a480 RDX: 0000000000000000 RSI: 0000000000000820 RDI: 0000000000000000 RBP: 000000000000007e R08: ffffffff8f7d0f77 R09: 1ffffffff1efa1ee R10: dffffc0000000000 R11: fffffbfff1efa1ef R12: dffffc0000000000 R13: 0000000000000820 R14: 000000000000000f R15: ffff88805144cc00 FS: 0000555557f6d500(0000) GS:ffff88808d72f000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000555581d35808 CR3: 000000005040e000 CR4: 0000000000352ef0 Call Trace: <TASK> hsr_forward_do net/hsr/hsr_forward.c:-1 [inline] hsr_forward_skb+0x1013/0x2860 net/hsr/hsr_forward.c:741 hsr_handle_frame+0x6ce/0xa70 net/hsr/hsr_slave.c:84 __netif_receive_skb_core+0x10b9/0x4380 net/core/dev.c:5966 __netif_receive_skb_one_core net/core/dev.c:6077 [inline] __netif_receive_skb+0x72/0x380 net/core/dev.c:6192 netif_receive_skb_internal net/core/dev.c:6278 [inline] netif_receive_skb+0x1cb/0x790 net/core/dev.c:6337 tun_rx_batched+0x1b9/0x730 drivers/net/tun.c:1485 tun_get_user+0x2b65/0x3e90 drivers/net/tun.c:1953 tun_chr_write_iter+0x113/0x200 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0x5c9/0xb30 fs/read_write.c:686 ksys_write+0x145/0x250 fs/read_write.c:738 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f0449f8e1ff Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 RSP: 002b:00007ffd7ad94c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f044a1e5fa0 RCX: 00007f0449f8e1ff RDX: 000000000000003e RSI: 0000200000000500 RDI: 00000000000000c8 RBP: 00007ffd7ad94d20 R08: 0000000000000000 R09: 0000000000000000 R10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001 R13: 00007f044a1e5fa0 R14: 00007f044a1e5fa0 R15: 0000000000000003 </TASK> Add a NULL check immediately after __pskb_copy() to handle allocation failures gracefully.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: target: Reset t_task_cdb pointer in error case If allocation of cmd->t_task_cdb fails, it remains NULL but is later dereferenced in the 'err' path. In case of error, reset NULL t_task_cdb value to point at the default fixed-size buffer. Found by Linux Verification Center (linuxtesting.org) with SVACE.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netrom: Fix memory leak in nr_sendmsg() syzbot reported a memory leak [1]. When function sock_alloc_send_skb() return NULL in nr_output(), the original skb is not freed, which was allocated in nr_sendmsg(). Fix this by freeing it before return. [1] BUG: memory leak unreferenced object 0xffff888129f35500 (size 240): comm "syz.0.17", pid 6119, jiffies 4294944652 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 10 52 28 81 88 ff ff ..........R(.... backtrace (crc 1456a3e4): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4983 [inline] slab_alloc_node mm/slub.c:5288 [inline] kmem_cache_alloc_node_noprof+0x36f/0x5e0 mm/slub.c:5340 __alloc_skb+0x203/0x240 net/core/skbuff.c:660 alloc_skb include/linux/skbuff.h:1383 [inline] alloc_skb_with_frags+0x69/0x3f0 net/core/skbuff.c:6671 sock_alloc_send_pskb+0x379/0x3e0 net/core/sock.c:2965 sock_alloc_send_skb include/net/sock.h:1859 [inline] nr_sendmsg+0x287/0x450 net/netrom/af_netrom.c:1105 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg net/socket.c:742 [inline] sock_write_iter+0x293/0x2a0 net/socket.c:1195 new_sync_write fs/read_write.c:593 [inline] vfs_write+0x45d/0x710 fs/read_write.c:686 ksys_write+0x143/0x170 fs/read_write.c:738 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xa4/0xfa0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fsnotify: do not generate ACCESS/MODIFY events on child for special files inotify/fanotify do not allow users with no read access to a file to subscribe to events (e.g. IN_ACCESS/IN_MODIFY), but they do allow the same user to subscribe for watching events on children when the user has access to the parent directory (e.g. /dev). Users with no read access to a file but with read access to its parent directory can still stat the file and see if it was accessed/modified via atime/mtime change. The same is not true for special files (e.g. /dev/null). Users will not generally observe atime/mtime changes when other users read/write to special files, only when someone sets atime/mtime via utimensat(). Align fsnotify events with this stat behavior and do not generate ACCESS/MODIFY events to parent watchers on read/write of special files. The events are still generated to parent watchers on utimensat(). This closes some side-channels that could be possibly used for information exfiltration [1]. [1] https://snee.la/pdf/pubs/file-notification-attacks.pdf
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc->events[idx] can become NULL in a subtle race condition with NMI->throttle->x86_pmu_stop(). Check event for NULL in amd_pmu_enable_all() before enable to avoid a GPF. This appears to be an AMD only issue. Syzkaller reported a GPF in amd_pmu_enable_all. INFO: NMI handler (perf_event_nmi_handler) took too long to run: 13.143 msecs Oops: general protection fault, probably for non-canonical address 0xdffffc0000000034: 0000 PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x00000000000001a0-0x00000000000001a7] CPU: 0 UID: 0 PID: 328415 Comm: repro_36674776 Not tainted 6.12.0-rc1-syzk RIP: 0010:x86_pmu_enable_event (arch/x86/events/perf_event.h:1195 arch/x86/events/core.c:1430) RSP: 0018:ffff888118009d60 EFLAGS: 00010012 RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000034 RSI: 0000000000000000 RDI: 00000000000001a0 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002 R13: ffff88811802a440 R14: ffff88811802a240 R15: ffff8881132d8601 FS: 00007f097dfaa700(0000) GS:ffff888118000000(0000) GS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000200001c0 CR3: 0000000103d56000 CR4: 00000000000006f0 Call Trace: <IRQ> amd_pmu_enable_all (arch/x86/events/amd/core.c:760 (discriminator 2)) x86_pmu_enable (arch/x86/events/core.c:1360) event_sched_out (kernel/events/core.c:1191 kernel/events/core.c:1186 kernel/events/core.c:2346) __perf_remove_from_context (kernel/events/core.c:2435) event_function (kernel/events/core.c:259) remote_function (kernel/events/core.c:92 (discriminator 1) kernel/events/core.c:72 (discriminator 1)) __flush_smp_call_function_queue (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/csd.h:64 kernel/smp.c:135 kernel/smp.c:540) __sysvec_call_function_single (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./arch/x86/include/asm/trace/irq_vectors.h:99 arch/x86/kernel/smp.c:272) sysvec_call_function_single (arch/x86/kernel/smp.c:266 (discriminator 47) arch/x86/kernel/smp.c:266 (discriminator 47)) </IRQ>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL (based on the mode bits) and not the ACL that was requested during file creation. This violates RFC 8881 section 6.4.1.3: "the ACL attribute is set as given". The issue occurs in nfsd_create_setattr(), which calls nfsd_attrs_valid() to determine whether to call nfsd_setattr(). However, nfsd_attrs_valid() checks only for iattr changes and security labels, but not POSIX ACLs. When only an ACL is present, the function returns false, nfsd_setattr() is skipped, and the POSIX ACL is never applied to the inode. Subsequently, when the client retrieves the ACL, the server finds no POSIX ACL on the inode and returns one generated from the file's mode bits rather than returning the originally-specified ACL.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix filename leak in __io_openat_prep() __io_openat_prep() allocates a struct filename using getname(). However, for the condition of the file being installed in the fixed file table as well as having O_CLOEXEC flag set, the function returns early. At that point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this, the memory for the newly allocated struct filename is not cleaned up, causing a memory leak. Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the successful getname() call, so that when the request is torn down, the filename will be cleaned up, along with other resources needing cleanup.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fw_tracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from firmware. The firmware tracer receives format strings from the device firmware and uses them to format trace messages. Without proper validation, bad firmware could provide format strings with invalid format specifiers (e.g., %s, %p, %n) that could lead to crashes, or other undefined behavior. Add mlx5_tracer_validate_params() to validate that all format specifiers in trace strings are limited to safe integer/hex formats (%x, %d, %i, %u, %llx, %lx, etc.). Reject strings containing other format types that could be used to access arbitrary memory or cause crashes. Invalid format strings are added to the trace output for visibility with "BAD_FORMAT: " prefix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" This reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9. The commit being reverted added code to __qla2x00_abort_all_cmds() to call sp->done() without holding a spinlock. But unlike the older code below it, this new code failed to check sp->cmd_type and just assumed TYPE_SRB, which results in a jump to an invalid pointer in target-mode with TYPE_TGT_CMD: qla2xxx [0000:65:00.0]-d034:8: qla24xx_do_nack_work create sess success 0000000009f7a79b qla2xxx [0000:65:00.0]-5003:8: ISP System Error - mbx1=1ff5h mbx2=10h mbx3=0h mbx4=0h mbx5=191h mbx6=0h mbx7=0h. qla2xxx [0000:65:00.0]-d01e:8: -> fwdump no buffer qla2xxx [0000:65:00.0]-f03a:8: qla_target(0): System error async event 0x8002 occurred qla2xxx [0000:65:00.0]-00af:8: Performing ISP error recovery - ha=0000000058183fda. BUG: kernel NULL pointer dereference, address: 0000000000000000 PF: supervisor instruction fetch in kernel mode PF: error_code(0x0010) - not-present page PGD 0 P4D 0 Oops: 0010 [#1] SMP CPU: 2 PID: 9446 Comm: qla2xxx_8_dpc Tainted: G O 6.1.133 #1 Hardware name: Supermicro Super Server/X11SPL-F, BIOS 4.2 12/15/2023 RIP: 0010:0x0 Code: Unable to access opcode bytes at 0xffffffffffffffd6. RSP: 0018:ffffc90001f93dc8 EFLAGS: 00010206 RAX: 0000000000000282 RBX: 0000000000000355 RCX: ffff88810d16a000 RDX: ffff88810dbadaa8 RSI: 0000000000080000 RDI: ffff888169dc38c0 RBP: ffff888169dc38c0 R08: 0000000000000001 R09: 0000000000000045 R10: ffffffffa034bdf0 R11: 0000000000000000 R12: ffff88810800bb40 R13: 0000000000001aa8 R14: ffff888100136610 R15: ffff8881070f7400 FS: 0000000000000000(0000) GS:ffff88bf80080000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 000000010c8ff006 CR4: 00000000003706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? __die+0x4d/0x8b ? page_fault_oops+0x91/0x180 ? trace_buffer_unlock_commit_regs+0x38/0x1a0 ? exc_page_fault+0x391/0x5e0 ? asm_exc_page_fault+0x22/0x30 __qla2x00_abort_all_cmds+0xcb/0x3e0 [qla2xxx_scst] qla2x00_abort_all_cmds+0x50/0x70 [qla2xxx_scst] qla2x00_abort_isp_cleanup+0x3b7/0x4b0 [qla2xxx_scst] qla2x00_abort_isp+0xfd/0x860 [qla2xxx_scst] qla2x00_do_dpc+0x581/0xa40 [qla2xxx_scst] kthread+0xa8/0xd0 </TASK> Then commit 4475afa2646d ("scsi: qla2xxx: Complete command early within lock") added the spinlock back, because not having the lock caused a race and a crash. But qla2x00_abort_srb() in the switch below already checks for qla2x00_chip_is_down() and handles it the same way, so the code above the switch is now redundant and still buggy in target-mode. Remove it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fix null pointer deref in ext4_raw_inode() If ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED), iloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all() lacks error checking, this will lead to a null pointer dereference in ext4_raw_inode(), called right after ext4_get_inode_loc(). Found by Linux Verification Center (linuxtesting.org) with SVACE.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: hns3: using the num_tqps in the vf driver to apply for resources Currently, hdev->htqp is allocated using hdev->num_tqps, and kinfo->tqp is allocated using kinfo->num_tqps. However, kinfo->num_tqps is set to min(new_tqps, hdev->num_tqps); Therefore, kinfo->num_tqps may be smaller than hdev->num_tqps, which causes some hdev->htqp[i] to remain uninitialized in hclgevf_knic_setup(). Thus, this patch allocates hdev->htqp and kinfo->tqp using hdev->num_tqps, ensuring that the lengths of hdev->htqp and kinfo->tqp are consistent and that all elements are properly initialized.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asd_pci_remove() function fails to synchronize with pending tasklets before freeing the asd_ha structure, leading to a potential use-after-free vulnerability. When a device removal is triggered (via hot-unplug or module unload), race condition can occur. The fix adds tasklet_kill() before freeing the asd_ha structure, ensuring all scheduled tasklets complete before cleanup proceeds.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write A deadlock can occur between nfc_unregister_device() and rfkill_fop_write() due to lock ordering inversion between device_lock and rfkill_global_mutex. The problematic lock order is: Thread A (rfkill_fop_write): rfkill_fop_write() mutex_lock(&rfkill_global_mutex) rfkill_set_block() nfc_rfkill_set_block() nfc_dev_down() device_lock(&dev->dev) <- waits for device_lock Thread B (nfc_unregister_device): nfc_unregister_device() device_lock(&dev->dev) rfkill_unregister() mutex_lock(&rfkill_global_mutex) <- waits for rfkill_global_mutex This creates a classic ABBA deadlock scenario. Fix this by moving rfkill_unregister() and rfkill_destroy() outside the device_lock critical section. Store the rfkill pointer in a local variable before releasing the lock, then call rfkill_unregister() after releasing device_lock. This change is safe because rfkill_fop_write() holds rfkill_global_mutex while calling the rfkill callbacks, and rfkill_unregister() also acquires rfkill_global_mutex before cleanup. Therefore, rfkill_unregister() will wait for any ongoing callback to complete before proceeding, and device_del() is only called after rfkill_unregister() returns, preventing any use-after-free. The similar lock ordering in nfc_register_device() (device_lock -> rfkill_global_mutex via rfkill_register) is safe because during registration the device is not yet in rfkill_list, so no concurrent rfkill operations can occur on this device.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() There exists a kernel oops caused by a BUG_ON(nhead < 0) at net/core/skbuff.c:2232 in pskb_expand_head(). This bug is triggered as part of the calipso_skbuff_setattr() routine when skb_cow() is passed headroom > INT_MAX (i.e. (int)(skb_headroom(skb) + len_delta) < 0). The root cause of the bug is due to an implicit integer cast in __skb_cow(). The check (headroom > skb_headroom(skb)) is meant to ensure that delta = headroom - skb_headroom(skb) is never negative, otherwise we will trigger a BUG_ON in pskb_expand_head(). However, if headroom > INT_MAX and delta <= -NET_SKB_PAD, the check passes, delta becomes negative, and pskb_expand_head() is passed a negative value for nhead. Fix the trigger condition in calipso_skbuff_setattr(). Avoid passing "negative" headroom sizes to skb_cow() within calipso_skbuff_setattr() by only using skb_cow() to grow headroom. PoC: Using `netlabelctl` tool: netlabelctl map del default netlabelctl calipso add pass doi:7 netlabelctl map add default address:0::1/128 protocol:calipso,7 Then run the following PoC: int fd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP); // setup msghdr int cmsg_size = 2; int cmsg_len = 0x60; struct msghdr msg; struct sockaddr_in6 dest_addr; struct cmsghdr * cmsg = (struct cmsghdr *) calloc(1, sizeof(struct cmsghdr) + cmsg_len); msg.msg_name = &dest_addr; msg.msg_namelen = sizeof(dest_addr); msg.msg_iov = NULL; msg.msg_iovlen = 0; msg.msg_control = cmsg; msg.msg_controllen = cmsg_len; msg.msg_flags = 0; // setup sockaddr dest_addr.sin6_family = AF_INET6; dest_addr.sin6_port = htons(31337); dest_addr.sin6_flowinfo = htonl(31337); dest_addr.sin6_addr = in6addr_loopback; dest_addr.sin6_scope_id = 31337; // setup cmsghdr cmsg->cmsg_len = cmsg_len; cmsg->cmsg_level = IPPROTO_IPV6; cmsg->cmsg_type = IPV6_HOPOPTS; char * hop_hdr = (char *)cmsg + sizeof(struct cmsghdr); hop_hdr[1] = 0x9; //set hop size - (0x9 + 1) * 8 = 80 sendmsg(fd, &msg, 0);
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rose_kill_by_device() rose_kill_by_device() collects sockets into a local array[] and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes array[cnt] instead of array[i]. For cnt < ARRAY_SIZE(array), this reads an uninitialized entry; for cnt == ARRAY_SIZE(array), it is an out-of-bounds read. Either case can lead to an invalid socket pointer dereference and also leaks references taken via sock_hold(). Fix the index to use i.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515 Modules linked in: CPU: 3 UID: 0 PID: 33 Comm: ksoftirqd/3 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515 Code: 89 ee e8 78 61 3c f6 40 84 ed 75 21 e8 8e 66 3c f6 44 89 fe bf 07 00 00 00 e8 c1 61 3c f6 41 83 ff 07 74 09 e8 76 66 3c f6 90 <0f> 0b 90 e8 6d 66 3c f6 48 89 df e8 e5 ad ff ff 31 ff 89 c5 89 c6 RSP: 0018:ffffc900006cf338 EFLAGS: 00010246 RAX: 0000000000000000 RBX: ffff888031acd100 RCX: ffffffff8b7f2abf RDX: ffff88801e6ea440 RSI: ffffffff8b7f2aca RDI: 0000000000000005 RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000007 R10: 0000000000000004 R11: 0000000000002c10 R12: ffff88802ba69900 R13: 1ffff920000d9e67 R14: ffff888046f81800 R15: 0000000000000004 FS: 0000000000000000(0000) GS:ffff8880d69bc000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000560fc0ca1670 CR3: 0000000032c3a000 CR4: 0000000000352ef0 Call Trace: <TASK> tcp_data_queue+0x13b0/0x4f90 net/ipv4/tcp_input.c:5197 tcp_rcv_state_process+0xfdf/0x4ec0 net/ipv4/tcp_input.c:6922 tcp_v6_do_rcv+0x492/0x1740 net/ipv6/tcp_ipv6.c:1672 tcp_v6_rcv+0x2976/0x41e0 net/ipv6/tcp_ipv6.c:1918 ip6_protocol_deliver_rcu+0x188/0x1520 net/ipv6/ip6_input.c:438 ip6_input_finish+0x1e4/0x4b0 net/ipv6/ip6_input.c:489 NF_HOOK include/linux/netfilter.h:318 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ip6_input+0x105/0x2f0 net/ipv6/ip6_input.c:500 dst_input include/net/dst.h:471 [inline] ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline] NF_HOOK include/linux/netfilter.h:318 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ipv6_rcv+0x264/0x650 net/ipv6/ip6_input.c:311 __netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:5979 __netif_receive_skb+0x1d/0x160 net/core/dev.c:6092 process_backlog+0x442/0x15e0 net/core/dev.c:6444 __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7494 napi_poll net/core/dev.c:7557 [inline] net_rx_action+0xa9f/0xfe0 net/core/dev.c:7684 handle_softirqs+0x216/0x8e0 kernel/softirq.c:579 run_ksoftirqd kernel/softirq.c:968 [inline] run_ksoftirqd+0x3a/0x60 kernel/softirq.c:960 smpboot_thread_fn+0x3f7/0xae0 kernel/smpboot.c:160 kthread+0x3c2/0x780 kernel/kthread.c:463 ret_from_fork+0x5d7/0x6f0 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> The TCP subflow can process the simult-connect syn-ack packet after transitioning to TCP_FIN1 state, bypassing the MPTCP fallback check, as the sk_state_change() callback is not invoked for * -> FIN_WAIT1 transitions. That will move the msk socket to an inconsistent status and the next incoming data will hit the reported splat. Close the race moving the simult-fallback check at the earliest possible stage - that is at syn-ack generation time. About the fixes tags: [2] was supposed to also fix this issue introduced by [3]. [1] is required as a dependence: it was not explicitly marked as a fix, but it is one and it has already been backported before [3]. In other words, this commit should be backported up to [3], including [2] and [1] if that's not already there.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix the crash issue for zero copy XDP_TX action There is a crash issue when running zero copy XDP_TX action, the crash log is shown below. [ 216.122464] Unable to handle kernel paging request at virtual address fffeffff80000000 [ 216.187524] Internal error: Oops: 0000000096000144 [#1] SMP [ 216.301694] Call trace: [ 216.304130] dcache_clean_poc+0x20/0x38 (P) [ 216.308308] __dma_sync_single_for_device+0x1bc/0x1e0 [ 216.313351] stmmac_xdp_xmit_xdpf+0x354/0x400 [ 216.317701] __stmmac_xdp_run_prog+0x164/0x368 [ 216.322139] stmmac_napi_poll_rxtx+0xba8/0xf00 [ 216.326576] __napi_poll+0x40/0x218 [ 216.408054] Kernel panic - not syncing: Oops: Fatal exception in interrupt For XDP_TX action, the xdp_buff is converted to xdp_frame by xdp_convert_buff_to_frame(). The memory type of the resulting xdp_frame depends on the memory type of the xdp_buff. For page pool based xdp_buff it produces xdp_frame with memory type MEM_TYPE_PAGE_POOL. For zero copy XSK pool based xdp_buff it produces xdp_frame with memory type MEM_TYPE_PAGE_ORDER0. However, stmmac_xdp_xmit_back() does not check the memory type and always uses the page pool type, this leads to invalid mappings and causes the crash. Therefore, check the xdp_buff memory type in stmmac_xdp_xmit_back() to fix this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fib_table_flush() is called to flush all the routes that are using the dead nexthop. The current logic in fib_table_flush() is to only flush error routes (e.g., blackhole) when it is called as part of network namespace dismantle (i.e., with flush_all=true). Therefore, error routes are not flushed when their nexthop object is deleted: # ip link add name dummy1 up type dummy # ip nexthop add id 1 dev dummy1 # ip route add 198.51.100.1/32 nhid 1 # ip route add blackhole 198.51.100.2/32 nhid 1 # ip nexthop del id 1 # ip route show blackhole 198.51.100.2 nhid 1 dev dummy1 As such, they keep holding a reference on the nexthop object which in turn holds a reference on the nexthop device, resulting in a reference count leak: # ip link del dev dummy1 [ 70.516258] unregister_netdevice: waiting for dummy1 to become free. Usage count = 2 Fix by flushing error routes when their nexthop is marked as dead. IPv6 does not suffer from this problem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ip6_gre: make ip6gre_header() robust Over the years, syzbot found many ways to crash the kernel in ip6gre_header() [1]. This involves team or bonding drivers ability to dynamically change their dev->needed_headroom and/or dev->hard_header_len In this particular crash mld_newpack() allocated an skb with a too small reserve/headroom, and by the time mld_sendpack() was called, syzbot managed to attach an ip6gre device. [1] skbuff: skb_under_panic: text:ffffffff8a1d69a8 len:136 put:40 head:ffff888059bc7000 data:ffff888059bc6fe8 tail:0x70 end:0x6c0 dev:team0 ------------[ cut here ]------------ kernel BUG at net/core/skbuff.c:213 ! <TASK> skb_under_panic net/core/skbuff.c:223 [inline] skb_push+0xc3/0xe0 net/core/skbuff.c:2641 ip6gre_header+0xc8/0x790 net/ipv6/ip6_gre.c:1371 dev_hard_header include/linux/netdevice.h:3436 [inline] neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618 neigh_output include/net/neighbour.h:556 [inline] ip6_finish_output2+0xfb3/0x1480 net/ipv6/ip6_output.c:136 __ip6_finish_output net/ipv6/ip6_output.c:-1 [inline] ip6_finish_output+0x234/0x7d0 net/ipv6/ip6_output.c:220 NF_HOOK_COND include/linux/netfilter.h:307 [inline] ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247 NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318 mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855 mld_send_cr net/ipv6/mcast.c:2154 [inline] mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expiration is in the past (similar to what is done in update_target_expiration()). Blindly adding the period to the previous target expiration can result in KVM generating a practically unbounded number of hrtimer IRQs due to programming an expired timer over and over. In extreme scenarios, e.g. if userspace pauses/suspends a VM for an extended duration, this can even cause hard lockups in the host. Currently, the bug only affects Intel CPUs when using the hypervisor timer (HV timer), a.k.a. the VMX preemption timer. Unlike the software timer, a.k.a. hrtimer, which KVM keeps running even on exits to userspace, the HV timer only runs while the guest is active. As a result, if the vCPU does not run for an extended duration, there will be a huge gap between the target expiration and the current time the vCPU resumes running. Because the target expiration is incremented by only one period on each timer expiration, this leads to a series of timer expirations occurring rapidly after the vCPU/VM resumes. More critically, when the vCPU first triggers a periodic HV timer expiration after resuming, advancing the expiration by only one period will result in a target expiration in the past. As a result, the delta may be calculated as a negative value. When the delta is converted into an absolute value (tscdeadline is an unsigned u64), the resulting value can overflow what the HV timer is capable of programming. I.e. the large value will exceed the VMX Preemption Timer's maximum bit width of cpu_preemption_timer_multi + 32, and thus cause KVM to switch from the HV timer to the software timer (hrtimers). After switching to the software timer, periodic timer expiration callbacks may be executed consecutively within a single clock interrupt handler, because hrtimers honors KVM's request for an expiration in the past and immediately re-invokes KVM's callback after reprogramming. And because the interrupt handler runs with IRQs disabled, restarting KVM's hrtimer over and over until the target expiration is advanced to "now" can result in a hard lockup. E.g. the following hard lockup was triggered in the host when running a Windows VM (only relevant because it used the APIC timer in periodic mode) after resuming the VM from a long suspend (in the host). NMI watchdog: Watchdog detected hard LOCKUP on cpu 45 ... RIP: 0010:advance_periodic_target_expiration+0x4d/0x80 [kvm] ... RSP: 0018:ff4f88f5d98d8ef0 EFLAGS: 00000046 RAX: fff0103f91be678e RBX: fff0103f91be678e RCX: 00843a7d9e127bcc RDX: 0000000000000002 RSI: 0052ca4003697505 RDI: ff440d5bfbdbd500 RBP: ff440d5956f99200 R08: ff2ff2a42deb6a84 R09: 000000000002a6c0 R10: 0122d794016332b3 R11: 0000000000000000 R12: ff440db1af39cfc0 R13: ff440db1af39cfc0 R14: ffffffffc0d4a560 R15: ff440db1af39d0f8 FS: 00007f04a6ffd700(0000) GS:ff440db1af380000(0000) knlGS:000000e38a3b8000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000d5651feff8 CR3: 000000684e038002 CR4: 0000000000773ee0 PKRU: 55555554 Call Trace: <IRQ> apic_timer_fn+0x31/0x50 [kvm] __hrtimer_run_queues+0x100/0x280 hrtimer_interrupt+0x100/0x210 ? ttwu_do_wakeup+0x19/0x160 smp_apic_timer_interrupt+0x6a/0x130 apic_timer_interrupt+0xf/0x20 </IRQ> Moreover, if the suspend duration of the virtual machine is not long enough to trigger a hard lockup in this scenario, since commit 98c25ead5eda ("KVM: VMX: Move preemption timer <=> hrtimer dance to common x86"), KVM will continue using the software timer until the guest reprograms the APIC timer in some way. Since the periodic timer does not require frequent APIC timer register programming, the guest may continue to use the software timer in ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_VID). It may cause out-of-bounds memory access once the VLAN id is bigger than or equal to VLAN_N_VID. Therefore, VLAN id needs to be checked to ensure it is within the range of VLAN_N_VID.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - zero initialize memory allocated via sock_kmalloc Several crypto user API contexts and requests allocated with sock_kmalloc() were left uninitialized, relying on callers to set fields explicitly. This resulted in the use of uninitialized data in certain error paths or when new fields are added in the future. The ACVP patches also contain two user-space interface files: algif_kpp.c and algif_akcipher.c. These too rely on proper initialization of their context structures. A particular issue has been observed with the newly added 'inflight' variable introduced in af_alg_ctx by commit: 67b164a871af ("crypto: af_alg - Disallow multiple in-flight AIO requests") Because the context is not memset to zero after allocation, the inflight variable has contained garbage values. As a result, af_alg_alloc_areq() has incorrectly returned -EBUSY randomly when the garbage value was interpreted as true: https://github.com/gregkh/linux/blame/master/crypto/af_alg.c#L1209 The check directly tests ctx->inflight without explicitly comparing against true/false. Since inflight is only ever set to true or false later, an uninitialized value has triggered -EBUSY failures. Zero-initializing memory allocated with sock_kmalloc() ensures inflight and other fields start in a known state, removing random issues caused by uninitialized data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: via_wdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocate_resource() to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, which causes the kernel resource tree to contain an entry marked as "<BAD>" under /proc/iomem on x86 platforms. During boot, this unnamed resource can lead to a critical hang because subsequent resource lookups and conflict checks fail to handle the invalid entry properly.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf A zero length gss_token results in pages == 0 and in_token->pages[0] is NULL. The code unconditionally evaluates page_address(in_token->pages[0]) for the initial memcpy, which can dereference NULL even when the copy length is 0. Guard the first memcpy so it only runs when length > 0.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parse_apply_sb_mount_options() strscpy_pad() can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 ("string.h: Introduce memtostr() and memtostr_pad()") provides additional information in that regard. So if this happens, the following warning is observed: strnlen: detected buffer overflow: 65 byte read of buffer size 64 WARNING: CPU: 0 PID: 28655 at lib/string_helpers.c:1032 __fortify_report+0x96/0xc0 lib/string_helpers.c:1032 Modules linked in: CPU: 0 UID: 0 PID: 28655 Comm: syz-executor.3 Not tainted 6.12.54-syzkaller-00144-g5f0270f1ba00 #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:__fortify_report+0x96/0xc0 lib/string_helpers.c:1032 Call Trace: <TASK> __fortify_panic+0x1f/0x30 lib/string_helpers.c:1039 strnlen include/linux/fortify-string.h:235 [inline] sized_strscpy include/linux/fortify-string.h:309 [inline] parse_apply_sb_mount_options fs/ext4/super.c:2504 [inline] __ext4_fill_super fs/ext4/super.c:5261 [inline] ext4_fill_super+0x3c35/0xad00 fs/ext4/super.c:5706 get_tree_bdev_flags+0x387/0x620 fs/super.c:1636 vfs_get_tree+0x93/0x380 fs/super.c:1814 do_new_mount fs/namespace.c:3553 [inline] path_mount+0x6ae/0x1f70 fs/namespace.c:3880 do_mount fs/namespace.c:3893 [inline] __do_sys_mount fs/namespace.c:4103 [inline] __se_sys_mount fs/namespace.c:4080 [inline] __x64_sys_mount+0x280/0x300 fs/namespace.c:4080 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x64/0x140 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x76/0x7e Since userspace is expected to provide s_mount_opts field to be at most 63 characters long with the ending byte being NUL-term, use a 64-byte buffer which matches the size of s_mount_opts, so that strscpy_pad() does its job properly. Return with error if the user still managed to provide a non-NUL-term string here. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Do not use req->iv after crypto_aead_encrypt As soon as crypto_aead_encrypt is called, the underlying request may be freed by an asynchronous completion. Thus dereferencing req->iv after it returns is invalid. Instead of checking req->iv against info, create a new variable unaligned_info and use it for that purpose instead.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fec_read_bufs, there is a loop that has 253 iterations. For each iteration, we may call verity_hash_for_block recursively. There is a limit of 4 nested recursions - that means that there may be at most 253^4 (4 billion) iterations. Red Hat QE team actually created an image that pushes dm-verity to this limit - and this image just makes the udev-worker process get stuck in the 'D' state. 2. It doesn't work. In fec_read_bufs we store data into the variable "fio->bufs", but fio bufs is shared between recursive invocations, if "verity_hash_for_block" invoked correction recursively, it would overwrite partially filled fio->bufs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: tegra-adma: Fix use-after-free A use-after-free bug exists in the Tegra ADMA driver when audio streams are terminated, particularly during XRUN conditions. The issue occurs when the DMA buffer is freed by tegra_adma_terminate_all() before the vchan completion tasklet finishes accessing it. The race condition follows this sequence: 1. DMA transfer completes, triggering an interrupt that schedules the completion tasklet (tasklet has not executed yet) 2. Audio playback stops, calling tegra_adma_terminate_all() which frees the DMA buffer memory via kfree() 3. The scheduled tasklet finally executes, calling vchan_complete() which attempts to access the already-freed memory Since tasklets can execute at any time after being scheduled, there is no guarantee that the buffer will remain valid when vchan_complete() runs. Fix this by properly synchronizing the virtual channel completion: - Calling vchan_terminate_vdesc() in tegra_adma_stop() to mark the descriptors as terminated instead of freeing the descriptor. - Add the callback tegra_adma_synchronize() that calls vchan_synchronize() which kills any pending tasklets and frees any terminated descriptors. Crash logs: [ 337.427523] BUG: KASAN: use-after-free in vchan_complete+0x124/0x3b0 [ 337.427544] Read of size 8 at addr ffff000132055428 by task swapper/0/0 [ 337.427562] Call trace: [ 337.427564] dump_backtrace+0x0/0x320 [ 337.427571] show_stack+0x20/0x30 [ 337.427575] dump_stack_lvl+0x68/0x84 [ 337.427584] print_address_description.constprop.0+0x74/0x2b8 [ 337.427590] kasan_report+0x1f4/0x210 [ 337.427598] __asan_load8+0xa0/0xd0 [ 337.427603] vchan_complete+0x124/0x3b0 [ 337.427609] tasklet_action_common.constprop.0+0x190/0x1d0 [ 337.427617] tasklet_action+0x30/0x40 [ 337.427623] __do_softirq+0x1a0/0x5c4 [ 337.427628] irq_exit+0x110/0x140 [ 337.427633] handle_domain_irq+0xa4/0xe0 [ 337.427640] gic_handle_irq+0x64/0x160 [ 337.427644] call_on_irq_stack+0x20/0x4c [ 337.427649] do_interrupt_handler+0x7c/0x90 [ 337.427654] el1_interrupt+0x30/0x80 [ 337.427659] el1h_64_irq_handler+0x18/0x30 [ 337.427663] el1h_64_irq+0x7c/0x80 [ 337.427667] cpuidle_enter_state+0xe4/0x540 [ 337.427674] cpuidle_enter+0x54/0x80 [ 337.427679] do_idle+0x2e0/0x380 [ 337.427685] cpu_startup_entry+0x2c/0x70 [ 337.427690] rest_init+0x114/0x130 [ 337.427695] arch_call_rest_init+0x18/0x24 [ 337.427702] start_kernel+0x380/0x3b4 [ 337.427706] __primary_switched+0xc0/0xc8
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix device leaks on compat bind and unbind Make sure to drop the reference taken when looking up the idxd device as part of the compat bind and unbind sysfs interface.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent its driver data from going away so there is no point in keeping the reference.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_hdmac: fix device leak on of_dma_xlate() Make sure to drop the reference taken when looking up the DMA platform device during of_dma_xlate() when releasing channel resources. Note that commit 3832b78b3ec2 ("dmaengine: at_hdmac: add missing put_device() call in at_dma_xlate()") fixed the leak in a couple of error paths but the reference is still leaking on successful allocation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarms_store The sysfs buffer passed to alarms_store() is allocated with 'size + 1' bytes and a NUL terminator is appended. However, the 'size' argument does not account for this extra byte. The original code then allocated 'size' bytes and used strcpy() to copy 'buf', which always writes one byte past the allocated buffer since strcpy() copies until the NUL terminator at index 'size'. Fix this by parsing the 'buf' parameter directly using simple_strtoll() without allocating any intermediate memory or string copying. This removes the overflow while simplifying the code.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue() Add proper locking in mmp_pdma_residue() to prevent use-after-free when accessing descriptor list and descriptor contents. The race occurs when multiple threads call tx_status() while the tasklet on another CPU is freeing completed descriptors: CPU 0 CPU 1 ----- ----- mmp_pdma_tx_status() mmp_pdma_residue() -> NO LOCK held list_for_each_entry(sw, ..) DMA interrupt dma_do_tasklet() -> spin_lock(&desc_lock) list_move(sw->node, ...) spin_unlock(&desc_lock) | dma_pool_free(sw) <- FREED! -> access sw->desc <- UAF! This issue can be reproduced when running dmatest on the same channel with multiple threads (threads_per_chan > 1). Fix by protecting the chain_running list iteration and descriptor access with the chan->desc_lock spinlock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an infinite loop when an attribute header indicates an empty run list, while directory entries reference it as containing actual data. In NTFS, setting evcn=-1 with svcn=0 is a valid way to represent an empty run list, and run_unpack() correctly handles this by checking if evcn + 1 equals svcn and returning early without parsing any run data. However, this creates a problem when there is metadata inconsistency, where the attribute header claims to be empty (evcn=-1) but the caller expects to read actual data. When run_unpack() immediately returns success upon seeing this condition, it leaves the runs_tree uninitialized with run->runs as a NULL. The calling function attr_load_runs_range() assumes that a successful return means that the runs were loaded and sets clen to 0, expecting the next run_lookup_entry() call to succeed. Because runs_tree remains uninitialized, run_lookup_entry() continues to fail, and the loop increments vcn by zero (vcn += 0), leading to an infinite loop. This patch adds a retry counter to detect when run_lookup_entry() fails consecutively after attr_load_runs_vcn(). If the run is still not found on the second attempt, it indicates corrupted metadata and returns -EINVAL, preventing the Denial-of-Service (DoS) vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed dentry in the ntfs3 filesystem can cause the kernel to hang during the lookup operations. By setting the HAS_SUB_NODE flag in an INDEX_ENTRY within a directory's INDEX_ALLOCATION block and manipulating the VCN pointer, an attacker can cause the indx_find() function to repeatedly read the same block, allocating 4 KB of memory each time. The kernel lacks VCN loop detection and depth limits, causing memory exhaustion and an OOM crash. This patch adds a return value check for fnd_push() to prevent a memory exhaustion vulnerability caused by infinite loops. When the index exceeds the size of the fnd->nodes array, fnd_push() returns -EINVAL. The indx_find() function checks this return value and stops processing, preventing further memory allocation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an infinite loop when an ATTR_LIST attribute indicates a zero data size while the driver allocates memory for it. When ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, it still allocates memory because of al_aligned(0). This creates an inconsistent state where ni->attr_list.size is zero, but ni->attr_list.le is non-null. This causes ni_enum_attr_ex to incorrectly assume that no attribute list exists and enumerates only the primary MFT record. When it finds ATTR_LIST, the code reloads it and restarts the enumeration, repeating indefinitely. The mount operation never completes, hanging the kernel thread. This patch adds validation to ensure that data_size is non-zero before memory allocation. When a zero-sized ATTR_LIST is detected, the function returns -EINVAL, preventing a DoS vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: sock: fix hardened usercopy panic in sock_recv_errqueue skbuff_fclone_cache was created without defining a usercopy region, [1] unlike skbuff_head_cache which properly whitelists the cb[] field. [2] This causes a usercopy BUG() when CONFIG_HARDENED_USERCOPY is enabled and the kernel attempts to copy sk_buff.cb data to userspace via sock_recv_errqueue() -> put_cmsg(). The crash occurs when: 1. TCP allocates an skb using alloc_skb_fclone() (from skbuff_fclone_cache) [1] 2. The skb is cloned via skb_clone() using the pre-allocated fclone [3] 3. The cloned skb is queued to sk_error_queue for timestamp reporting 4. Userspace reads the error queue via recvmsg(MSG_ERRQUEUE) 5. sock_recv_errqueue() calls put_cmsg() to copy serr->ee from skb->cb [4] 6. __check_heap_object() fails because skbuff_fclone_cache has no usercopy whitelist [5] When cloned skbs allocated from skbuff_fclone_cache are used in the socket error queue, accessing the sock_exterr_skb structure in skb->cb via put_cmsg() triggers a usercopy hardening violation: [ 5.379589] usercopy: Kernel memory exposure attempt detected from SLUB object 'skbuff_fclone_cache' (offset 296, size 16)! [ 5.382796] kernel BUG at mm/usercopy.c:102! [ 5.383923] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI [ 5.384903] CPU: 1 UID: 0 PID: 138 Comm: poc_put_cmsg Not tainted 6.12.57 #7 [ 5.384903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 [ 5.384903] RIP: 0010:usercopy_abort+0x6c/0x80 [ 5.384903] Code: 1a 86 51 48 c7 c2 40 15 1a 86 41 52 48 c7 c7 c0 15 1a 86 48 0f 45 d6 48 c7 c6 80 15 1a 86 48 89 c1 49 0f 45 f3 e8 84 27 88 ff <0f> 0b 490 [ 5.384903] RSP: 0018:ffffc900006f77a8 EFLAGS: 00010246 [ 5.384903] RAX: 000000000000006f RBX: ffff88800f0ad2a8 RCX: 1ffffffff0f72e74 [ 5.384903] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff87b973a0 [ 5.384903] RBP: 0000000000000010 R08: 0000000000000000 R09: fffffbfff0f72e74 [ 5.384903] R10: 0000000000000003 R11: 79706f6372657375 R12: 0000000000000001 [ 5.384903] R13: ffff88800f0ad2b8 R14: ffffea00003c2b40 R15: ffffea00003c2b00 [ 5.384903] FS: 0000000011bc4380(0000) GS:ffff8880bf100000(0000) knlGS:0000000000000000 [ 5.384903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 5.384903] CR2: 000056aa3b8e5fe4 CR3: 000000000ea26004 CR4: 0000000000770ef0 [ 5.384903] PKRU: 55555554 [ 5.384903] Call Trace: [ 5.384903] <TASK> [ 5.384903] __check_heap_object+0x9a/0xd0 [ 5.384903] __check_object_size+0x46c/0x690 [ 5.384903] put_cmsg+0x129/0x5e0 [ 5.384903] sock_recv_errqueue+0x22f/0x380 [ 5.384903] tls_sw_recvmsg+0x7ed/0x1960 [ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5 [ 5.384903] ? schedule+0x6d/0x270 [ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5 [ 5.384903] ? mutex_unlock+0x81/0xd0 [ 5.384903] ? __pfx_mutex_unlock+0x10/0x10 [ 5.384903] ? __pfx_tls_sw_recvmsg+0x10/0x10 [ 5.384903] ? _raw_spin_lock_irqsave+0x8f/0xf0 [ 5.384903] ? _raw_read_unlock_irqrestore+0x20/0x40 [ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5 The crash offset 296 corresponds to skb2->cb within skbuff_fclones: - sizeof(struct sk_buff) = 232 - offsetof(struct sk_buff, cb) = 40 - offset of skb2.cb in fclones = 232 + 40 = 272 - crash offset 296 = 272 + 24 (inside sock_exterr_skb.ee) This patch uses a local stack variable as a bounce buffer to avoid the hardened usercopy check failure. [1] https://elixir.bootlin.com/linux/v6.12.62/source/net/ipv4/tcp.c#L885 [2] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5104 [3] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5566 [4] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5491 [5] https://elixir.bootlin.com/linux/v6.12.62/source/mm/slub.c#L5719
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in skb_segment_list for GRO packets When skb_segment_list() is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation logic in skb_segment_list assumes that individual segments are split from a parent SKB and may need to carry their own socket memory accounting. Accordingly, the code transfers truesize from the parent to the newly created segments. Prior to commit ed4cccef64c1 ("gro: fix ownership transfer"), this truesize subtraction in skb_segment_list() was valid because fragments still carry a reference to the original socket. However, commit ed4cccef64c1 ("gro: fix ownership transfer") changed this behavior by ensuring that fraglist entries are explicitly orphaned (skb->sk = NULL) to prevent illegal orphaning later in the stack. This change meant that the entire socket memory charge remained with the head SKB, but the corresponding accounting logic in skb_segment_list() was never updated. As a result, the current code unconditionally adds each fragment's truesize to delta_truesize and subtracts it from the parent SKB. Since the fragments are no longer charged to the socket, this subtraction results in an effective under-count of memory when the head is freed. This causes sk_wmem_alloc to remain non-zero, preventing socket destruction and leading to a persistent memory leak. The leak can be observed via KMEMLEAK when tearing down the networking environment: unreferenced object 0xffff8881e6eb9100 (size 2048): comm "ping", pid 6720, jiffies 4295492526 backtrace: kmem_cache_alloc_noprof+0x5c6/0x800 sk_prot_alloc+0x5b/0x220 sk_alloc+0x35/0xa00 inet6_create.part.0+0x303/0x10d0 __sock_create+0x248/0x640 __sys_socket+0x11b/0x1d0 Since skb_segment_list() is exclusively used for SKB_GSO_FRAGLIST packets constructed by GRO, the truesize adjustment is removed. The call to skb_release_head_state() must be preserved. As documented in commit cf673ed0e057 ("net: fix fraglist segmentation reference count leak"), it is still required to correctly drop references to SKB extensions that may be overwritten during __copy_skb_header().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4_end_grace Writing to v4_end_grace can race with server shutdown and result in memory being accessed after it was freed - reclaim_str_hashtbl in particularly. We cannot hold nfsd_mutex across the nfsd4_end_grace() call as that is held while client_tracking_op->init() is called and that can wait for an upcall to nfsdcltrack which can write to v4_end_grace, resulting in a deadlock. nfsd4_end_grace() is also called by the landromat work queue and this doesn't require locking as server shutdown will stop the work and wait for it before freeing anything that nfsd4_end_grace() might access. However, we must be sure that writing to v4_end_grace doesn't restart the work item after shutdown has already waited for it. For this we add a new flag protected with nn->client_lock. It is set only while it is safe to make client tracking calls, and v4_end_grace only schedules work while the flag is set with the spinlock held. So this patch adds a nfsd_net field "client_tracking_active" which is set as described. Another field "grace_end_forced", is set when v4_end_grace is written. After this is set, and providing client_tracking_active is set, the laundromat is scheduled. This "grace_end_forced" field bypasses other checks for whether the grace period has finished. This resolves a race which can result in use-after-free.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 ("lan966x: Fix crash when adding interface under a lag") fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The ocelot_set_aggr_pgids() function in the ocelot driver has similar logic and is susceptible to the same crash. This issue specifically affects the ocelot_vsc7514.c frontend, which leaves unused ports as NULL pointers. The felix_vsc9959.c frontend is unaffected as it uses the DSA framework which registers all ports. Fix this by checking if the port pointer is valid before accessing it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: libceph: return the handler error from mon_handle_auth_done() Currently any error from ceph_auth_handle_reply_done() is propagated via finish_auth() but isn't returned from mon_handle_auth_done(). This results in higher layers learning that (despite the monitor considering us to be successfully authenticated) something went wrong in the authentication phase and reacting accordingly, but msgr2 still trying to proceed with establishing the session in the background. In the case of secure mode this can trigger a WARN in setup_crypto() and later lead to a NULL pointer dereference inside of prepare_auth_signature().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference count leak in bpf_prog_test_run_xdp() syzbot is reporting unregister_netdevice: waiting for sit0 to become free. Usage count = 2 problem. A debug printk() patch found that a refcount is obtained at xdp_convert_md_to_buff() from bpf_prog_test_run_xdp(). According to commit ec94670fcb3b ("bpf: Support specifying ingress via xdp_md context in BPF_PROG_TEST_RUN"), the refcount obtained by xdp_convert_md_to_buff() will be released by xdp_convert_buff_to_md(). Therefore, we can consider that the error handling path introduced by commit 1c1949982524 ("bpf: introduce frags support to bpf_prog_test_run_xdp()") forgot to call xdp_convert_buff_to_md().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did not take care of VLAN encapsulations as spotted by syzbot [1]. Use skb_vlan_inet_prepare() instead of pskb_inet_may_pull(). [1] BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7a8/0x1fa0 include/net/inet_ecn.h:321 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP6_ECN_decapsulate+0x7a8/0x1fa0 include/net/inet_ecn.h:321 ip6ip6_dscp_ecn_decapsulate+0x16f/0x1b0 net/ipv6/ip6_tunnel.c:729 __ip6_tnl_rcv+0xed9/0x1b50 net/ipv6/ip6_tunnel.c:860 ip6_tnl_rcv+0xc3/0x100 net/ipv6/ip6_tunnel.c:903 gre_rcv+0x1529/0x1b90 net/ipv6/ip6_gre.c:-1 ip6_protocol_deliver_rcu+0x1c89/0x2c60 net/ipv6/ip6_input.c:438 ip6_input_finish+0x1f4/0x4a0 net/ipv6/ip6_input.c:489 NF_HOOK include/linux/netfilter.h:318 [inline] ip6_input+0x9c/0x330 net/ipv6/ip6_input.c:500 ip6_mc_input+0x7ca/0xc10 net/ipv6/ip6_input.c:590 dst_input include/net/dst.h:474 [inline] ip6_rcv_finish+0x958/0x990 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:318 [inline] ipv6_rcv+0xf1/0x3c0 net/ipv6/ip6_input.c:311 __netif_receive_skb_one_core net/core/dev.c:6139 [inline] __netif_receive_skb+0x1df/0xac0 net/core/dev.c:6252 netif_receive_skb_internal net/core/dev.c:6338 [inline] netif_receive_skb+0x57/0x630 net/core/dev.c:6397 tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485 tun_get_user+0x5c0e/0x6c60 drivers/net/tun.c:1953 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4960 [inline] slab_alloc_node mm/slub.c:5263 [inline] kmem_cache_alloc_node_noprof+0x9e7/0x17a0 mm/slub.c:5315 kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:586 __alloc_skb+0x805/0x1040 net/core/skbuff.c:690 alloc_skb include/linux/skbuff.h:1383 [inline] alloc_skb_with_frags+0xc5/0xa60 net/core/skbuff.c:6712 sock_alloc_send_pskb+0xacc/0xc60 net/core/sock.c:2995 tun_alloc_skb drivers/net/tun.c:1461 [inline] tun_get_user+0x1142/0x6c60 drivers/net/tun.c:1794 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 6465 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(none) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 When loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved (or to be restored) XSTATE_BV to ensure KVM doesn't attempt to load state for features that are disabled via the guest's XFD. Because the kernel executes XRSTOR with the guest's XFD, saving XSTATE_BV[i]=1 with XFD[i]=1 will cause XRSTOR to #NM and panic the kernel. E.g. if fpu_update_guest_xfd() sets XFD without clearing XSTATE_BV: ------------[ cut here ]------------ WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#29: amx_test/848 Modules linked in: kvm_intel kvm irqbypass CPU: 29 UID: 1000 PID: 848 Comm: amx_test Not tainted 6.19.0-rc2-ffa07f7fd437-x86_amx_nm_xfd_non_init-vm #171 NONE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 RIP: 0010:exc_device_not_available+0x101/0x110 Call Trace: <TASK> asm_exc_device_not_available+0x1a/0x20 RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90 switch_fpu_return+0x4a/0xb0 kvm_arch_vcpu_ioctl_run+0x1245/0x1e40 [kvm] kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm] __x64_sys_ioctl+0x8f/0xd0 do_syscall_64+0x62/0x940 entry_SYSCALL_64_after_hwframe+0x4b/0x53 </TASK> ---[ end trace 0000000000000000 ]--- This can happen if the guest executes WRMSR(MSR_IA32_XFD) to set XFD[18] = 1, and a host IRQ triggers kernel_fpu_begin() prior to the vmexit handler's call to fpu_update_guest_xfd(). and if userspace stuffs XSTATE_BV[i]=1 via KVM_SET_XSAVE: ------------[ cut here ]------------ WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#14: amx_test/867 Modules linked in: kvm_intel kvm irqbypass CPU: 14 UID: 1000 PID: 867 Comm: amx_test Not tainted 6.19.0-rc2-2dace9faccd6-x86_amx_nm_xfd_non_init-vm #168 NONE Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015 RIP: 0010:exc_device_not_available+0x101/0x110 Call Trace: <TASK> asm_exc_device_not_available+0x1a/0x20 RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90 fpu_swap_kvm_fpstate+0x6b/0x120 kvm_load_guest_fpu+0x30/0x80 [kvm] kvm_arch_vcpu_ioctl_run+0x85/0x1e40 [kvm] kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm] __x64_sys_ioctl+0x8f/0xd0 do_syscall_64+0x62/0x940 entry_SYSCALL_64_after_hwframe+0x4b/0x53 </TASK> ---[ end trace 0000000000000000 ]--- The new behavior is consistent with the AMX architecture. Per Intel's SDM, XSAVE saves XSTATE_BV as '0' for components that are disabled via XFD (and non-compacted XSAVE saves the initial configuration of the state component): If XSAVE, XSAVEC, XSAVEOPT, or XSAVES is saving the state component i, the instruction does not generate #NM when XCR0[i] = IA32_XFD[i] = 1; instead, it operates as if XINUSE[i] = 0 (and the state component was in its initial state): it saves bit i of XSTATE_BV field of the XSAVE header as 0; in addition, XSAVE saves the initial configuration of the state component (the other instructions do not save state component i). Alternatively, KVM could always do XRSTOR with XFD=0, e.g. by using a constant XFD based on the set of enabled features when XSAVEing for a struct fpu_guest. However, having XSTATE_BV[i]=1 for XFD-disabled features can only happen in the above interrupt case, or in similar scenarios involving preemption on preemptible kernels, because fpu_swap_kvm_fpstate()'s call to save_fpregs_to_fpstate() saves the outgoing FPU state with the current XFD; and that is (on all but the first WRMSR to XFD) the guest XFD. Therefore, XFD can only go out of sync with XSTATE_BV in the above interrupt case, or in similar scenarios involving preemption on preemptible kernels, and it we can consider it (de facto) part of KVM ABI that KVM_GET_XSAVE returns XSTATE_BV[i]=0 for XFD-disabled features. [Move clea ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzbot reported use-after-free of inet6_ifaddr in inet6_addr_del(). [0] The cited commit accidentally moved ipv6_del_addr() for mngtmpaddr before reading its ifp->flags for temporary addresses in inet6_addr_del(). Let's move ipv6_del_addr() down to fix the UAF. [0]: BUG: KASAN: slab-use-after-free in inet6_addr_del.constprop.0+0x67a/0x6b0 net/ipv6/addrconf.c:3117 Read of size 4 at addr ffff88807b89c86c by task syz.3.1618/9593 CPU: 0 UID: 0 PID: 9593 Comm: syz.3.1618 Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:378 [inline] print_report+0xcd/0x630 mm/kasan/report.c:482 kasan_report+0xe0/0x110 mm/kasan/report.c:595 inet6_addr_del.constprop.0+0x67a/0x6b0 net/ipv6/addrconf.c:3117 addrconf_del_ifaddr+0x11e/0x190 net/ipv6/addrconf.c:3181 inet6_ioctl+0x1e5/0x2b0 net/ipv6/af_inet6.c:582 sock_do_ioctl+0x118/0x280 net/socket.c:1254 sock_ioctl+0x227/0x6b0 net/socket.c:1375 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:597 [inline] __se_sys_ioctl fs/ioctl.c:583 [inline] __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f164cf8f749 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f164de64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f164d1e5fa0 RCX: 00007f164cf8f749 RDX: 0000200000000000 RSI: 0000000000008936 RDI: 0000000000000003 RBP: 00007f164d013f91 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007f164d1e6038 R14: 00007f164d1e5fa0 R15: 00007ffde15c8288 </TASK> Allocated by task 9593: kasan_save_stack+0x33/0x60 mm/kasan/common.c:56 kasan_save_track+0x14/0x30 mm/kasan/common.c:77 poison_kmalloc_redzone mm/kasan/common.c:397 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:414 kmalloc_noprof include/linux/slab.h:957 [inline] kzalloc_noprof include/linux/slab.h:1094 [inline] ipv6_add_addr+0x4e3/0x2010 net/ipv6/addrconf.c:1120 inet6_addr_add+0x256/0x9b0 net/ipv6/addrconf.c:3050 addrconf_add_ifaddr+0x1fc/0x450 net/ipv6/addrconf.c:3160 inet6_ioctl+0x103/0x2b0 net/ipv6/af_inet6.c:580 sock_do_ioctl+0x118/0x280 net/socket.c:1254 sock_ioctl+0x227/0x6b0 net/socket.c:1375 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:597 [inline] __se_sys_ioctl fs/ioctl.c:583 [inline] __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 6099: kasan_save_stack+0x33/0x60 mm/kasan/common.c:56 kasan_save_track+0x14/0x30 mm/kasan/common.c:77 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:584 poison_slab_object mm/kasan/common.c:252 [inline] __kasan_slab_free+0x5f/0x80 mm/kasan/common.c:284 kasan_slab_free include/linux/kasan.h:234 [inline] slab_free_hook mm/slub.c:2540 [inline] slab_free_freelist_hook mm/slub.c:2569 [inline] slab_free_bulk mm/slub.c:6696 [inline] kmem_cache_free_bulk mm/slub.c:7383 [inline] kmem_cache_free_bulk+0x2bf/0x680 mm/slub.c:7362 kfree_bulk include/linux/slab.h:830 [inline] kvfree_rcu_bulk+0x1b7/0x1e0 mm/slab_common.c:1523 kvfree_rcu_drain_ready mm/slab_common.c:1728 [inline] kfree_rcu_monitor+0x1d0/0x2f0 mm/slab_common.c:1801 process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257 process_scheduled_works kernel/workqu ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gre: make ip6gre_header() robust") Over the years, syzbot found many ways to crash the kernel in ipgre_header() [1]. This involves team or bonding drivers ability to dynamically change their dev->needed_headroom and/or dev->hard_header_len In this particular crash mld_newpack() allocated an skb with a too small reserve/headroom, and by the time mld_sendpack() was called, syzbot managed to attach an ipgre device. [1] skbuff: skb_under_panic: text:ffffffff89ea3cb7 len:2030915468 put:2030915372 head:ffff888058b43000 data:ffff887fdfa6e194 tail:0x120 end:0x6c0 dev:team0 kernel BUG at net/core/skbuff.c:213 ! Oops: invalid opcode: 0000 [#1] SMP KASAN PTI CPU: 1 UID: 0 PID: 1322 Comm: kworker/1:9 Not tainted syzkaller #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 Workqueue: mld mld_ifc_work RIP: 0010:skb_panic+0x157/0x160 net/core/skbuff.c:213 Call Trace: <TASK> skb_under_panic net/core/skbuff.c:223 [inline] skb_push+0xc3/0xe0 net/core/skbuff.c:2641 ipgre_header+0x67/0x290 net/ipv4/ip_gre.c:897 dev_hard_header include/linux/netdevice.h:3436 [inline] neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618 NF_HOOK_COND include/linux/netfilter.h:307 [inline] ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247 NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318 mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855 mld_send_cr net/ipv6/mcast.c:2154 [inline] mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693 process_one_work kernel/workqueue.c:3257 [inline] process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421 kthread+0x711/0x8a0 kernel/kthread.c:463 ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlink_alloc() failure devlink_alloc() may return NULL on allocation failure, but prestera_devlink_alloc() unconditionally calls devlink_priv() on the returned pointer. This leads to a NULL pointer dereference if devlink allocation fails. Add a check for a NULL devlink pointer and return NULL early to avoid the crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue occurs when: 1. gchan->config points to previously allocated memory 2. krealloc() fails and returns NULL 3. The function directly assigns NULL to gchan->config, losing the reference to the original memory 4. The original memory becomes unreachable and cannot be freed Fix this by using a temporary variable to hold the krealloc() result and only updating gchan->config when the allocation succeeds. Found via static analysis and code review.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() In nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails, the function jumps to the out_scratch label without freeing the already allocated dsaddrs list, leading to a memory leak. Fix this by jumping to the out_err_drain_dsaddrs label, which properly frees the dsaddrs list before cleaning up other resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndis_filter_device_add() does not allocate an indirection table, accepting RSS hash key updates in this state leads to a hang. Fix this by gating netvsc_set_rxfh() on ndc->rx_table_sz and return -EOPNOTSUPP when the table is absent. This aligns set_rxfh with the device capabilities and prevents incorrect behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, crypto_authenc_esn_decrypt() can advance past the end of the destination scatterlist and trigger a NULL pointer dereference in scatterwalk_map_and_copy(), leading to a kernel panic (DoS). Add a minimum AAD length check to fail fast on invalid inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem mentioned in the previous patch. If FOU_ATTR_IPPROTO is set to 0, skb is not freed by fou_udp_recv() nor "resubmit"-ted in ip_protocol_deliver_rcu(). Let's forbid 0 for FOU_ATTR_IPPROTO.
CWE-20 - Improper Input Validation| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list When the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is set to false, the driver may request the PMAC_ID from the firmware of the network card, and this function will store that PMAC_ID at the provided address pmac_id. This is the contract of this function. However, there is a location within the driver where both pmac_id_valid == false and pmac_id == NULL are being passed. This could result in dereferencing a NULL pointer. To resolve this issue, it is necessary to pass the address of a stub variable to the function.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: cap TX credit to local buffer size The virtio transports derives its TX credit directly from peer_buf_alloc, which is set from the remote endpoint's SO_VM_SOCKETS_BUFFER_SIZE value. On the host side this means that the amount of data we are willing to queue for a connection is scaled by a guest-chosen buffer size, rather than the host's own vsock configuration. A malicious guest can advertise a large buffer and read slowly, causing the host to allocate a correspondingly large amount of sk_buff memory. The same thing would happen in the guest with a malicious host, since virtio transports share the same code base. Introduce a small helper, virtio_transport_tx_buf_size(), that returns min(peer_buf_alloc, buf_alloc), and use it wherever we consume peer_buf_alloc. This ensures the effective TX window is bounded by both the peer's advertised buffer and our own buf_alloc (already clamped to buffer_max_size via SO_VM_SOCKETS_BUFFER_MAX_SIZE), so a remote peer cannot force the other to queue more data than allowed by its own vsock settings. On an unpatched Ubuntu 22.04 host (~64 GiB RAM), running a PoC with 32 guest vsock connections advertising 2 GiB each and reading slowly drove Slab/SUnreclaim from ~0.5 GiB to ~57 GiB; the system only recovered after killing the QEMU process. That said, if QEMU memory is limited with cgroups, the maximum memory used will be limited. With this patch applied: Before: MemFree: ~61.6 GiB Slab: ~142 MiB SUnreclaim: ~117 MiB After 32 high-credit connections: MemFree: ~61.5 GiB Slab: ~178 MiB SUnreclaim: ~152 MiB Only ~35 MiB increase in Slab/SUnreclaim, no host OOM, and the guest remains responsive. Compatibility with non-virtio transports: - VMCI uses the AF_VSOCK buffer knobs to size its queue pairs per socket based on the local vsk->buffer_* values; the remote side cannot enlarge those queues beyond what the local endpoint configured. - Hyper-V's vsock transport uses fixed-size VMBus ring buffers and an MTU bound; there is no peer-controlled credit field comparable to peer_buf_alloc, and the remote endpoint cannot drive in-flight kernel memory above those ring sizes. - The loopback path reuses virtio_transport_common.c, so it naturally follows the same semantics as the virtio transport. This change is limited to virtio_transport_common.c and thus affects virtio-vsock, vhost-vsock, and loopback, bringing them in line with the "remote window intersected with local policy" behaviour that VMCI and Hyper-V already effectively have. [Stefano: small adjustments after changing the previous patch] [Stefano: tweak the commit message]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsiback_remove() Memory allocated for struct vscsiblk_info in scsiback_probe() is not freed in scsiback_remove() leading to potential memory leaks on remove, as well as in the scsiback_probe() error paths. Fix that by freeing it in scsiback_remove().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. [0] The repro generated a GUE packet with its inner protocol 0. gue_udp_recv() returns -guehdr->proto_ctype for "resubmit" in ip_protocol_deliver_rcu(), but this only works with non-zero protocol number. Let's drop such packets. Note that 0 is a valid number (IPv6 Hop-by-Hop Option). I think it is not practical to encap HOPOPT in GUE, so once someone starts to complain, we could pass down a resubmit flag pointer to distinguish two zeros from the upper layer: * no error * resubmit HOPOPT [0] BUG: memory leak unreferenced object 0xffff888109695a00 (size 240): comm "syz.0.17", pid 6088, jiffies 4294943096 hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 40 c2 10 81 88 ff ff 00 00 00 00 00 00 00 00 .@.............. backtrace (crc a84b336f): kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline] slab_post_alloc_hook mm/slub.c:4958 [inline] slab_alloc_node mm/slub.c:5263 [inline] kmem_cache_alloc_noprof+0x3b4/0x590 mm/slub.c:5270 __build_skb+0x23/0x60 net/core/skbuff.c:474 build_skb+0x20/0x190 net/core/skbuff.c:490 __tun_build_skb drivers/net/tun.c:1541 [inline] tun_build_skb+0x4a1/0xa40 drivers/net/tun.c:1636 tun_get_user+0xc12/0x2030 drivers/net/tun.c:1770 tun_chr_write_iter+0x71/0x120 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0x45d/0x710 fs/read_write.c:686 ksys_write+0xa7/0x170 fs/read_write.c:738 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xa4/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb_pmd_shared() Patch series "mm/hugetlb: fixes for PMD table sharing (incl. using mmu_gather)", v3. One functional fix, one performance regression fix, and two related comment fixes. I cleaned up my prototype I recently shared [1] for the performance fix, deferring most of the cleanups I had in the prototype to a later point. While doing that I identified the other things. The goal of this patch set is to be backported to stable trees "fairly" easily. At least patch #1 and #4. Patch #1 fixes hugetlb_pmd_shared() not detecting any sharing Patch #2 + #3 are simple comment fixes that patch #4 interacts with. Patch #4 is a fix for the reported performance regression due to excessive IPI broadcasts during fork()+exit(). The last patch is all about TLB flushes, IPIs and mmu_gather. Read: complicated There are plenty of cleanups in the future to be had + one reasonable optimization on x86. But that's all out of scope for this series. Runtime tested, with a focus on fixing the performance regression using the original reproducer [2] on x86. This patch (of 4): We switched from (wrongly) using the page count to an independent shared count. Now, shared page tables have a refcount of 1 (excluding speculative references) and instead use ptdesc->pt_share_count to identify sharing. We didn't convert hugetlb_pmd_shared(), so right now, we would never detect a shared PMD table as such, because sharing/unsharing no longer touches the refcount of a PMD table. Page migration, like mbind() or migrate_pages() would allow for migrating folios mapped into such shared PMD tables, even though the folios are not exclusive. In smaps we would account them as "private" although they are "shared", and we would be wrongly setting the PM_MMAP_EXCLUSIVE in the pagemap interface. Fix it by properly using ptdesc_pmd_is_shared() in hugetlb_pmd_shared().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur under RTNL. But it is not so for the case of IPv6. So 1) Introduce per-port addrs_lock. 2) It was needed to fix places where it was forgotten to take lock (ipvlan_open/ipvlan_close) This appears to be a very minor problem though. Since it's highly unlikely that ipvlan_add_addr() will be called on 2 CPU simultaneously. But nevertheless, this could cause: 1) False-negative of ipvlan_addr_busy(): one interface iterated through all port->ipvlans + ipvlan->addrs under some ipvlan spinlock, and another added IP under its own lock. Though this is only possible for IPv6, since looks like only ipvlan_addr6_event() can be called without rtnl_lock. 2) Race since ipvlan_ht_addr_add(port) is called under different ipvlan->addrs_lock locks This should not affect performance, since add/remove IP is a rare situation and spinlock is not taken on fast paths.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running command completes or times out has race conditions. These race conditions can cause the SCSI layer to fail to wake the error handler, leaving I/O through the SCSI host stuck as the error state cannot advance. First, there is an memory ordering issue within scsi_dec_host_busy(). The write which clears SCMD_STATE_INFLIGHT may be reordered with reads counting in scsi_host_busy(). While the local CPU will see its own write, reordering can allow other CPUs in scsi_dec_host_busy() or scsi_eh_inc_host_failed() to see a raised busy count, causing no CPU to see a host busy equal to the host_failed count. This race condition can be prevented with a memory barrier on the error path to force the write to be visible before counting host busy commands. Second, there is a general ordering issue with scsi_eh_inc_host_failed(). By counting busy commands before incrementing host_failed, it can race with a final command in scsi_dec_host_busy(), such that scsi_dec_host_busy() does not see host_failed incremented but scsi_eh_inc_host_failed() counts busy commands before SCMD_STATE_INFLIGHT is cleared by scsi_dec_host_busy(), resulting in neither waking the error handler task. This needs the call to scsi_host_busy() to be moved after host_failed is incremented to close the race condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate() and compared to what is logically required. nft_map_catchall_activate() is called from the abort path to re-activate catchall map elements that were deactivated during a failed transaction. It should skip elements that are already active (they don't need re-activation) and process elements that are inactive (they need to be restored). Instead, the current code does the opposite: it skips inactive elements and processes active ones. Compare the non-catchall activate callback, which is correct: nft_mapelem_activate(): if (nft_set_elem_active(ext, iter->genmask)) return 0; /* skip active, process inactive */ With the buggy catchall version: nft_map_catchall_activate(): if (!nft_set_elem_active(ext, genmask)) continue; /* skip inactive, process active */ The consequence is that when a DELSET operation is aborted, nft_setelem_data_activate() is never called for the catchall element. For NFT_GOTO verdict elements, this means nft_data_hold() is never called to restore the chain->use reference count. Each abort cycle permanently decrements chain->use. Once chain->use reaches zero, DELCHAIN succeeds and frees the chain while catchall verdict elements still reference it, resulting in a use-after-free. This is exploitable for local privilege escalation from an unprivileged user via user namespaces + nftables on distributions that enable CONFIG_USER_NS and CONFIG_NF_TABLES. Fix by removing the negation so the check matches nft_mapelem_activate(): skip active elements, process inactive ones.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking (which will create a new worker for other items), or they complete fairly quickly. But syzbot reports an issue where io-wq takes seemingly forever to exit, and with a bit of debugging, this turns out to be because it queues a bunch of big (2GB - 4096b) reads with a /dev/msr* file. Since this file type doesn't support ->read_iter(), loop_rw_iter() ends up handling them. Each read returns 16MB of data read, which takes 20 (!!) seconds. With a bunch of these pending, processing the whole chain can take a long time. Easily longer than the syzbot uninterruptible sleep timeout of 140 seconds. This then triggers a complaint off the io-wq exit path: INFO: task syz.4.135:6326 blocked for more than 143 seconds. Not tainted syzkaller #0 Blocked by coredump. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.4.135 state:D stack:26824 pid:6326 tgid:6324 ppid:5957 task_flags:0x400548 flags:0x00080000 Call Trace: <TASK> context_switch kernel/sched/core.c:5256 [inline] __schedule+0x1139/0x6150 kernel/sched/core.c:6863 __schedule_loop kernel/sched/core.c:6945 [inline] schedule+0xe7/0x3a0 kernel/sched/core.c:6960 schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75 do_wait_for_common kernel/sched/completion.c:100 [inline] __wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:121 io_wq_exit_workers io_uring/io-wq.c:1328 [inline] io_wq_put_and_exit+0x271/0x8a0 io_uring/io-wq.c:1356 io_uring_clean_tctx+0x10d/0x190 io_uring/tctx.c:203 io_uring_cancel_generic+0x69c/0x9a0 io_uring/cancel.c:651 io_uring_files_cancel include/linux/io_uring.h:19 [inline] do_exit+0x2ce/0x2bd0 kernel/exit.c:911 do_group_exit+0xd3/0x2a0 kernel/exit.c:1112 get_signal+0x2671/0x26d0 kernel/signal.c:3034 arch_do_signal_or_restart+0x8f/0x7e0 arch/x86/kernel/signal.c:337 __exit_to_user_mode_loop kernel/entry/common.c:41 [inline] exit_to_user_mode_loop+0x8c/0x540 kernel/entry/common.c:75 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline] syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline] syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline] syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline] do_syscall_64+0x4ee/0xf80 arch/x86/entry/syscall_64.c:100 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa02738f749 RSP: 002b:00007fa0281ae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007fa0275e6098 RCX: 00007fa02738f749 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa0275e6098 RBP: 00007fa0275e6090 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fa0275e6128 R14: 00007fff14e4fcb0 R15: 00007fff14e4fd98 There's really nothing wrong here, outside of processing these reads will take a LONG time. However, we can speed up the exit by checking the IO_WQ_BIT_EXIT inside the io_worker_handle_work() loop, as syzbot will exit the ring after queueing up all of these reads. Then once the first item is processed, io-wq will simply cancel the rest. That should avoid syzbot running into this complaint again.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKB_GSO_DODGY flag for frag_list GSO packets, addressing low throughput issues observed when a station accesses IPv4 servers via hotspots with an IPv6-only upstream interface. Specifically, it fixes a bug in GSO segmentation when forwarding GRO packets containing a frag_list. The function skb_segment_list cannot correctly process GRO skbs that have been converted by XLAT, since XLAT only translates the header of the head skb. Consequently, skbs in the frag_list may remain untranslated, resulting in protocol inconsistencies and reduced throughput. To address this, the patch explicitly sets the SKB_GSO_DODGY flag for GSO packets in XLAT's IPv4/IPv6 protocol translation helpers (bpf_skb_proto_4_to_6 and bpf_skb_proto_6_to_4). This marks GSO packets as potentially modified after protocol translation. As a result, GSO segmentation will avoid using skb_segment_list and instead falls back to skb_segment for packets with the SKB_GSO_DODGY flag. This ensures that only safe and fully translated frag_list packets are processed by skb_segment_list, resolving protocol inconsistencies and improving throughput when forwarding GRO packets converted by XLAT.
CWE-237 - Improper Handling of Structural Elements| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro fooling u32_classify(): BUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0 net/sched/cls_u32.c:221
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via list_add_tail_rcu() (in nft_chain_add()) before registering hooks. If nf_tables_register_hook() then fails, the error path calls nft_chain_del() (list_del_rcu()) followed by nf_tables_chain_destroy() with no RCU grace period in between. This creates two use-after-free conditions: 1) Control-plane: nf_tables_dump_chains() traverses table->chains under rcu_read_lock(). A concurrent dump can still be walking the chain when the error path frees it. 2) Packet path: for NFPROTO_INET, nf_register_net_hook() briefly installs the IPv4 hook before IPv6 registration fails. Packets entering nft_do_chain() via the transient IPv4 hook can still be dereferencing chain->blob_gen_X when the error path frees the chain. Add synchronize_rcu() between nft_chain_del() and the chain destroy so that all RCU readers -- both dump threads and in-flight packet evaluation -- have finished before the chain is freed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp->rx_fpdu->more_ddp_segs without checking, which may lead to a NULL pointer deref. Only check more_ddp_segs when rx_fpdu is present. KASAN splat: [ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] [ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len can become negative and reach ib_create_send_mad(). This can make the padding calculation exceed the segment size and trigger an out-of-bounds memset in alloc_send_rmpp_list(). Add an explicit check to reject negative data_len before creating the send buffer. KASAN splat: [ 211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0 [ 211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102 [ 211.365867] ib_create_send_mad+0xa01/0x11b0 [ 211.365887] ib_umad_write+0x853/0x1c80
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list. Convert the parameters to an RCU-protected snapshot and swap updates under tcf_lock, freeing the previous snapshot via call_rcu(). When REPLACE omits the entry list, preserve the existing schedule so the effective state is unchanged.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held by the defragmentation engine. As reported by GangMin Kim, if such packet is that may cause a UaF when the defrag engine later on tries to tuch again such packet." act_ct was never meant to be used in the egress path, however some users are attaching it to egress today [2]. Attempting to reach a middle ground, we noticed that, while most qdiscs are not handling TC_ACT_CONSUMED, clsact/ingress qdiscs are. With that in mind, we address the issue by only allowing act_ct to bind to clsact/ingress qdiscs and shared blocks. That way it's still possible to attach act_ct to egress (albeit only with clsact). [1] https://lore.kernel.org/netdev/674b8cbfc385c6f37fb29a1de08d8fe5c2b0fbee.1771321118.git.pabeni@redhat.com/ [2] https://lore.kernel.org/netdev/cc6bfb4a-4a2b-42d8-b9ce-7ef6644fb22b@ovn.org/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race Make sure that __perf_event_overflow() runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled. This opens up a race vs perf_event_exit_event() and friends that will go and free various things the overflow path expects to be present, like the BPF program.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlan_common_newlink() error path valis reported that a race condition still happens after my prior patch. macvlan_common_newlink() might have made @dev visible before detecting an error, and its caller will directly call free_netdev(dev). We must respect an RCU period, either in macvlan or the core networking stack. After adding a temporary mdelay(1000) in macvlan_forward_source_one() to open the race window, valis repro was: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip link add mv0 link p2 type macvlan mode source (ip link add invalid% link p2 type macvlan mode source macaddr add 00:00:00:00:00:20 &) ; sleep 0.5 ; ping -c1 -I p1 1.2.3.4 PING 1.2.3.4 (1.2.3.4): 56 data bytes RTNETLINK answers: Invalid argument BUG: KASAN: slab-use-after-free in macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) Read of size 8 at addr ffff888016bb89c0 by task e/175 CPU: 1 UID: 1000 PID: 175 Comm: e Not tainted 6.19.0-rc8+ #33 NONE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 Call Trace: <IRQ> dump_stack_lvl (lib/dump_stack.c:123) print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) ? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) kasan_report (mm/kasan/report.c:597) ? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) ? tasklet_init (kernel/softirq.c:983) macvlan_handle_frame (drivers/net/macvlan.c:501) Allocated by task 169: kasan_save_stack (mm/kasan/common.c:58) kasan_save_track (./arch/x86/include/asm/current.h:25 mm/kasan/common.c:70 mm/kasan/common.c:79) __kasan_kmalloc (mm/kasan/common.c:419) __kvmalloc_node_noprof (./include/linux/kasan.h:263 mm/slub.c:5657 mm/slub.c:7140) alloc_netdev_mqs (net/core/dev.c:12012) rtnl_create_link (net/core/rtnetlink.c:3648) rtnl_newlink (net/core/rtnetlink.c:3830 net/core/rtnetlink.c:3957 net/core/rtnetlink.c:4072) rtnetlink_rcv_msg (net/core/rtnetlink.c:6958) netlink_rcv_skb (net/netlink/af_netlink.c:2550) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) Freed by task 169: kasan_save_stack (mm/kasan/common.c:58) kasan_save_track (./arch/x86/include/asm/current.h:25 mm/kasan/common.c:70 mm/kasan/common.c:79) kasan_save_free_info (mm/kasan/generic.c:587) __kasan_slab_free (mm/kasan/common.c:287) kfree (mm/slub.c:6674 mm/slub.c:6882) rtnl_newlink (net/core/rtnetlink.c:3845 net/core/rtnetlink.c:3957 net/core/rtnetlink.c:4072) rtnetlink_rcv_msg (net/core/rtnetlink.c:6958) netlink_rcv_skb (net/netlink/af_netlink.c:2550) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revision 1 with XT_IDLETIMER_ALARM, the object uses alarm timer semantics and timer->timer is never initialized. Reusing that object from revision 0 causes mod_timer() on an uninitialized timer_list, triggering debugobjects warnings and possible panic when panic_on_warn=1. Fix this by rejecting revision 0 rule insertion when an existing timer with the same label is of ALARM type.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit through slave devices, but does not update skb->dev to the slave device beforehand. When a gretap tunnel is a TEQL slave, the transmit path reaches iptunnel_xmit() which saves dev = skb->dev (still pointing to teql0 master) and later calls iptunnel_xmit_stats(dev, pkt_len). This function does: get_cpu_ptr(dev->tstats) Since teql_master_setup() does not set dev->pcpu_stat_type to NETDEV_PCPU_STAT_TSTATS, the core network stack never allocates tstats for teql0, so dev->tstats is NULL. get_cpu_ptr(NULL) computes NULL + __per_cpu_offset[cpu], resulting in a page fault. BUG: unable to handle page fault for address: ffff8880e6659018 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 68bc067 P4D 68bc067 PUD 0 Oops: Oops: 0002 [#1] SMP KASAN PTI RIP: 0010:iptunnel_xmit (./include/net/ip_tunnels.h:664 net/ipv4/ip_tunnel_core.c:89) Call Trace: <TASK> ip_tunnel_xmit (net/ipv4/ip_tunnel.c:847) __gre_xmit (net/ipv4/ip_gre.c:478) gre_tap_xmit (net/ipv4/ip_gre.c:779) teql_master_xmit (net/sched/sch_teql.c:319) dev_hard_start_xmit (net/core/dev.c:3887) sch_direct_xmit (net/sched/sch_generic.c:347) __dev_queue_xmit (net/core/dev.c:4802) neigh_direct_output (net/core/neighbour.c:1660) ip_finish_output2 (net/ipv4/ip_output.c:237) __ip_finish_output.part.0 (net/ipv4/ip_output.c:315) ip_mc_output (net/ipv4/ip_output.c:369) ip_send_skb (net/ipv4/ip_output.c:1508) udp_send_skb (net/ipv4/udp.c:1195) udp_sendmsg (net/ipv4/udp.c:1485) inet_sendmsg (net/ipv4/af_inet.c:859) __sys_sendto (net/socket.c:2206) Fix this by setting skb->dev = slave before calling netdev_start_xmit(), so that tunnel xmit functions see the correct slave device with properly allocated tstats.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup() Reset eBPF program pointer to old_prog and do not decrease its ref-count if mtk_open routine in mtk_xdp_setup() fails.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: irqchip/sifive-plic: Fix frozen interrupt due to affinity setting PLIC ignores interrupt completion message for disabled interrupt, explained by the specification: The PLIC signals it has completed executing an interrupt handler by writing the interrupt ID it received from the claim to the claim/complete register. The PLIC does not check whether the completion ID is the same as the last claim ID for that target. If the completion ID does not match an interrupt source that is currently enabled for the target, the completion is silently ignored. This caused problems in the past, because an interrupt can be disabled while still being handled and plic_irq_eoi() had no effect. That was fixed by checking if the interrupt is disabled, and if so enable it, before sending the completion message. That check is done with irqd_irq_disabled(). However, that is not sufficient because the enable bit for the handling hart can be zero despite irqd_irq_disabled(d) being false. This can happen when affinity setting is changed while a hart is still handling the interrupt. This problem is easily reproducible by dumping a large file to uart (which generates lots of interrupts) and at the same time keep changing the uart interrupt's affinity setting. The uart port becomes frozen almost instantaneously. Fix this by checking PLIC's enable bit instead of irqd_irq_disabled().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which initializes it. If an IPv6 packet is injected into the interface, route_shortcircuit() is called and a NULL pointer dereference happens on neigh_lookup(). BUG: kernel NULL pointer dereference, address: 0000000000000380 Oops: Oops: 0000 [#1] SMP NOPTI [...] RIP: 0010:neigh_lookup+0x20/0x270 [...] Call Trace: <TASK> vxlan_xmit+0x638/0x1ef0 [vxlan] dev_hard_start_xmit+0x9e/0x2e0 __dev_queue_xmit+0xbee/0x14e0 packet_sendmsg+0x116f/0x1930 __sys_sendto+0x1f5/0x200 __x64_sys_sendto+0x24/0x30 do_syscall_64+0x12f/0x1590 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix this by adding an early check on route_shortcircuit() when protocol is ETH_P_IPV6. Note that ipv6_mod_enabled() cannot be used here because VXLAN can be built-in even when IPv6 is built as a module.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop When a standalone IPv6 nexthop object is created with a loopback device (e.g., "ip -6 nexthop add id 100 dev lo"), fib6_nh_init() misclassifies it as a reject route. This is because nexthop objects have no destination prefix (fc_dst=::), causing fib6_is_reject() to match any loopback nexthop. The reject path skips fib_nh_common_init(), leaving nhc_pcpu_rth_output unallocated. If an IPv4 route later references this nexthop, __mkroute_output() dereferences NULL nhc_pcpu_rth_output and panics. Simplify the check in fib6_nh_init() to only match explicit reject routes (RTF_REJECT) instead of using fib6_is_reject(). The loopback promotion heuristic in fib6_is_reject() is handled separately by ip6_route_info_create_nh(). After this change, the three cases behave as follows: 1. Explicit reject route ("ip -6 route add unreachable 2001:db8::/64"): RTF_REJECT is set, enters reject path, skips fib_nh_common_init(). No behavior change. 2. Implicit loopback reject route ("ip -6 route add 2001:db8::/32 dev lo"): RTF_REJECT is not set, takes normal path, fib_nh_common_init() is called. ip6_route_info_create_nh() still promotes it to reject afterward. nhc_pcpu_rth_output is allocated but unused, which is harmless. 3. Standalone nexthop object ("ip -6 nexthop add id 100 dev lo"): RTF_REJECT is not set, takes normal path, fib_nh_common_init() is called. nhc_pcpu_rth_output is properly allocated, fixing the crash when IPv4 routes reference this nexthop.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() l3mdev_master_dev_rcu() can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6_rt_pcpu_alloc() -> ip6_rt_get_dev_rcu() with commit 4832c30d5458 ("net: ipv6: put host and anycast routes on device with address"). KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f] RIP: 0010:ip6_rt_pcpu_alloc (net/ipv6/route.c:1418) Call Trace: ip6_pol_route (net/ipv6/route.c:2318) fib6_rule_lookup (net/ipv6/fib6_rules.c:115) ip6_route_output_flags (net/ipv6/route.c:2607) vrf_process_v6_outbound (drivers/net/vrf.c:437) I was tempted to rework the un-slaving code to clear the flag first and insert synchronize_rcu() before we remove the upper. But looks like the explicit fallback to loopback_dev is an established pattern. And I guess avoiding the synchronize_rcu() is nice, too.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim The root cause of this bug is that when 'bpf_link_put' reduces the refcount of 'shim_link->link.link' to zero, the resource is considered released but may still be referenced via 'tr->progs_hlist' in 'cgroup_shim_find'. The actual cleanup of 'tr->progs_hlist' in 'bpf_shim_tramp_link_release' is deferred. During this window, another process can cause a use-after-free via 'bpf_trampoline_link_cgroup_shim'. Based on Martin KaFai Lau's suggestions, I have created a simple patch. To fix this: Add an atomic non-zero check in 'bpf_trampoline_link_cgroup_shim'. Only increment the refcount if it is not already zero. Testing: I verified the fix by adding a delay in 'bpf_shim_tramp_link_release' to make the bug easier to trigger: static void bpf_shim_tramp_link_release(struct bpf_link *link) { /* ... */ if (!shim_link->trampoline) return; + msleep(100); WARN_ON_ONCE(bpf_trampoline_unlink_prog(&shim_link->link, shim_link->trampoline, NULL)); bpf_trampoline_put(shim_link->trampoline); } Before the patch, running a PoC easily reproduced the crash(almost 100%) with a call trace similar to KaiyanM's report. After the patch, the bug no longer occurs even after millions of iterations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk->pm.local_addr_used == 0 WARNING: net/mptcp/pm_kernel.c:1071 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline], CPU#1: syz.2.17/961 WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline], CPU#1: syz.2.17/961 WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210, CPU#1: syz.2.17/961 Modules linked in: CPU: 1 UID: 0 PID: 961 Comm: syz.2.17 Not tainted 6.19.0-08368-gfafda3b4b06b #22 PREEMPT(full) Hardware name: QEMU Ubuntu 25.10 PC v2 (i440FX + PIIX, + 10.1 machine, 1996), BIOS 1.17.0-debian-1.17.0-1build1 04/01/2014 RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline] RIP: 0010:mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline] RIP: 0010:mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210 Code: 89 c5 e8 46 30 6f fe e9 21 fd ff ff 49 83 ed 80 e8 38 30 6f fe 4c 89 ef be 03 00 00 00 e8 db 49 df fe eb ac e8 24 30 6f fe 90 <0f> 0b 90 e9 1d ff ff ff e8 16 30 6f fe eb 05 e8 0f 30 6f fe e8 9a RSP: 0018:ffffc90001663880 EFLAGS: 00010293 RAX: ffffffff82de1a6c RBX: 0000000000000000 RCX: ffff88800722b500 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffff8880158b22d0 R08: 0000000000010425 R09: ffffffffffffffff R10: ffffffff82de18ba R11: 0000000000000000 R12: ffff88800641a640 R13: ffff8880158b1880 R14: ffff88801ec3c900 R15: ffff88800641a650 FS: 00005555722c3500(0000) GS:ffff8880f909d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f66346e0f60 CR3: 000000001607c000 CR4: 0000000000350ef0 Call Trace: <TASK> genl_family_rcv_msg_doit+0x117/0x180 net/netlink/genetlink.c:1115 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0x3a8/0x3f0 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x16d/0x240 net/netlink/af_netlink.c:2550 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x3e9/0x4c0 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x4aa/0x5b0 net/netlink/af_netlink.c:1894 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg+0xc9/0xf0 net/socket.c:742 ____sys_sendmsg+0x272/0x3b0 net/socket.c:2592 ___sys_sendmsg+0x2de/0x320 net/socket.c:2646 __sys_sendmsg net/socket.c:2678 [inline] __do_sys_sendmsg net/socket.c:2683 [inline] __se_sys_sendmsg net/socket.c:2681 [inline] __x64_sys_sendmsg+0x110/0x1a0 net/socket.c:2681 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x143/0x440 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f66346f826d Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc83d8bdc8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f6634985fa0 RCX: 00007f66346f826d RDX: 00000000040000b0 RSI: 0000200000000740 RDI: 0000000000000007 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6634985fa8 R13: 00007f6634985fac R14: 0000000000000000 R15: 0000000000001770 </TASK> The actions that caused that seem to be: - Set the MPTCP subflows limit to 0 - Create an MPTCP endpoint with both the 'signal' and 'subflow' flags - Create a new MPTCP connection from a different address: an ADD_ADDR linked to the MPTCP endpoint will be sent ('signal' flag), but no subflows is initiated ('subflow' flag) - Remove the MPTCP endpoint ---truncated---
CWE-911 - Improper Update of Reference Count| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() struct irdma_create_ah_resp { // 8 bytes, no padding __u32 ah_id; // offset 0 - SET (uresp.ah_id = ah->sc_ah.ah_info.ah_idx) __u8 rsvd[4]; // offset 4 - NEVER SET <- LEAK }; rsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata(). The reserved members of the structure were not zeroed.
CWE-908 - Use of Uninitialized Resource| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush qdiscs for queues which will no longer be used. qdisc_reset_all_tx_gt() currently serializes qdisc_reset() with qdisc_lock(). However, for lockless qdiscs, the dequeue path is serialized by qdisc_run_begin/end() using qdisc->seqlock instead, so qdisc_reset() can run concurrently with __qdisc_run() and free skbs while they are still being dequeued, leading to UAF. This can easily be reproduced on e.g. virtio-net by imposing heavy traffic while frequently changing the number of queue pairs: iperf3 -ub0 -c $peer -t 0 & while :; do ethtool -L eth0 combined 1 ethtool -L eth0 combined 2 done With KASAN enabled, this leads to reports like: BUG: KASAN: slab-use-after-free in __qdisc_run+0x133f/0x1760 ... Call Trace: <TASK> ... __qdisc_run+0x133f/0x1760 __dev_queue_xmit+0x248f/0x3550 ip_finish_output2+0xa42/0x2110 ip_output+0x1a7/0x410 ip_send_skb+0x2e6/0x480 udp_send_skb+0xb0a/0x1590 udp_sendmsg+0x13c9/0x1fc0 ... </TASK> Allocated by task 1270 on cpu 5 at 44.558414s: ... alloc_skb_with_frags+0x84/0x7c0 sock_alloc_send_pskb+0x69a/0x830 __ip_append_data+0x1b86/0x48c0 ip_make_skb+0x1e8/0x2b0 udp_sendmsg+0x13a6/0x1fc0 ... Freed by task 1306 on cpu 3 at 44.558445s: ... kmem_cache_free+0x117/0x5e0 pfifo_fast_reset+0x14d/0x580 qdisc_reset+0x9e/0x5f0 netif_set_real_num_tx_queues+0x303/0x840 virtnet_set_channels+0x1bf/0x260 [virtio_net] ethnl_set_channels+0x684/0xae0 ethnl_default_set_doit+0x31a/0x890 ... Serialize qdisc_reset_all_tx_gt() against the lockless dequeue path by taking qdisc->seqlock for TCQ_F_NOLOCK qdiscs, matching the serialization model already used by dev_reset_queue(). Additionally clear QDISC_STATE_NON_EMPTY after reset so the qdisc state reflects an empty queue, avoiding needless re-scheduling.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpf_xdp_frags_increase_tail(), clearly expects a truesize. Such difference leads to unspecific memory corruption issues under certain circumstances, e.g. in ixgbevf maximum DMA write size is 3 KB, so when running xskxceiver's XDP_ADJUST_TAIL_GROW_MULTI_BUFF, 6K packet fully uses all DMA-writable space in 2 buffers. This would be fine, if only rxq->frag_size was properly set to 4K, but value of 3K results in a negative tailroom, because there is a non-zero page offset. We are supposed to return -EINVAL and be done with it in such case, but due to tailroom being stored as an unsigned int, it is reported to be somewhere near UINT_MAX, resulting in a tail being grown, even if the requested offset is too much (it is around 2K in the abovementioned test). This later leads to all kinds of unspecific calltraces. [ 7340.337579] xskxceiver[1440]: segfault at 1da718 ip 00007f4161aeac9d sp 00007f41615a6a00 error 6 [ 7340.338040] xskxceiver[1441]: segfault at 7f410000000b ip 00000000004042b5 sp 00007f415bffecf0 error 4 [ 7340.338179] in libc.so.6[61c9d,7f4161aaf000+160000] [ 7340.339230] in xskxceiver[42b5,400000+69000] [ 7340.340300] likely on CPU 6 (core 0, socket 6) [ 7340.340302] Code: ff ff 01 e9 f4 fe ff ff 0f 1f 44 00 00 4c 39 f0 74 73 31 c0 ba 01 00 00 00 f0 0f b1 17 0f 85 ba 00 00 00 49 8b 87 88 00 00 00 <4c> 89 70 08 eb cc 0f 1f 44 00 00 48 8d bd f0 fe ff ff 89 85 ec fe [ 7340.340888] likely on CPU 3 (core 0, socket 3) [ 7340.345088] Code: 00 00 00 ba 00 00 00 00 be 00 00 00 00 89 c7 e8 31 ca ff ff 89 45 ec 8b 45 ec 85 c0 78 07 b8 00 00 00 00 eb 46 e8 0b c8 ff ff <8b> 00 83 f8 69 74 24 e8 ff c7 ff ff 8b 00 83 f8 0b 74 18 e8 f3 c7 [ 7340.404334] Oops: general protection fault, probably for non-canonical address 0x6d255010bdffc: 0000 [#1] SMP NOPTI [ 7340.405972] CPU: 7 UID: 0 PID: 1439 Comm: xskxceiver Not tainted 6.19.0-rc1+ #21 PREEMPT(lazy) [ 7340.408006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014 [ 7340.409716] RIP: 0010:lookup_swap_cgroup_id+0x44/0x80 [ 7340.410455] Code: 83 f8 1c 73 39 48 ba ff ff ff ff ff ff ff 03 48 8b 04 c5 20 55 fa bd 48 21 d1 48 89 ca 83 e1 01 48 d1 ea c1 e1 04 48 8d 04 90 <8b> 00 48 83 c4 10 d3 e8 c3 cc cc cc cc 31 c0 e9 98 b7 dd 00 48 89 [ 7340.412787] RSP: 0018:ffffcc5c04f7f6d0 EFLAGS: 00010202 [ 7340.413494] RAX: 0006d255010bdffc RBX: ffff891f477895a8 RCX: 0000000000000010 [ 7340.414431] RDX: 0001c17e3fffffff RSI: 00fa070000000000 RDI: 000382fc7fffffff [ 7340.415354] RBP: 00fa070000000000 R08: ffffcc5c04f7f8f8 R09: ffffcc5c04f7f7d0 [ 7340.416283] R10: ffff891f4c1a7000 R11: ffffcc5c04f7f9c8 R12: ffffcc5c04f7f7d0 [ 7340.417218] R13: 03ffffffffffffff R14: 00fa06fffffffe00 R15: ffff891f47789500 [ 7340.418229] FS: 0000000000000000(0000) GS:ffff891ffdfaa000(0000) knlGS:0000000000000000 [ 7340.419489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 7340.420286] CR2: 00007f415bfffd58 CR3: 0000000103f03002 CR4: 0000000000772ef0 [ 7340.421237] PKRU: 55555554 [ 7340.421623] Call Trace: [ 7340.421987] <TASK> [ 7340.422309] ? softleaf_from_pte+0x77/0xa0 [ 7340.422855] swap_pte_batch+0xa7/0x290 [ 7340.423363] zap_nonpresent_ptes.constprop.0.isra.0+0xd1/0x270 [ 7340.424102] zap_pte_range+0x281/0x580 [ 7340.424607] zap_pmd_range.isra.0+0xc9/0x240 [ 7340.425177] unmap_page_range+0x24d/0x420 [ 7340.425714] unmap_vmas+0xa1/0x180 [ 7340.426185] exit_mmap+0xe1/0x3b0 [ 7340.426644] __mmput+0x41/0x150 [ 7340.427098] exit_mm+0xb1/0x110 [ 7340.427539] do_exit+0x1b2/0x460 [ 7340.427992] do_group_exit+0x2d/0xc0 [ 7340.428477] get_signal+0x79d/0x7e0 [ 7340.428957] arch_do_signal_or_restart+0x34/0x100 [ 7340.429571] exit_to_user_mode_loop+0x8e/0x4c0 [ 7340.430159] do_syscall_64+0x188/ ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible context, triggering soft lockup warnings and RCU stall reports (local denial of service). We must split GC in an unlink and a reclaim phase. We cannot queue elements for freeing until pointers have been swapped. Expired elements are still exposed to both the packet path and userspace dumpers via the live copy of the data structure. call_rcu() does not protect us: dump operations or element lookups starting after call_rcu has fired can still observe the free'd element, unless the commit phase has made enough progress to swap the clone and live pointers before any new reader has picked up the old version. This a similar approach as done recently for the rbtree backend in commit 35f83a75529a ("netfilter: nft_set_rbtree: don't gc elements on insert").
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap get_upper_ifindexes() iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is MAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack, but that assumption is not correct and the number of upper devices could be larger than MAX_NEST_DEV (e.g., many macvlans), causing a stack-out-of-bounds write. Add a max parameter to get_upper_ifindexes() to avoid the issue. When there are too many upper devices, return -EOVERFLOW and abort the redirect. To reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with an XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS. Then send a packet to the device to trigger the XDP redirect path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDS_TRIGGER_NETDEV and LED_TRIGGER_PHY are enabled: [ 1362.049207] [<8054e4b8>] led_trigger_register+0x5c/0x1fc <-- Trying to get lock "triggers_list_lock" via down_write(&triggers_list_lock); [ 1362.054536] [<80662830>] phy_led_triggers_register+0xd0/0x234 [ 1362.060329] [<8065e200>] phy_attach_direct+0x33c/0x40c [ 1362.065489] [<80651fc4>] phylink_fwnode_phy_connect+0x15c/0x23c [ 1362.071480] [<8066ee18>] mtk_open+0x7c/0xba0 [ 1362.075849] [<806d714c>] __dev_open+0x280/0x2b0 [ 1362.080384] [<806d7668>] __dev_change_flags+0x244/0x24c [ 1362.085598] [<806d7698>] dev_change_flags+0x28/0x78 [ 1362.090528] [<807150e4>] dev_ioctl+0x4c0/0x654 <-- Hold lock "rtnl_mutex" by calling rtnl_lock(); [ 1362.094985] [<80694360>] sock_ioctl+0x2f4/0x4e0 [ 1362.099567] [<802e9c4c>] sys_ioctl+0x32c/0xd8c [ 1362.104022] [<80014504>] syscall_common+0x34/0x58 Here LED_TRIGGER_PHY is registering LED triggers during phy_attach while holding RTNL and then taking triggers_list_lock. [ 1362.191101] [<806c2640>] register_netdevice_notifier+0x60/0x168 <-- Trying to get lock "rtnl_mutex" via rtnl_lock(); [ 1362.197073] [<805504ac>] netdev_trig_activate+0x194/0x1e4 [ 1362.202490] [<8054e28c>] led_trigger_set+0x1d4/0x360 <-- Hold lock "triggers_list_lock" by down_read(&triggers_list_lock); [ 1362.207511] [<8054eb38>] led_trigger_write+0xd8/0x14c [ 1362.212566] [<80381d98>] sysfs_kf_bin_write+0x80/0xbc [ 1362.217688] [<8037fcd8>] kernfs_fop_write_iter+0x17c/0x28c [ 1362.223174] [<802cbd70>] vfs_write+0x21c/0x3c4 [ 1362.227712] [<802cc0c4>] ksys_write+0x78/0x12c [ 1362.232164] [<80014504>] syscall_common+0x34/0x58 Here LEDS_TRIGGER_NETDEV is being enabled on an LED. It first takes triggers_list_lock and then RTNL. A classical AB-BA deadlock. phy_led_triggers_registers() does not require the RTNL, it does not make any calls into the network stack which require protection. There is also no requirement the PHY has been attached to a MAC, the triggers only make use of phydev state. This allows the call to phy_led_triggers_registers() to be placed elsewhere. PHY probe() and release() don't hold RTNL, so solving the AB-BA deadlock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data set_new_password() hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking credentials.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ife: Fix metalist update behavior Whenever an ife action replace changes the metalist, instead of replacing the old data on the metalist, the current ife code is appending the new metadata. Aside from being innapropriate behavior, this may lead to an unbounded addition of metadata to the metalist which might cause an out of bounds error when running the encode op: [ 138.423369][ C1] ================================================================== [ 138.424317][ C1] BUG: KASAN: slab-out-of-bounds in ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.424906][ C1] Write of size 4 at addr ffff8880077f4ffe by task ife_out_out_bou/255 [ 138.425778][ C1] CPU: 1 UID: 0 PID: 255 Comm: ife_out_out_bou Not tainted 7.0.0-rc1-00169-gfbdfa8da05b6 #624 PREEMPT(full) [ 138.425795][ C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 138.425800][ C1] Call Trace: [ 138.425804][ C1] <IRQ> [ 138.425808][ C1] dump_stack_lvl (lib/dump_stack.c:122) [ 138.425828][ C1] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) [ 138.425839][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 138.425844][ C1] ? __virt_addr_valid (./arch/x86/include/asm/preempt.h:95 (discriminator 1) ./include/linux/rcupdate.h:975 (discriminator 1) ./include/linux/mmzone.h:2207 (discriminator 1) arch/x86/mm/physaddr.c:54 (discriminator 1)) [ 138.425853][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.425859][ C1] kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:597) [ 138.425868][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.425878][ C1] kasan_check_range (mm/kasan/generic.c:186 (discriminator 1) mm/kasan/generic.c:200 (discriminator 1)) [ 138.425884][ C1] __asan_memset (mm/kasan/shadow.c:84 (discriminator 2)) [ 138.425889][ C1] ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.425893][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:171) [ 138.425898][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 138.425903][ C1] ife_encode_meta_u16 (net/sched/act_ife.c:57) [ 138.425910][ C1] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 138.425916][ C1] ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 3)) [ 138.425921][ C1] ? __pfx_ife_encode_meta_u16 (net/sched/act_ife.c:45) [ 138.425927][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 138.425931][ C1] tcf_ife_act (net/sched/act_ife.c:847 net/sched/act_ife.c:879) To solve this issue, fix the replace behavior by adding the metalist to the ife rcu data structure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'q_sum' and 'q_psum'. Using unsigned int, the same integer size as the individual DRR quanta, can overflow and even cause division by zero, like it happened in the following splat: Oops: divide error: 0000 [#1] SMP PTI CPU: 13 UID: 0 PID: 487 Comm: tc Tainted: G E 6.19.0-virtme #45 PREEMPT(full) Tainted: [E]=UNSIGNED_MODULE Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets] Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 <41> f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44 RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246 RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660 RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000 FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0 Call Trace: <TASK> ets_qdisc_change+0x870/0xf40 [sch_ets] qdisc_create+0x12b/0x540 tc_modify_qdisc+0x6d7/0xbd0 rtnetlink_rcv_msg+0x168/0x6b0 netlink_rcv_skb+0x5c/0x110 netlink_unicast+0x1d6/0x2b0 netlink_sendmsg+0x22e/0x470 ____sys_sendmsg+0x38a/0x3c0 ___sys_sendmsg+0x99/0xe0 __sys_sendmsg+0x8a/0xf0 do_syscall_64+0x111/0xf80 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f440b81c77e Code: 4d 89 d8 e8 d4 bc 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 <c9> c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa RSP: 002b:00007fff951e4c10 EFLAGS: 00000202 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000481820 RCX: 00007f440b81c77e RDX: 0000000000000000 RSI: 00007fff951e4cd0 RDI: 0000000000000003 RBP: 00007fff951e4c20 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff951f4fa8 R13: 00000000699ddede R14: 00007f440bb01000 R15: 0000000000486980 </TASK> Modules linked in: sch_ets(E) netdevsim(E) ---[ end trace 0000000000000000 ]--- RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets] Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 <41> f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44 RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246 RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660 RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000 FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0 Kernel panic - not syncing: Fatal exception Kernel Offset: 0x30000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) ---[ end Kernel panic - not syncing: Fatal exception ]--- Fix this using 64-bit integers for 'q_sum' and 'q_psum'.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which initializes it. Then, if neigh_suppress is enabled and an ICMPv6 Neighbor Discovery packet reaches the bridge, br_do_suppress_nd() will dereference ipv6_stub->nd_tbl which is NULL, passing it to neigh_lookup(). This causes a kernel NULL pointer dereference. BUG: kernel NULL pointer dereference, address: 0000000000000268 Oops: 0000 [#1] PREEMPT SMP NOPTI [...] RIP: 0010:neigh_lookup+0x16/0xe0 [...] Call Trace: <IRQ> ? neigh_lookup+0x16/0xe0 br_do_suppress_nd+0x160/0x290 [bridge] br_handle_frame_finish+0x500/0x620 [bridge] br_handle_frame+0x353/0x440 [bridge] __netif_receive_skb_core.constprop.0+0x298/0x1110 __netif_receive_skb_one_core+0x3d/0xa0 process_backlog+0xa0/0x140 __napi_poll+0x2c/0x170 net_rx_action+0x2c4/0x3a0 handle_softirqs+0xd0/0x270 do_softirq+0x3f/0x60 Fix this by replacing IS_ENABLED(IPV6) call with ipv6_mod_enabled() in the callers. This is in essence disabling NS/NA suppression when IPv6 is disabled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_CT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy, nfnetlink_cttimeout might remove it. The use of templates with zone and event cache filter are safe, since this just copies values. Flush these enqueued packets in case the template rule gets removed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this flowtable to packet path and nfnetlink_hook control plane. This error path is rare, it should only happen by reaching the maximum number hooks or by failing to set up to hardware offload, just call synchronize_rcu(). There is a check for already used device hooks by different flowtable that could result in EEXIST at this late stage. The hook parser can be updated to perform this check earlier to this error path really becomes rarely exercised. Uncovered by KASAN reported as use-after-free from nfnetlink_hook path when dumping hooks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_callback() validates opt_num bounds and string NUL-termination but does not check individual option length fields. A zero-length option causes nf_osf_match_one() to enter the option matching loop even when foptsize sums to zero, which matches packets with no TCP options where ctx->optp is NULL: Oops: general protection fault KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98) Call Trace: nf_osf_match (net/netfilter/nfnetlink_osf.c:227) xt_osf_match_packet (net/netfilter/xt_osf.c:32) ipt_do_table (net/ipv4/netfilter/ip_tables.c:293) nf_hook_slow (net/netfilter/core.c:623) ip_local_deliver (net/ipv4/ip_input.c:262) ip_rcv (net/ipv4/ip_input.c:573) Additionally, an MSS option (kind=2) with length < 4 causes out-of-bounds reads when nf_osf_match_one() unconditionally accesses optp[2] and optp[3] for MSS value extraction. While RFC 9293 section 3.2 specifies that the MSS option is always exactly 4 bytes (Kind=2, Length=4), the check uses "< 4" rather than "!= 4" because lengths greater than 4 do not cause memory safety issues -- the buffer is guaranteed to be at least foptsize bytes by the ctx->optsize == foptsize check. Reject fingerprints where any option has zero length, or where an MSS option has length less than 4, at add time rather than trusting these values in the packet matching hot path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmp_tag_validation() icmp_tag_validation() unconditionally dereferences the result of rcu_dereference(inet_protos[proto]) without checking for NULL. The inet_protos[] array is sparse -- only about 15 of 256 protocol numbers have registered handlers. When ip_no_pmtu_disc is set to 3 (hardened PMTU mode) and the kernel receives an ICMP Fragmentation Needed error with a quoted inner IP header containing an unregistered protocol number, the NULL dereference causes a kernel panic in softirq context. Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] RIP: 0010:icmp_unreach (net/ipv4/icmp.c:1085 net/ipv4/icmp.c:1143) Call Trace: <IRQ> icmp_rcv (net/ipv4/icmp.c:1527) ip_protocol_deliver_rcu (net/ipv4/ip_input.c:207) ip_local_deliver_finish (net/ipv4/ip_input.c:242) ip_local_deliver (net/ipv4/ip_input.c:262) ip_rcv (net/ipv4/ip_input.c:573) __netif_receive_skb_one_core (net/core/dev.c:6164) process_backlog (net/core/dev.c:6628) handle_softirqs (kernel/softirq.c:561) </IRQ> Add a NULL check before accessing icmp_strict_tag_validation. If the protocol has no registered handler, return false since it cannot perform strict tag validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tls: Purge async_hold in tls_decrypt_async_wait() The async_hold queue pins encrypted input skbs while the AEAD engine references their scatterlist data. Once tls_decrypt_async_wait() returns, every AEAD operation has completed and the engine no longer references those skbs, so they can be freed unconditionally. A subsequent patch adds batch async decryption to tls_sw_read_sock(), introducing a new call site that must drain pending AEAD operations and release held skbs. Move __skb_queue_purge(&ctx->async_hold) into tls_decrypt_async_wait() so the purge is centralized and every caller -- recvmsg's drain path, the -EBUSY fallback in tls_do_decryption(), and the new read_sock batch path -- releases held skbs on synchronization without each site managing the purge independently. This fixes a leak when tls_strp_msg_hold() fails part-way through, after having added some cloned skbs to the async_hold queue. tls_decrypt_sg() will then call tls_decrypt_async_wait() to process all pending decrypts, and drop back to synchronous mode, but tls_sw_recvmsg() only flushes the async_hold queue when one record has been processed in "fully-async" mode, which may not be the case here. [pabeni@redhat.com: added leak comment]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check for if_id to avoid an out-of-bounds access. If an out-of-bounds if_id is detected, the interrupt status is not cleared. This may result in an interrupt storm. Clear the interrupt status after detecting an out-of-bounds if_id to avoid the problem. Found by an experimental AI code review agent at Google.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nand_lock() and nand_unlock() call into chip->ops.lock_area/unlock_area without holding the NAND device lock. On controllers that implement SET_FEATURES via multiple low-level PIO commands, these can race with concurrent UBI/UBIFS background erase/write operations that hold the device lock, resulting in cmd_pending conflicts on the NAND controller. Add nand_get_device()/nand_release_device() around the lock/unlock operations to serialize them against all other NAND controller access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with global_tx_fc in buffer switching mvpp2_bm_switch_buffers() unconditionally calls mvpp2_bm_pool_update_priv_fc() when switching between per-cpu and shared buffer pool modes. This function programs CM3 flow control registers via mvpp2_cm3_read()/mvpp2_cm3_write(), which dereference priv->cm3_base without any NULL check. When the CM3 SRAM resource is not present in the device tree (the third reg entry added by commit 60523583b07c ("dts: marvell: add CM3 SRAM memory to cp11x ethernet device tree")), priv->cm3_base remains NULL and priv->global_tx_fc is false. Any operation that triggers mvpp2_bm_switch_buffers(), for example an MTU change that crosses the jumbo frame threshold, will crash: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits pc : readl+0x0/0x18 lr : mvpp2_cm3_read.isra.0+0x14/0x20 Call trace: readl+0x0/0x18 mvpp2_bm_pool_update_fc+0x40/0x12c mvpp2_bm_pool_update_priv_fc+0x94/0xd8 mvpp2_bm_switch_buffers.isra.0+0x80/0x1c0 mvpp2_change_mtu+0x140/0x380 __dev_set_mtu+0x1c/0x38 dev_set_mtu_ext+0x78/0x118 dev_set_mtu+0x48/0xa8 dev_ifsioc+0x21c/0x43c dev_ioctl+0x2d8/0x42c sock_ioctl+0x314/0x378 Every other flow control call site in the driver already guards hardware access with either priv->global_tx_fc or port->tx_fc. mvpp2_bm_switch_buffers() is the only place that omits this check. Add the missing priv->global_tx_fc guard to both the disable and re-enable calls in mvpp2_bm_switch_buffers(), consistent with the rest of the driver.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: udp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n When CONFIG_IPV6 is disabled, the udp_sock_create6() function returns 0 (success) without actually creating a socket. Callers such as fou_create() then proceed to dereference the uninitialized socket pointer, resulting in a NULL pointer dereference. The captured NULL deref crash: BUG: kernel NULL pointer dereference, address: 0000000000000018 RIP: 0010:fou_nl_add_doit (net/ipv4/fou_core.c:590 net/ipv4/fou_core.c:764) [...] Call Trace: <TASK> genl_family_rcv_msg_doit.constprop.0 (net/netlink/genetlink.c:1114) genl_rcv_msg (net/netlink/genetlink.c:1194 net/netlink/genetlink.c:1209) [...] netlink_rcv_skb (net/netlink/af_netlink.c:2550) genl_rcv (net/netlink/genetlink.c:1219) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sock_sendmsg (net/socket.c:727 (discriminator 1) net/socket.c:742 (discriminator 1)) __sys_sendto (./include/linux/file.h:62 (discriminator 1) ./include/linux/file.h:83 (discriminator 1) net/socket.c:2183 (discriminator 1)) __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) entry_SYSCALL_64_after_hwframe (net/arch/x86/entry/entry_64.S:130) This patch makes udp_sock_create6 return -EPFNOSUPPORT instead, so callers correctly take their error paths. There is only one caller of the vulnerable function and only privileged users can trigger it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpm_resume" This is caused by aqc111_suspend calling the PM variant of its write_cmd routine. The simplified call trace looks like this: rpm_suspend() usb_suspend_both() - here udev->dev.power.runtime_status == RPM_SUSPENDING aqc111_suspend() - called for the usb device interface aqc111_write32_cmd() usb_autopm_get_interface() pm_runtime_resume_and_get() rpm_resume() - here we call rpm_resume() on our parent rpm_resume() - Here we wait for a status change that will never happen. At this point we block another task which holds rtnl_lock and locks up the whole networking stack. Fix this by replacing the write_cmd calls with their _nopm variants
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teql_master_xmit Whenever a TEQL devices has a lockless Qdisc as root, qdisc_reset should be called using the seq_lock to avoid racing with the datapath. Failure to do so may cause crashes like the following: [ 238.028993][ T318] BUG: KASAN: double-free in skb_release_data (net/core/skbuff.c:1139) [ 238.029328][ T318] Free of addr ffff88810c67ec00 by task poc_teql_uaf_ke/318 [ 238.029749][ T318] [ 238.029900][ T318] CPU: 3 UID: 0 PID: 318 Comm: poc_teql_ke Not tainted 7.0.0-rc3-00149-ge5b31d988a41 #704 PREEMPT(full) [ 238.029906][ T318] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 238.029910][ T318] Call Trace: [ 238.029913][ T318] <TASK> [ 238.029916][ T318] dump_stack_lvl (lib/dump_stack.c:122) [ 238.029928][ T318] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) [ 238.029940][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029944][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) ... [ 238.029957][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029969][ T318] kasan_report_invalid_free (mm/kasan/report.c:221 mm/kasan/report.c:563) [ 238.029979][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029989][ T318] check_slab_allocation (mm/kasan/common.c:231) [ 238.029995][ T318] kmem_cache_free (mm/slub.c:2637 (discriminator 1) mm/slub.c:6168 (discriminator 1) mm/slub.c:6298 (discriminator 1)) [ 238.030004][ T318] skb_release_data (net/core/skbuff.c:1139) ... [ 238.030025][ T318] sk_skb_reason_drop (net/core/skbuff.c:1256) [ 238.030032][ T318] pfifo_fast_reset (./include/linux/ptr_ring.h:171 ./include/linux/ptr_ring.h:309 ./include/linux/skb_array.h:98 net/sched/sch_generic.c:827) [ 238.030039][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) ... [ 238.030054][ T318] qdisc_reset (net/sched/sch_generic.c:1034) [ 238.030062][ T318] teql_destroy (./include/linux/spinlock.h:395 net/sched/sch_teql.c:157) [ 238.030071][ T318] __qdisc_destroy (./include/net/pkt_sched.h:328 net/sched/sch_generic.c:1077) [ 238.030077][ T318] qdisc_graft (net/sched/sch_api.c:1062 net/sched/sch_api.c:1053 net/sched/sch_api.c:1159) [ 238.030089][ T318] ? __pfx_qdisc_graft (net/sched/sch_api.c:1091) [ 238.030095][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030102][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030106][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030114][ T318] tc_get_qdisc (net/sched/sch_api.c:1529 net/sched/sch_api.c:1556) ... [ 238.072958][ T318] Allocated by task 303 on cpu 5 at 238.026275s: [ 238.073392][ T318] kasan_save_stack (mm/kasan/common.c:58) [ 238.073884][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5)) [ 238.074230][ T318] __kasan_slab_alloc (mm/kasan/common.c:369) [ 238.074578][ T318] kmem_cache_alloc_node_noprof (./include/linux/kasan.h:253 mm/slub.c:4542 mm/slub.c:4869 mm/slub.c:4921) [ 238.076091][ T318] kmalloc_reserve (net/core/skbuff.c:616 (discriminator 107)) [ 238.076450][ T318] __alloc_skb (net/core/skbuff.c:713) [ 238.076834][ T318] alloc_skb_with_frags (./include/linux/skbuff.h:1383 net/core/skbuff.c:6763) [ 238.077178][ T318] sock_alloc_send_pskb (net/core/sock.c:2997) [ 238.077520][ T318] packet_sendmsg (net/packet/af_packet.c:2926 net/packet/af_packet.c:3019 net/packet/af_packet.c:3108) [ 238.081469][ T318] [ 238.081870][ T318] Freed by task 299 on cpu 1 at 238.028496s: [ 238.082761][ T318] kasan_save_stack (mm/kasan/common.c:58) [ 238.083481][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5)) [ 238.085348][ T318] kasan_save_free_info (mm/kasan/generic.c:587 (discriminator 1)) [ 238.085900][ T318] __kasan_slab_free (mm/ ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() Syzkaller reported a panic in smc_tcp_syn_recv_sock() [1]. smc_tcp_syn_recv_sock() is called in the TCP receive path (softirq) via icsk_af_ops->syn_recv_sock on the clcsock (TCP listening socket). It reads sk_user_data to get the smc_sock pointer. However, when the SMC listen socket is being closed concurrently, smc_close_active() sets clcsock->sk_user_data to NULL under sk_callback_lock, and then the smc_sock itself can be freed via sock_put() in smc_release(). This leads to two issues: 1) NULL pointer dereference: sk_user_data is NULL when accessed. 2) Use-after-free: sk_user_data is read as non-NULL, but the smc_sock is freed before its fields (e.g., queued_smc_hs, ori_af_ops) are accessed. The race window looks like this (the syzkaller crash [1] triggers via the SYN cookie path: tcp_get_cookie_sock() -> smc_tcp_syn_recv_sock(), but the normal tcp_check_req() path has the same race): CPU A (softirq) CPU B (process ctx) tcp_v4_rcv() TCP_NEW_SYN_RECV: sk = req->rsk_listener sock_hold(sk) /* No lock on listener */ smc_close_active(): write_lock_bh(cb_lock) sk_user_data = NULL write_unlock_bh(cb_lock) ... smc_clcsock_release() sock_put(smc->sk) x2 -> smc_sock freed! tcp_check_req() smc_tcp_syn_recv_sock(): smc = user_data(sk) -> NULL or dangling smc->queued_smc_hs -> crash! Note that the clcsock and smc_sock are two independent objects with separate refcounts. TCP stack holds a reference on the clcsock, which keeps it alive, but this does NOT prevent the smc_sock from being freed. Fix this by using RCU and refcount_inc_not_zero() to safely access smc_sock. Since smc_tcp_syn_recv_sock() is called in the TCP three-way handshake path, taking read_lock_bh on sk_callback_lock is too heavy and would not survive a SYN flood attack. Using rcu_read_lock() is much more lightweight. - Set SOCK_RCU_FREE on the SMC listen socket so that smc_sock freeing is deferred until after the RCU grace period. This guarantees the memory is still valid when accessed inside rcu_read_lock(). - Use rcu_read_lock() to protect reading sk_user_data. - Use refcount_inc_not_zero(&smc->sk.sk_refcnt) to pin the smc_sock. If the refcount has already reached zero (close path completed), it returns false and we bail out safely. Note: smc_hs_congested() has a similar lockless read of sk_user_data without rcu_read_lock(), but it only checks for NULL and accesses the global smc_hs_wq, never dereferencing any smc_sock field, so it is not affected. Reproducer was verified with mdelay injection and smc_run, the issue no longer occurs with this patch applied. [1] https://syzkaller.appspot.com/bug?extid=827ae2bfb3a3529333e9
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in pm_runtime_work() may dereference the dev->parent pointer after the parent device has been freed: /* Maybe the parent is now able to suspend. */ if (parent && !parent->power.ignore_children) { spin_unlock(&dev->power.lock); spin_lock(&parent->power.lock); rpm_idle(parent, RPM_ASYNC); spin_unlock(&parent->power.lock); spin_lock(&dev->power.lock); } Fix this by inserting a flush_work() call in pm_runtime_remove(). Without this patch blktest block/001 triggers the following complaint sporadically: BUG: KASAN: slab-use-after-free in lock_acquire+0x70/0x160 Read of size 1 at addr ffff88812bef7198 by task kworker/u553:1/3081 Workqueue: pm pm_runtime_work Call Trace: <TASK> dump_stack_lvl+0x61/0x80 print_address_description.constprop.0+0x8b/0x310 print_report+0xfd/0x1d7 kasan_report+0xd8/0x1d0 __kasan_check_byte+0x42/0x60 lock_acquire.part.0+0x38/0x230 lock_acquire+0x70/0x160 _raw_spin_lock+0x36/0x50 rpm_suspend+0xc6a/0xfe0 rpm_idle+0x578/0x770 pm_runtime_work+0xee/0x120 process_one_work+0xde3/0x1410 worker_thread+0x5eb/0xfe0 kthread+0x37b/0x480 ret_from_fork+0x6cb/0x920 ret_from_fork_asm+0x11/0x20 </TASK> Allocated by task 4314: kasan_save_stack+0x2a/0x50 kasan_save_track+0x18/0x40 kasan_save_alloc_info+0x3d/0x50 __kasan_kmalloc+0xa0/0xb0 __kmalloc_noprof+0x311/0x990 scsi_alloc_target+0x122/0xb60 [scsi_mod] __scsi_scan_target+0x101/0x460 [scsi_mod] scsi_scan_channel+0x179/0x1c0 [scsi_mod] scsi_scan_host_selected+0x259/0x2d0 [scsi_mod] store_scan+0x2d2/0x390 [scsi_mod] dev_attr_store+0x43/0x80 sysfs_kf_write+0xde/0x140 kernfs_fop_write_iter+0x3ef/0x670 vfs_write+0x506/0x1470 ksys_write+0xfd/0x230 __x64_sys_write+0x76/0xc0 x64_sys_call+0x213/0x1810 do_syscall_64+0xee/0xfc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Freed by task 4314: kasan_save_stack+0x2a/0x50 kasan_save_track+0x18/0x40 kasan_save_free_info+0x3f/0x50 __kasan_slab_free+0x67/0x80 kfree+0x225/0x6c0 scsi_target_dev_release+0x3d/0x60 [scsi_mod] device_release+0xa3/0x220 kobject_cleanup+0x105/0x3a0 kobject_put+0x72/0xd0 put_device+0x17/0x20 scsi_device_dev_release+0xacf/0x12c0 [scsi_mod] device_release+0xa3/0x220 kobject_cleanup+0x105/0x3a0 kobject_put+0x72/0xd0 put_device+0x17/0x20 scsi_device_put+0x7f/0xc0 [scsi_mod] sdev_store_delete+0xa5/0x120 [scsi_mod] dev_attr_store+0x43/0x80 sysfs_kf_write+0xde/0x140 kernfs_fop_write_iter+0x3ef/0x670 vfs_write+0x506/0x1470 ksys_write+0xfd/0x230 __x64_sys_write+0x76/0xc0 x64_sys_call+0x213/0x1810
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown A potential race condition exists in mana_hwc_destroy_channel() where hwc->caller_ctx is freed before the HWC's Completion Queue (CQ) and Event Queue (EQ) are destroyed. This allows an in-flight CQ interrupt handler to dereference freed memory, leading to a use-after-free or NULL pointer dereference in mana_hwc_handle_resp(). mana_smc_teardown_hwc() signals the hardware to stop but does not synchronize against IRQ handlers already executing on other CPUs. The IRQ synchronization only happens in mana_hwc_destroy_cq() via mana_gd_destroy_eq() -> mana_gd_deregister_irq(). Since this runs after kfree(hwc->caller_ctx), a concurrent mana_hwc_rx_event_handler() can dereference freed caller_ctx (and rxq->msg_buf) in mana_hwc_handle_resp(). Fix this by reordering teardown to reverse-of-creation order: destroy the TX/RX work queues and CQ/EQ before freeing hwc->caller_ctx. This ensures all in-flight interrupt handlers complete before the memory they access is freed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to DecodeH323_UserInformation(). If the encoded length is 0, the decrement wraps to -1, which is then passed as a large value to the decoder, leading to an out-of-bounds read. Add a check to ensure len is positive after the decrement.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case In decode_int(), the CONS case calls get_bits(bs, 2) to read a length value, then calls get_uint(bs, len) without checking that len bytes remain in the buffer. The existing boundary check only validates the 2 bits for get_bits(), not the subsequent 1-4 bytes that get_uint() reads. This allows a malformed H.323/RAS packet to cause a 1-4 byte slab-out-of-bounds read. Add a boundary check for len bytes after get_bits() and before get_uint().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() sip_help_tcp() parses the SIP Content-Length header with simple_strtoul(), which returns unsigned long, but stores the result in unsigned int clen. On 64-bit systems, values exceeding UINT_MAX are silently truncated before computing the SIP message boundary. For example, Content-Length 4294967328 (2^32 + 32) is truncated to 32, causing the parser to miscalculate where the current message ends. The loop then treats trailing data in the TCP segment as a second SIP message and processes it through the SDP parser. Fix this by changing clen to unsigned long to match the return type of simple_strtoul(), and reject Content-Length values that exceed the remaining TCP payload length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() ctnetlink_dump_exp_ct() stores a conntrack pointer in cb->data for the netlink dump callback ctnetlink_exp_ct_dump_table(), but drops the conntrack reference immediately after netlink_dump_start(). When the dump spans multiple rounds, the second recvmsg() triggers the dump callback which dereferences the now-freed conntrack via nfct_help(ct), leading to a use-after-free on ct->ext. The bug is that the netlink_dump_control has no .start or .done callbacks to manage the conntrack reference across dump rounds. Other dump functions in the same file (e.g. ctnetlink_get_conntrack) properly use .start/.done callbacks for this purpose. Fix this by adding .start and .done callbacks that hold and release the conntrack reference for the duration of the dump, and move the nfct_help() call after the cb->args[0] early-return check in the dump callback to avoid dereferencing ct->ext unnecessarily. BUG: KASAN: slab-use-after-free in ctnetlink_exp_ct_dump_table+0x4f/0x2e0 Read of size 8 at addr ffff88810597ebf0 by task ctnetlink_poc/133 CPU: 1 UID: 0 PID: 133 Comm: ctnetlink_poc Not tainted 7.0.0-rc2+ #3 PREEMPTLAZY Call Trace: <TASK> ctnetlink_exp_ct_dump_table+0x4f/0x2e0 netlink_dump+0x333/0x880 netlink_recvmsg+0x3e2/0x4b0 ? aa_sk_perm+0x184/0x450 sock_recvmsg+0xde/0xf0 Allocated by task 133: kmem_cache_alloc_noprof+0x134/0x440 __nf_conntrack_alloc+0xa8/0x2b0 ctnetlink_create_conntrack+0xa1/0x900 ctnetlink_new_conntrack+0x3cf/0x7d0 nfnetlink_rcv_msg+0x48e/0x510 netlink_rcv_skb+0xc9/0x1f0 nfnetlink_rcv+0xdb/0x220 netlink_unicast+0x3ec/0x590 netlink_sendmsg+0x397/0x690 __sys_sendmsg+0xf4/0x180 Freed by task 0: slab_free_after_rcu_debug+0xad/0x1e0 rcu_core+0x5c3/0x9c0
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qman_destroy_fq When QMAN_FQ_FLAG_DYNAMIC_FQID is set, there's a race condition between fq_table[fq->idx] state and freeing/allocating from the pool and WARN_ON(fq_table[fq->idx]) in qman_create_fq() gets triggered. Indeed, we can have: Thread A Thread B qman_destroy_fq() qman_create_fq() qman_release_fqid() qman_shutdown_fq() gen_pool_free() -- At this point, the fqid is available again -- qman_alloc_fqid() -- so, we can get the just-freed fqid in thread B -- fq->fqid = fqid; fq->idx = fqid * 2; WARN_ON(fq_table[fq->idx]); fq_table[fq->idx] = fq; fq_table[fq->idx] = NULL; And adding some logs between qman_release_fqid() and fq_table[fq->idx] = NULL makes the WARN_ON() trigger a lot more. To prevent that, ensure that fq_table[fq->idx] is set to NULL before gen_pool_free() is called by using smp_wmb().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, commit 439a1bcac648 ("fortify: Use __builtin_dynamic_object_size() when available") produces the warning below and an oops. Searching for RedBoot partition table in 50000000.flash at offset 0x7e0000 ------------[ cut here ]------------ WARNING: lib/string_helpers.c:1035 at 0xc029e04c, CPU#0: swapper/0/1 memcmp: detected buffer overflow: 15 byte read of buffer size 14 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.19.0 #1 NONE As Kees said, "'names' is pointing to the final 'namelen' many bytes of the allocation ... 'namelen' could be basically any length at all. This fortify warning looks legit to me -- this code used to be reading beyond the end of the allocation." Since the size of the dynamic allocation is calculated with strlen() we can use strcmp() instead of memcmp() and remain within bounds.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: spi: fix statistics allocation The controller per-cpu statistics is not allocated until after the controller has been registered with driver core, which leaves a window where accessing the sysfs attributes can trigger a NULL-pointer dereference. Fix this by moving the statistics allocation to controller allocation while tying its lifetime to that of the controller (rather than using implicit devres).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API `nghttp2_session_terminate_session` or `nghttp2_session_terminate_session2` is called by the application. They might be called internally by the library when it detects the situation that is subject to connection error. Due to the missing internal state validation, the library keeps reading the rest of the data after one of those APIs is called. Then receiving a malformed frame that causes FRAME_SIZE_ERROR causes assertion failure. nghttp2 v1.68.1 adds missing state validation to avoid assertion failure. No known workarounds are available.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free on controller registration failure Make sure to deregister from driver core also in the unlikely event that per-cpu statistics allocation fails during controller registration to avoid use-after-free (of driver resources) and unclocked register accesses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via get_ts_info ethtool call which is possible while the interface is just present in the kernel. BUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426 Read of size 4 at addr ffff8880194345cc by task syz.0.6/948 CPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106 print_address_description mm/kasan/report.c:316 [inline] print_report+0x17f/0x496 mm/kasan/report.c:420 kasan_report+0xd9/0x180 mm/kasan/report.c:524 ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426 gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349 macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371 __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558 ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline] __dev_ethtool net/ethtool/ioctl.c:3017 [inline] dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095 dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510 sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215 sock_ioctl+0x577/0x6d0 net/socket.c:1320 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl fs/ioctl.c:856 [inline] __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:46 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 </TASK> Allocated by task 457: kmalloc include/linux/slab.h:563 [inline] kzalloc include/linux/slab.h:699 [inline] ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235 gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375 macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920 __dev_open+0x2ce/0x500 net/core/dev.c:1501 __dev_change_flags+0x56a/0x740 net/core/dev.c:8651 dev_change_flags+0x92/0x170 net/core/dev.c:8722 do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833 __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608 rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655 rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150 netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872 sock_sendmsg_nosec net/socket.c:718 [inline] __sock_sendmsg+0x14b/0x180 net/socket.c:730 __sys_sendto+0x320/0x3b0 net/socket.c:2152 __do_sys_sendto net/socket.c:2164 [inline] __se_sys_sendto net/socket.c:2160 [inline] __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160 do_syscall_x64 arch/x86/entry/common.c:46 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 Freed by task 938: kasan_slab_free include/linux/kasan.h:177 [inline] slab_free_hook mm/slub.c:1729 [inline] slab_free_freelist_hook mm/slub.c:1755 [inline] slab_free mm/slub.c:3687 [inline] __kmem_cache_free+0xbc/0x320 mm/slub.c:3700 device_release+0xa0/0x240 drivers/base/core.c:2507 kobject_cleanup lib/kobject.c:681 [inline] kobject_release lib/kobject.c:712 [inline] kref_put include/linux/kref.h:65 [inline] kobject_put+0x1cd/0x350 lib/kobject.c:729 put_device+0x1b/0x30 drivers/base/core.c:3805 ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391 gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404 macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966 __dev_close_many+0x1b9/0x310 net/core/dev.c:1585 __dev_close net/core/dev.c:1597 [inline] __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649 dev_change_fl ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated based on OPEN responses and does not account for LOCK denied responses, which include the conflicting lock owner as a variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT). When a LOCK operation is denied due to a conflict with an existing lock that has a large owner, nfsd4_encode_operation() copies the full encoded response into the undersized replay buffer via read_bytes_from_xdr_buf() with no bounds check. This results in a slab-out-of-bounds write of up to 944 bytes past the end of the buffer, corrupting adjacent heap memory. This can be triggered remotely by an unauthenticated attacker with two cooperating NFSv4.0 clients: one sets a lock with a large owner string, then the other requests a conflicting lock to provoke the denial. We could fix this by increasing NFSD4_REPLAY_ISIZE to allow for a full opaque, but that would increase the size of every stateowner, when most lockowners are not that large. Instead, fix this by checking the encoded response length against NFSD4_REPLAY_ISIZE before copying into the replay buffer. If the response is too large, set rp_buflen to 0 to skip caching the replay payload. The status is still cached, and the client already received the correct response on the original request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module init and persists for the module's lifetime. exports_proc_open() captures the caller's current network namespace and stores its svc_export_cache in seq->private, but takes no reference on the namespace. If the namespace is subsequently torn down (e.g. container destruction after the opener does setns() to a different namespace), nfsd_net_exit() calls nfsd_export_shutdown() which frees the cache. Subsequent reads on the still-open fd dereference the freed cache_detail, walking a freed hash table. Hold a reference on the struct net for the lifetime of the open file descriptor. This prevents nfsd_net_exit() from running -- and thus prevents nfsd_export_shutdown() from freeing the cache -- while any exports fd is open. cache_detail already stores its net pointer (cd->net, set by cache_create_net()), so exports_release() can retrieve it without additional per-file storage.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer available at [1]. The ATM send path (sendmsg -> vcc_sendmsg -> sigd_send) reads the vcc pointer from msg->vcc and uses it directly without any validation. This pointer comes from userspace via sendmsg() and can be arbitrarily forged: int fd = socket(AF_ATMSVC, SOCK_DGRAM, 0); ioctl(fd, ATMSIGD_CTRL); // become ATM signaling daemon struct msghdr msg = { .msg_iov = &iov, ... }; *(unsigned long *)(buf + 4) = 0xdeadbeef; // fake vcc pointer sendmsg(fd, &msg, 0); // kernel dereferences 0xdeadbeef In normal operation, the kernel sends the vcc pointer to the signaling daemon via sigd_enq() when processing operations like connect(), bind(), or listen(). The daemon is expected to return the same pointer when responding. However, a malicious daemon can send arbitrary pointer values. Fix this by introducing find_get_vcc() which validates the pointer by searching through vcc_hash (similar to how sigd_close() iterates over all VCCs), and acquires a reference via sock_hold() if found. Since struct atm_vcc embeds struct sock as its first member, they share the same lifetime. Therefore using sock_hold/sock_put is sufficient to keep the vcc alive while it is being used. Note that there may be a race with sigd_close() which could mark the vcc with various flags (e.g., ATM_VF_RELEASED) after find_get_vcc() returns. However, sock_hold() guarantees the memory remains valid, so this race only affects the logical state, not memory safety. [1]: https://gist.github.com/mrpre/1ba5949c45529c511152e2f4c755b0f3
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetlink and /proc to dump the helper name. Using nfct_help() without holding a reference to the master conntrack is unsafe. Use exp->master->helper in ctnetlink path if userspace does not provide an explicit helper when creating an expectation to retain the existing behaviour. The ctnetlink expectation path holds the reference on the master conntrack and nf_conntrack_expect lock and the nfnetlink glue path refers to the master ct that is attached to the skb.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported : <quote> I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that can panic the kernel via `skb_under_panic()` (local DoS). The core issue is a mismatch between: - a 16-bit length accumulator (`struct ipv6_txoptions::opt_flen`, type `__u16`) and - a pointer to the *last* provided destination-options header (`opt->dst1opt`) when multiple `IPV6_DSTOPTS` control messages (cmsgs) are provided. - `include/net/ipv6.h`: - `struct ipv6_txoptions::opt_flen` is `__u16` (wrap possible). (lines 291-307, especially 298) - `net/ipv6/datagram.c:ip6_datagram_send_ctl()`: - Accepts repeated `IPV6_DSTOPTS` and accumulates into `opt_flen` without rejecting duplicates. (lines 909-933) - `net/ipv6/ip6_output.c:__ip6_append_data()`: - Uses `opt->opt_flen + opt->opt_nflen` to compute header sizes/headroom decisions. (lines 1448-1466, especially 1463-1465) - `net/ipv6/ip6_output.c:__ip6_make_skb()`: - Calls `ipv6_push_frag_opts()` if `opt->opt_flen` is non-zero. (lines 1930-1934) - `net/ipv6/exthdrs.c:ipv6_push_frag_opts()` / `ipv6_push_exthdr()`: - Push size comes from `ipv6_optlen(opt->dst1opt)` (based on the pointed-to header). (lines 1179-1185 and 1206-1211) 1. `opt_flen` is a 16-bit accumulator: - `include/net/ipv6.h:298` defines `__u16 opt_flen; /* after fragment hdr */`. 2. `ip6_datagram_send_ctl()` accepts *repeated* `IPV6_DSTOPTS` cmsgs and increments `opt_flen` each time: - In `net/ipv6/datagram.c:909-933`, for `IPV6_DSTOPTS`: - It computes `len = ((hdr->hdrlen + 1) << 3);` - It checks `CAP_NET_RAW` using `ns_capable(net->user_ns, CAP_NET_RAW)`. (line 922) - Then it does: - `opt->opt_flen += len;` (line 927) - `opt->dst1opt = hdr;` (line 928) There is no duplicate rejection here (unlike the legacy `IPV6_2292DSTOPTS` path which rejects duplicates at `net/ipv6/datagram.c:901-904`). If enough large `IPV6_DSTOPTS` cmsgs are provided, `opt_flen` wraps while `dst1opt` still points to a large (2048-byte) destination-options header. In the attached PoC (`poc.c`): - 32 cmsgs with `hdrlen=255` => `len = (255+1)*8 = 2048` - 1 cmsg with `hdrlen=0` => `len = 8` - Total increment: `32*2048 + 8 = 65544`, so `(__u16)opt_flen == 8` - The last cmsg is 2048 bytes, so `dst1opt` points to a 2048-byte header. 3. The transmit path sizes headers using the wrapped `opt_flen`: - In `net/ipv6/ip6_output.c:1463-1465`: - `headersize = sizeof(struct ipv6hdr) + (opt ? opt->opt_flen + opt->opt_nflen : 0) + ...;` With wrapped `opt_flen`, `headersize`/headroom decisions underestimate what will be pushed later. 4. When building the final skb, the actual push length comes from `dst1opt` and is not limited by wrapped `opt_flen`: - In `net/ipv6/ip6_output.c:1930-1934`: - `if (opt->opt_flen) proto = ipv6_push_frag_opts(skb, opt, proto);` - In `net/ipv6/exthdrs.c:1206-1211`, `ipv6_push_frag_opts()` pushes `dst1opt` via `ipv6_push_exthdr()`. - In `net/ipv6/exthdrs.c:1179-1184`, `ipv6_push_exthdr()` does: - `skb_push(skb, ipv6_optlen(opt));` - `memcpy(h, opt, ipv6_optlen(opt));` With insufficient headroom, `skb_push()` underflows and triggers `skb_under_panic()` -> `BUG()`: - `net/core/skbuff.c:2669-2675` (`skb_push()` calls `skb_under_panic()`) - `net/core/skbuff.c:207-214` (`skb_panic()` ends in `BUG()`) - The `IPV6_DSTOPTS` cmsg path requires `CAP_NET_RAW` in the target netns user namespace (`ns_capable(net->user_ns, CAP_NET_RAW)`). - Root (or any task with `CAP_NET_RAW`) can trigger this without user namespaces. - An unprivileged `uid=1000` user can trigger this if unprivileged user namespaces are enabled and it can create a userns+netns to obtain namespaced `CAP_NET_RAW` (the attached PoC does this). - Local denial of service: kernel BUG/panic (system crash). - ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: account for netlink header size This is a followup to an old bug fix: NLMSG_DONE needs to account for the netlink header size, not just the attribute size. This can result in a WARN splat + drop of the netlink message, but other than this there are no ill effects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_queue` in `x25_clear_queues()`.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops the bucket when both n->pos and k are zero. This misses buckets whose live entries have all been removed while n->pos still points past deleted slots. Treat a bucket as empty when all positions below n->pos are unused and release it directly instead of shrinking it further.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls tcf_block_q() and dereferences q->handle. Shared blocks leave block->q NULL, causing a NULL deref when an empty cls_fw filter is attached to a shared block and a packet with a nonzero major skb mark is classified. Reject the configuration in fw_change() when the old method (no TCA_OPTIONS) is used on a shared block, since fw_classify()'s old-method path needs block->q which is NULL for shared blocks. The fixed null-ptr-deref calling stack: KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f] RIP: 0010:fw_classify (net/sched/cls_fw.c:81) Call Trace: tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1764 net/sched/cls_api.c:1860) tc_run (net/core/dev.c:4401) __dev_queue_xmit (net/core/dev.c:4535 net/core/dev.c:4790)
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL pointer dereference on shared blocks flow_change() calls tcf_block_q() and dereferences q->handle to derive a default baseclass. Shared blocks leave block->q NULL, causing a NULL deref when a flow filter without a fully qualified baseclass is created on a shared block. Check tcf_block_shared() before accessing block->q and return -EINVAL for shared blocks. This avoids the null-deref shown below: ======================================================================= KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f] RIP: 0010:flow_change (net/sched/cls_flow.c:508) Call Trace: tc_new_tfilter (net/sched/cls_api.c:2432) rtnetlink_rcv_msg (net/core/rtnetlink.c:6980) [...] =======================================================================
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled value. For large inputs (e.g. m1=4000000000), the result can reach 2^32. rtsc_min() stores the difference of two such u64 values in a u32 variable `dsm` and uses it as a divisor. When the difference is exactly 2^32 the truncation yields zero, causing a divide-by-zero oops in the concave-curve intersection path: Oops: divide error: 0000 RIP: 0010:rtsc_min (net/sched/sch_hfsc.c:601) Call Trace: init_ed (net/sched/sch_hfsc.c:629) hfsc_enqueue (net/sched/sch_hfsc.c:1569) [...] Widen `dsm` to u64 and replace do_div() with div64_u64() so the full difference is preserved.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Weiming Shi says: xt_match and xt_target structs registered with NFPROTO_UNSPEC can be loaded by any protocol family through nft_compat. When such a match/target sets .hooks to restrict which hooks it may run on, the bitmask uses NF_INET_* constants. This is only correct for families whose hook layout matches NF_INET_*: IPv4, IPv6, INET, and bridge all share the same five hooks (PRE_ROUTING ... POST_ROUTING). ARP only has three hooks (IN=0, OUT=1, FORWARD=2) with different semantics. Because NF_ARP_OUT == 1 == NF_INET_LOCAL_IN, the .hooks validation silently passes for the wrong reasons, allowing matches to run on ARP chains where the hook assumptions (e.g. state->in being set on input hooks) do not hold. This leads to NULL pointer dereferences; xt_devgroup is one concrete example: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000044: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000220-0x0000000000000227] RIP: 0010:devgroup_mt+0xff/0x350 Call Trace: <TASK> nft_match_eval (net/netfilter/nft_compat.c:407) nft_do_chain (net/netfilter/nf_tables_core.c:285) nft_do_chain_arp (net/netfilter/nft_chain_filter.c:61) nf_hook_slow (net/netfilter/core.c:623) arp_xmit (net/ipv4/arp.c:666) </TASK> Kernel panic - not syncing: Fatal exception in interrupt Fix it by restricting arptables to NFPROTO_ARP extensions only. Note that arptables-legacy only supports: - arpt_CLASSIFY - arpt_mangle - arpt_MARK that provide explicit NFPROTO_ARP match/target declarations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp process_sdp() declares union nf_inet_addr rtp_addr on the stack and passes it to the nf_nat_sip sdp_session hook after walking the SDP media descriptions. However rtp_addr is only initialized inside the media loop when a recognized media type with a non-zero port is found. If the SDP body contains no m= lines, only inactive media sections (m=audio 0 ...) or only unrecognized media types, rtp_addr is never assigned. Despite that, the function still calls hooks->sdp_session() with &rtp_addr, causing nf_nat_sdp_session() to format the stale stack value as an IP address and rewrite the SDP session owner and connection lines with it. With CONFIG_INIT_STACK_ALL_ZERO (default on most distributions) this results in the session-level o= and c= addresses being rewritten to 0.0.0.0 for inactive SDP sessions. Without stack auto-init the rewritten address is whatever happened to be on the stack. Fix this by pre-initializing rtp_addr from the session-level connection address (caddr) when available, and tracking via a have_rtp_addr flag whether any valid address was established. Skip the sdp_session hook entirely when no valid address exists.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD __build_packet_message() manually constructs the NFULA_PAYLOAD netlink attribute using skb_put() and skb_copy_bits(), bypassing the standard nla_reserve()/nla_put() helpers. While nla_total_size(data_len) bytes are allocated (including NLA alignment padding), only data_len bytes of actual packet data are copied. The trailing nla_padlen(data_len) bytes (1-3 when data_len is not 4-byte aligned) are never initialized, leaking stale heap contents to userspace via the NFLOG netlink socket. Replace the manual attribute construction with nla_reserve(), which handles the tailroom check, header setup, and padding zeroing via __nla_reserve(). The subsequent skb_copy_bits() fills in the payload data on top of the properly initialized attribute.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxd_wq_disable_cleanup() which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty (all its resources were released). Only set the wq type to NONE after its resources are released.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in update_super_work when racing with umount Commit b98535d09179 ("ext4: fix bug_on in start_this_handle during umount filesystem") moved ext4_unregister_sysfs() before flushing s_sb_upd_work to prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups reads during unmount. However, this introduced a use-after-free because update_super_work calls ext4_notify_error_sysfs() -> sysfs_notify() which accesses the kobject's kernfs_node after it has been freed by kobject_del() in ext4_unregister_sysfs(): update_super_work ext4_put_super ----------------- -------------- ext4_unregister_sysfs(sb) kobject_del(&sbi->s_kobj) __kobject_del() sysfs_remove_dir() kobj->sd = NULL sysfs_put(sd) kernfs_put() // RCU free ext4_notify_error_sysfs(sbi) sysfs_notify(&sbi->s_kobj) kn = kobj->sd // stale pointer kernfs_get(kn) // UAF on freed kernfs_node ext4_journal_destroy() flush_work(&sbi->s_sb_upd_work) Instead of reordering the teardown sequence, fix this by making ext4_notify_error_sysfs() detect that sysfs has already been torn down by checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call in that case. A dedicated mutex (s_error_notify_mutex) serializes ext4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs() to prevent TOCTOU races where the kobject could be deleted between the state_in_sysfs check and the sysfs_notify() call.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with s_first_data_block != 0 bigalloc with s_first_data_block != 0 is not supported, reject mounting it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails (in this example, because the file system disabled the huge file feature when marking the inode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to reclaim the physical block without deleting the corresponding data in the extent tree. This causes subsequent mkdir operations to reference the previously reclaimed physical block number again, even though this physical block is already being used by the xattr block. Therefore, a situation arises where both the directory and xattr are using the same buffer head block in memory simultaneously. The above causes ext4_xattr_block_set() to enter an infinite loop about "inserted" and cannot release the inode lock, ultimately leading to the 143s blocking problem mentioned in [1]. If the metadata is corrupted, then trying to remove some extent space can do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE was passed, remove space wrongly update quota information. Jan Kara suggests distinguishing between two cases: 1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully consistent and we must maintain its consistency including all the accounting. However these errors can happen only early before we've inserted the extent into the extent tree. So current code works correctly for this case. 2) Some other error - this means metadata is corrupted. We should strive to do as few modifications as possible to limit damage. So I'd just skip freeing of allocated blocks. [1] INFO: task syz.0.17:5995 blocked for more than 143 seconds. Call Trace: inode_lock_nested include/linux/fs.h:1073 [inline] __start_dirop fs/namei.c:2923 [inline] start_dirop fs/namei.c:2934 [inline]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4_inode_attach_jinode() publishes ei->jinode to concurrent users. It used to set ei->jinode before jbd2_journal_init_jbd_inode(), allowing a reader to observe a non-NULL jinode with i_vfs_inode still unset. The fast commit flush path can then pass this jinode to jbd2_wait_inode_data(), which dereferences i_vfs_inode->i_mapping and may crash. Below is the crash I observe: ``` BUG: unable to handle page fault for address: 000000010beb47f4 PGD 110e51067 P4D 110e51067 PUD 0 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 1 UID: 0 PID: 4850 Comm: fc_fsync_bench_ Not tainted 6.18.0-00764-g795a690c06a5 #1 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.17.0-2-2 04/01/2014 RIP: 0010:xas_find_marked+0x3d/0x2e0 Code: e0 03 48 83 f8 02 0f 84 f0 01 00 00 48 8b 47 08 48 89 c3 48 39 c6 0f 82 fd 01 00 00 48 85 c9 74 3d 48 83 f9 03 77 63 4c 8b 0f <49> 8b 71 08 48 c7 47 18 00 00 00 00 48 89 f1 83 e1 03 48 83 f9 02 RSP: 0018:ffffbbee806e7bf0 EFLAGS: 00010246 RAX: 000000000010beb4 RBX: 000000000010beb4 RCX: 0000000000000003 RDX: 0000000000000001 RSI: 0000002000300000 RDI: ffffbbee806e7c10 RBP: 0000000000000001 R08: 0000002000300000 R09: 000000010beb47ec R10: ffff9ea494590090 R11: 0000000000000000 R12: 0000002000300000 R13: ffffbbee806e7c90 R14: ffff9ea494513788 R15: ffffbbee806e7c88 FS: 00007fc2f9e3e6c0(0000) GS:ffff9ea6b1444000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000010beb47f4 CR3: 0000000119ac5000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace: <TASK> filemap_get_folios_tag+0x87/0x2a0 __filemap_fdatawait_range+0x5f/0xd0 ? srso_alias_return_thunk+0x5/0xfbef5 ? __schedule+0x3e7/0x10c0 ? srso_alias_return_thunk+0x5/0xfbef5 ? srso_alias_return_thunk+0x5/0xfbef5 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 ? cap_safe_nice+0x37/0x70 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 filemap_fdatawait_range_keep_errors+0x12/0x40 ext4_fc_commit+0x697/0x8b0 ? ext4_file_write_iter+0x64b/0x950 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 ? vfs_write+0x356/0x480 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ext4_sync_file+0xf7/0x370 do_fsync+0x3b/0x80 ? syscall_trace_enter+0x108/0x1d0 __x64_sys_fdatasync+0x16/0x20 do_syscall_64+0x62/0x2c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e ... ``` Fix this by initializing the jbd2_inode first. Use smp_wmb() and WRITE_ONCE() to publish ei->jinode after initialization. Readers use READ_ONCE() to fetch the pointer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: convert inline data to extents when truncate exceeds inline size Add a check in ext4_setattr() to convert files from inline data storage to extent-based storage when truncate() grows the file size beyond the inline capacity. This prevents the filesystem from entering an inconsistent state where the inline data flag is set but the file size exceeds what can be stored inline. Without this fix, the following sequence causes a kernel BUG_ON(): 1. Mount filesystem with inode that has inline flag set and small size 2. truncate(file, 50MB) - grows size but inline flag remains set 3. sendfile() attempts to write data 4. ext4_write_inline_data() hits BUG_ON(write_size > inline_capacity) The crash occurs because ext4_write_inline_data() expects inline storage to accommodate the write, but the actual inline capacity (~60 bytes for i_block + ~96 bytes for xattrs) is far smaller than the file size and write request. The fix checks if the new size from setattr exceeds the inode's actual inline capacity (EXT4_I(inode)->i_inline_size) and converts the file to extent-based storage before proceeding with the size change. This addresses the root cause by ensuring the inline data flag and file size remain consistent during truncate operations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix folio isn't locked in softleaf_to_folio() On arm64 server, we found folio that get from migration entry isn't locked in softleaf_to_folio(). This issue triggers when mTHP splitting and zap_nonpresent_ptes() races, and the root cause is lack of memory barrier in softleaf_to_folio(). The race is as follows: CPU0 CPU1 deferred_split_scan() zap_nonpresent_ptes() lock folio split_folio() unmap_folio() change ptes to migration entries __split_folio_to_order() softleaf_to_folio() set flags(including PG_locked) for tail pages folio = pfn_folio(softleaf_to_pfn(entry)) smp_wmb() VM_WARN_ON_ONCE(!folio_test_locked(folio)) prep_compound_page() for tail pages In __split_folio_to_order(), smp_wmb() guarantees page flags of tail pages are visible before the tail page becomes non-compound. smp_wmb() should be paired with smp_rmb() in softleaf_to_folio(), which is missed. As a result, if zap_nonpresent_ptes() accesses migration entry that stores tail pfn, softleaf_to_folio() may see the updated compound_head of tail page before page->flags. This issue will trigger VM_WARN_ON_ONCE() in pfn_swap_entry_folio() because of the race between folio split and zap_nonpresent_ptes() leading to a folio incorrectly undergoing modification without a folio lock being held. This is a BUG_ON() before commit 93976a20345b ("mm: eliminate further swapops predicates"), which in merged in v6.19-rc1. To fix it, add missing smp_rmb() if the softleaf entry is migration entry in softleaf_to_folio() and softleaf_to_page(). [tujinjiang@huawei.com: update function name and comments]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false A UAF issue occurs when the virtio_net driver is configured with napi_tx=N and the device's IFF_XMIT_DST_RELEASE flag is cleared (e.g., during the configuration of tc route filter rules). When IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack expects the driver to hold the reference to skb->dst until the packet is fully transmitted and freed. In virtio_net with napi_tx=N, skbs may remain in the virtio transmit ring for an extended period. If the network namespace is destroyed while these skbs are still pending, the corresponding dst_ops structure has freed. When a subsequent packet is transmitted, free_old_xmit() is triggered to clean up old skbs. It then calls dst_release() on the skb associated with the stale dst_entry. Since the dst_ops (referenced by the dst_entry) has already been freed, a UAF kernel paging request occurs. fix it by adds skb_dst_drop(skb) in start_xmit to explicitly release the dst reference before the skb is queued in virtio_net. Call Trace: Unable to handle kernel paging request at virtual address ffff80007e150000 CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT ... percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P) dst_release+0xe0/0x110 net/core/dst.c:177 skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177 sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255 dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469 napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527 __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net] free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net] start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net] ... Reproduction Steps: NETDEV="enp3s0" config_qdisc_route_filter() { tc qdisc del dev $NETDEV root tc qdisc add dev $NETDEV root handle 1: prio tc filter add dev $NETDEV parent 1:0 \ protocol ip prio 100 route to 100 flowid 1:1 ip route add 192.168.1.100/32 dev $NETDEV realm 100 } test_ns() { ip netns add testns ip link set $NETDEV netns testns ip netns exec testns ifconfig $NETDEV 10.0.32.46/24 ip netns exec testns ping -c 1 10.0.32.1 ip netns del testns } config_qdisc_route_filter test_ns sleep 2 test_ns
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue (UAF) There is a teardown order issue in the driver. The SPI controller is registered using devm_spi_register_controller(), which delays unregistration of the SPI controller until after the fsl_lpspi_remove() function returns. As the fsl_lpspi_remove() function synchronously tears down the DMA channels, a running SPI transfer triggers the following NULL pointer dereference due to use after free: | fsl_lpspi 42550000.spi: I/O Error in DMA RX | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [...] | Call trace: | fsl_lpspi_dma_transfer+0x260/0x340 [spi_fsl_lpspi] | fsl_lpspi_transfer_one+0x198/0x448 [spi_fsl_lpspi] | spi_transfer_one_message+0x49c/0x7c8 | __spi_pump_transfer_message+0x120/0x420 | __spi_sync+0x2c4/0x520 | spi_sync+0x34/0x60 | spidev_message+0x20c/0x378 [spidev] | spidev_ioctl+0x398/0x750 [spidev] [...] Switch from devm_spi_register_controller() to spi_register_controller() in fsl_lpspi_probe() and add the corresponding spi_unregister_controller() in fsl_lpspi_remove().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gem_get_sset_count() correctly computes the number of stats based on the active queues, whereas gem_get_ethtool_stats() indiscriminately copies data using the maximum number of queues, and in the case the number of active queues is less than MACB_MAX_QUEUES, this results in a OOB write as observed in the KASAN splat. ================================================================== BUG: KASAN: vmalloc-out-of-bounds in gem_get_ethtool_stats+0x54/0x78 [macb] Write of size 760 at addr ffff80008080b000 by task ethtool/1027 CPU: [...] Tainted: [E]=UNSIGNED_MODULE Hardware name: raspberrypi rpi/rpi, BIOS 2025.10 10/01/2025 Call trace: show_stack+0x20/0x38 (C) dump_stack_lvl+0x80/0xf8 print_report+0x384/0x5e0 kasan_report+0xa0/0xf0 kasan_check_range+0xe8/0x190 __asan_memcpy+0x54/0x98 gem_get_ethtool_stats+0x54/0x78 [macb 926c13f3af83b0c6fe64badb21ec87d5e93fcf65] dev_ethtool+0x1220/0x38c0 dev_ioctl+0x4ac/0xca8 sock_do_ioctl+0x170/0x1d8 sock_ioctl+0x484/0x5d8 __arm64_sys_ioctl+0x12c/0x1b8 invoke_syscall+0xd4/0x258 el0_svc_common.constprop.0+0xb4/0x240 do_el0_svc+0x48/0x68 el0_svc+0x40/0xf8 el0t_64_sync_handler+0xa0/0xe8 el0t_64_sync+0x1b0/0x1b8 The buggy address belongs to a 1-page vmalloc region starting at 0xffff80008080b000 allocated at dev_ethtool+0x11f0/0x38c0 The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff00000a333000 pfn:0xa333 flags: 0x7fffc000000000(node=0|zone=0|lastcpupid=0x1ffff) raw: 007fffc000000000 0000000000000000 dead000000000122 0000000000000000 raw: ffff00000a333000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff80008080b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff80008080b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff80008080b180: 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ^ ffff80008080b200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffff80008080b280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ================================================================== Fix it by making sure the copied size only considers the active number of queues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extack errors. - CTA_PROTOINFO_TCP_STATE: reject values > TCP_CONNTRACK_SYN_SENT2 at policy level, removing the manual >= TCP_CONNTRACK_MAX check. - CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values > TCP_MAX_WSCALE (14). The normal TCP option parsing path already clamps to this value, but the ctnetlink path accepted 0-255, causing undefined behavior when used as a u32 shift count. - CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with CTA_FILTER_F_ALL, removing the manual mask checks. - CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding a new mask define grouping all valid expect flags. Extracted from a broader nf-next patch by Florian Westphal, scoped to ctnetlink for the fixes tree.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: skip expectations in other netns via proc Skip expectations that do not reside in this netns. Similar to e77e6ff502ea ("netfilter: conntrack: do not dump other netns's conntrack entries via proc").
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udp_sock to a local address and port, UDP uses two hashes (udptable->hash and udptable->hash2) for collision detection. The current code switches to "hash2" when hslot->count > 10. "hash2" is keyed by local address and local port. "hash" is keyed by local port only. The issue can be shown in the following bind sequence (pseudo code): bind(fd1, "[fd00::1]:8888") bind(fd2, "[fd00::2]:8888") bind(fd3, "[fd00::3]:8888") bind(fd4, "[fd00::4]:8888") bind(fd5, "[fd00::5]:8888") bind(fd6, "[fd00::6]:8888") bind(fd7, "[fd00::7]:8888") bind(fd8, "[fd00::8]:8888") bind(fd9, "[fd00::9]:8888") bind(fd10, "[fd00::10]:8888") /* Correctly return -EADDRINUSE because "hash" is used * instead of "hash2". udp_lib_lport_inuse() detects the * conflict. */ bind(fail_fd, "[::]:8888") /* After one more socket is bound to "[fd00::11]:8888", * hslot->count exceeds 10 and "hash2" is used instead. */ bind(fd11, "[fd00::11]:8888") bind(fail_fd, "[::]:8888") /* succeeds unexpectedly */ The same issue applies to the IPv4 wildcard address "0.0.0.0" and the IPv4-mapped wildcard address "::ffff:0.0.0.0". For example, if there are existing sockets bound to "192.168.1.[1-11]:8888", then binding "0.0.0.0:8888" or "[::ffff:0.0.0.0]:8888" can also miss the conflict when hslot->count > 10. TCP inet_csk_get_port() already has the correct check in inet_use_bhash2_on_bind(). Rename it to inet_use_hash2_on_bind() and move it to inet_hashtables.h so udp.c can reuse it in this fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` has a race window where `NETDEV_UP` can re-register a socket into a fanout group's `arr[]` array. The re-registration is not cleaned up by `fanout_release()`, leaving a dangling pointer in the fanout array. `packet_release()` does NOT zero `po->num` in its `bind_lock` section. After releasing `bind_lock`, `po->num` is still non-zero and `po->ifindex` still matches the bound device. A concurrent `packet_notifier(NETDEV_UP)` that already found the socket in `sklist` can re-register the hook. For fanout sockets, this re-registration calls `__fanout_link(sk, po)` which adds the socket back into `f->arr[]` and increments `f->num_members`, but does NOT increment `f->sk_ref`. The fix sets `po->num` to zero in `packet_release` while `bind_lock` is held to prevent NETDEV_UP from linking, preventing the race window. This bug was found following an additional audit with Claude Code based on CVE-2025-38617.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer smc_rx_splice() allocates one smc_spd_priv per pipe_buffer and stores the pointer in pipe_buffer.private. The pipe_buf_operations for these buffers used .get = generic_pipe_buf_get, which only increments the page reference count when tee(2) duplicates a pipe buffer. The smc_spd_priv pointer itself was not handled, so after tee() both the original and the cloned pipe_buffer share the same smc_spd_priv *. When both pipes are subsequently released, smc_rx_pipe_buf_release() is called twice against the same object: 1st call: kfree(priv) sock_put(sk) smc_rx_update_cons() [correct] 2nd call: kfree(priv) sock_put(sk) smc_rx_update_cons() [UAF] KASAN reports a slab-use-after-free in smc_rx_pipe_buf_release(), which then escalates to a NULL-pointer dereference and kernel panic via smc_rx_update_consumer() when it chases the freed priv->smc pointer: BUG: KASAN: slab-use-after-free in smc_rx_pipe_buf_release+0x78/0x2a0 Read of size 8 at addr ffff888004a45740 by task smc_splice_tee_/74 Call Trace: <TASK> dump_stack_lvl+0x53/0x70 print_report+0xce/0x650 kasan_report+0xc6/0x100 smc_rx_pipe_buf_release+0x78/0x2a0 free_pipe_info+0xd4/0x130 pipe_release+0x142/0x160 __fput+0x1c6/0x490 __x64_sys_close+0x4f/0x90 do_syscall_64+0xa6/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> BUG: kernel NULL pointer dereference, address: 0000000000000020 RIP: 0010:smc_rx_update_consumer+0x8d/0x350 Call Trace: <TASK> smc_rx_pipe_buf_release+0x121/0x2a0 free_pipe_info+0xd4/0x130 pipe_release+0x142/0x160 __fput+0x1c6/0x490 __x64_sys_close+0x4f/0x90 do_syscall_64+0xa6/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> Kernel panic - not syncing: Fatal exception Beyond the memory-safety problem, duplicating an SMC splice buffer is semantically questionable: smc_rx_update_cons() would advance the consumer cursor twice for the same data, corrupting receive-window accounting. A refcount on smc_spd_priv could fix the double-free, but the cursor-accounting issue would still need to be addressed separately. The .get callback is invoked by both tee(2) and splice_pipe_to_pipe() for partial transfers; both will now return -EFAULT. Users who need to duplicate SMC socket data must use a copy-based read path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Avoid releasing netdev before teardown completes The patch cited in the Fixes tag below changed the teardown code for OVS ports to no longer unconditionally take the RTNL. After this change, the netdev_destroy() callback can proceed immediately to the call_rcu() invocation if the IFF_OVS_DATAPATH flag is already cleared on the netdev. The ovs_netdev_detach_dev() function clears the flag before completing the unregistration, and if it gets preempted after clearing the flag (as can happen on an -rt kernel), netdev_destroy() can complete and the device can be freed before the unregistration completes. This leads to a splat like: [ 998.393867] Oops: general protection fault, probably for non-canonical address 0xff00000001000239: 0000 [#1] SMP PTI [ 998.393877] CPU: 42 UID: 0 PID: 55177 Comm: ip Kdump: loaded Not tainted 6.12.0-211.1.1.el10_2.x86_64+rt #1 PREEMPT_RT [ 998.393886] Hardware name: Dell Inc. PowerEdge R740/0JMK61, BIOS 2.24.0 03/27/2025 [ 998.393889] RIP: 0010:dev_set_promiscuity+0x8d/0xa0 [ 998.393901] Code: 00 00 75 d8 48 8b 53 08 48 83 ba b0 02 00 00 00 75 ca 48 83 c4 08 5b c3 cc cc cc cc 48 83 bf 48 09 00 00 00 75 91 48 8b 47 08 <48> 83 b8 b0 02 00 00 00 74 97 eb 81 0f 1f 80 00 00 00 00 90 90 90 [ 998.393906] RSP: 0018:ffffce5864a5f6a0 EFLAGS: 00010246 [ 998.393912] RAX: ff00000000ffff89 RBX: ffff894d0adf5a05 RCX: 0000000000000000 [ 998.393917] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff894d0adf5a05 [ 998.393921] RBP: ffff894d19252000 R08: ffff894d19252000 R09: 0000000000000000 [ 998.393924] R10: ffff894d19252000 R11: ffff894d192521b8 R12: 0000000000000006 [ 998.393927] R13: ffffce5864a5f738 R14: 00000000ffffffe2 R15: 0000000000000000 [ 998.393931] FS: 00007fad61971800(0000) GS:ffff894cc0140000(0000) knlGS:0000000000000000 [ 998.393936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 998.393940] CR2: 000055df0a2a6e40 CR3: 000000011c7fe003 CR4: 00000000007726f0 [ 998.393944] PKRU: 55555554 [ 998.393946] Call Trace: [ 998.393949] <TASK> [ 998.393952] ? show_trace_log_lvl+0x1b0/0x2f0 [ 998.393961] ? show_trace_log_lvl+0x1b0/0x2f0 [ 998.393975] ? dp_device_event+0x41/0x80 [openvswitch] [ 998.394009] ? __die_body.cold+0x8/0x12 [ 998.394016] ? die_addr+0x3c/0x60 [ 998.394027] ? exc_general_protection+0x16d/0x390 [ 998.394042] ? asm_exc_general_protection+0x26/0x30 [ 998.394058] ? dev_set_promiscuity+0x8d/0xa0 [ 998.394066] ? ovs_netdev_detach_dev+0x3a/0x80 [openvswitch] [ 998.394092] dp_device_event+0x41/0x80 [openvswitch] [ 998.394102] notifier_call_chain+0x5a/0xd0 [ 998.394106] unregister_netdevice_many_notify+0x51b/0xa60 [ 998.394110] rtnl_dellink+0x169/0x3e0 [ 998.394121] ? rt_mutex_slowlock.constprop.0+0x95/0xd0 [ 998.394125] rtnetlink_rcv_msg+0x142/0x3f0 [ 998.394128] ? avc_has_perm_noaudit+0x69/0xf0 [ 998.394130] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 998.394132] netlink_rcv_skb+0x50/0x100 [ 998.394138] netlink_unicast+0x292/0x3f0 [ 998.394141] netlink_sendmsg+0x21b/0x470 [ 998.394145] ____sys_sendmsg+0x39d/0x3d0 [ 998.394149] ___sys_sendmsg+0x9a/0xe0 [ 998.394156] __sys_sendmsg+0x7a/0xd0 [ 998.394160] do_syscall_64+0x7f/0x170 [ 998.394162] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 998.394165] RIP: 0033:0x7fad61bf4724 [ 998.394188] Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d c5 e9 0c 00 00 74 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89 [ 998.394189] RSP: 002b:00007ffd7e2f7cb8 EFLAGS: 00000202 ORIG_RAX: 000000000000002e [ 998.394191] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fad61bf4724 [ 998.394193] RDX: 0000000000000000 RSI: 00007ffd7e2f7d20 RDI: 0000000000000003 [ 998.394194] RBP: 00007ffd7e2f7d90 R08: 0000000000000010 R09: 000000000000003f [ 998.394195] R10: 000055df11558010 R11: 0000000000000202 R12: 00007ffd7e2 ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to trigger a crash in skb_put() [1] Issue is that pfkey_send_migrate() does not check old/new families, and that set_ipsecrequest() @family argument was truncated, thus possibly overfilling the skb. Validate families early, do not wait set_ipsecrequest(). [1] skbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:<NULL> kernel BUG at net/core/skbuff.c:214 ! Call Trace: <TASK> skb_over_panic net/core/skbuff.c:219 [inline] skb_put+0x159/0x210 net/core/skbuff.c:2655 skb_put_zero include/linux/skbuff.h:2788 [inline] set_ipsecrequest net/key/af_key.c:3532 [inline] pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636 km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848 xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705 xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output code will drop the packet for us. With async crypto (esp_output_done), we need to drop the skb when esp_output_tail_tcp returns an error.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol st_shndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplify_symbols(): for (i = 1; i < symsec->sh_size / sizeof(Elf_Sym); i++) { const char *name = info->strtab + sym[i].st_name; switch (sym[i].st_shndx) { case SHN_COMMON: [...] default: /* Divert to percpu allocation if a percpu var. */ if (sym[i].st_shndx == info->index.pcpu) secbase = (unsigned long)mod_percpu(mod); else /** HERE --> **/ secbase = info->sechdrs[sym[i].st_shndx].sh_addr; sym[i].st_value += secbase; break; } } A symbol with an out-of-bounds st_shndx value, for example 0xffff (known as SHN_XINDEX or SHN_HIRESERVE), may cause a kernel panic: BUG: unable to handle page fault for address: ... RIP: 0010:simplify_symbols+0x2b2/0x480 ... Kernel panic - not syncing: Fatal exception This can happen when module ELF is legitimately using SHN_XINDEX or when it is corrupted. Add a bounds check in simplify_symbols() to validate that st_shndx is within the valid range before using it. This issue was discovered due to a bug in llvm-objcopy, see relevant discussion for details [1]. [1] https://lore.kernel.org/linux-modules/20251224005752.201911-1-ihor.solodrai@linux.dev/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUSY handling in tls_do_encryption(), introduced by commit 859054147318 ("net: tls: handle backlogging of crypto requests"), has a use-after-free due to double cleanup of encrypt_pending and the scatterlist entry. When crypto_aead_encrypt() returns -EBUSY, the request is enqueued to the cryptd backlog and the async callback tls_encrypt_done() will be invoked upon completion. That callback unconditionally restores the scatterlist entry (sge->offset, sge->length) and decrements ctx->encrypt_pending. However, if tls_encrypt_async_wait() returns an error, the synchronous error path in tls_do_encryption() performs the same cleanup again, double-decrementing encrypt_pending and double-restoring the scatterlist. The double-decrement corrupts the encrypt_pending sentinel (initialized to 1), making tls_encrypt_async_wait() permanently skip the wait for pending async callbacks. A subsequent sendmsg can then free the tls_rec via bpf_exec_tx_verdict() while a cryptd callback is still pending, resulting in a use-after-free when the callback fires on the freed record. Fix this by skipping the synchronous cleanup when the -EBUSY async wait returns an error, since the callback has already handled encrypt_pending and sge restoration.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_hashtbl_used_head list with slave set to NULL when no replacement slave is available. However, bond_debug_rlb_hash_show visites client_info->slave without checking if it's NULL. Other used-list iterators in bond_alb.c already handle this NULL-slave state safely: - rlb_update_client returns early on !client_info->slave - rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance compare slave values before visiting - lb_req_update_subnet_clients continues if slave is NULL The following NULL deref crash can be trigger in bond_debug_rlb_hash_show: [ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41) [ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286 [ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204 [ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078 [ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000 [ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0 [ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8 [ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000 [ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0 [ 1.295897] Call Trace: [ 1.296134] seq_read_iter (fs/seq_file.c:231) [ 1.296341] seq_read (fs/seq_file.c:164) [ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1)) [ 1.296658] vfs_read (fs/read_write.c:572) [ 1.296981] ksys_read (fs/read_write.c:717) [ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Add a NULL check and print "(none)" for entries with no assigned slave.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futex_lock_pi() retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524 When futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY and stores a refcounted task pointer in 'exiting'. After wait_for_owner_exiting() consumes that reference, the local pointer is never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a different error, the bogus pointer is passed to wait_for_owner_exiting(). CPU0 CPU1 CPU2 futex_lock_pi(uaddr) // acquires the PI futex exit() futex_cleanup_begin() futex_state = EXITING; futex_lock_pi(uaddr) futex_lock_pi_atomic() attach_to_pi_owner() // observes EXITING *exiting = owner; // takes ref return -EBUSY wait_for_owner_exiting(-EBUSY, owner) put_task_struct(); // drops ref // exiting still points to owner goto retry; futex_lock_pi_atomic() lock_pi_update_atomic() cmpxchg(uaddr) *uaddr ^= WAITERS // whatever // value changed return -EAGAIN; wait_for_owner_exiting(-EAGAIN, exiting) // stale WARN_ON_ONCE(exiting) Fix this by resetting upon retry, essentially aligning it with requeue_pi.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: macb: Use dev_consume_skb_any() to free TX SKBs The napi_consume_skb() function is not intended to be called in an IRQ disabled context. However, after commit 6bc8a5098bf4 ("net: macb: Fix tx_ptr_lock locking"), the freeing of TX SKBs is performed with IRQs disabled. To resolve the following call trace, use dev_consume_skb_any() for freeing TX SKBs: WARNING: kernel/softirq.c:430 at __local_bh_enable_ip+0x174/0x188, CPU#0: ksoftirqd/0/15 Modules linked in: CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 7.0.0-rc4-next-20260319-yocto-standard-dirty #37 PREEMPT Hardware name: ZynqMP ZCU102 Rev1.1 (DT) pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __local_bh_enable_ip+0x174/0x188 lr : local_bh_enable+0x24/0x38 sp : ffff800082b3bb10 x29: ffff800082b3bb10 x28: ffff0008031f3c00 x27: 000000000011ede0 x26: ffff000800a7ff00 x25: ffff800083937ce8 x24: 0000000000017a80 x23: ffff000803243a78 x22: 0000000000000040 x21: 0000000000000000 x20: ffff000800394c80 x19: 0000000000000200 x18: 0000000000000001 x17: 0000000000000001 x16: ffff000803240000 x15: 0000000000000000 x14: ffffffffffffffff x13: 0000000000000028 x12: ffff000800395650 x11: ffff8000821d1528 x10: ffff800081c2bc08 x9 : ffff800081c1e258 x8 : 0000000100000301 x7 : ffff8000810426ec x6 : 0000000000000000 x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000200 x0 : ffff8000810428dc Call trace: __local_bh_enable_ip+0x174/0x188 (P) local_bh_enable+0x24/0x38 skb_attempt_defer_free+0x190/0x1d8 napi_consume_skb+0x58/0x108 macb_tx_poll+0x1a4/0x558 __napi_poll+0x50/0x198 net_rx_action+0x1f4/0x3d8 handle_softirqs+0x16c/0x560 run_ksoftirqd+0x44/0x80 smpboot_thread_fn+0x1d8/0x338 kthread+0x120/0x150 ret_from_fork+0x10/0x20 irq event stamp: 29751 hardirqs last enabled at (29750): [<ffff8000813be184>] _raw_spin_unlock_irqrestore+0x44/0x88 hardirqs last disabled at (29751): [<ffff8000813bdf60>] _raw_spin_lock_irqsave+0x38/0x98 softirqs last enabled at (29150): [<ffff8000800f1aec>] handle_softirqs+0x504/0x560 softirqs last disabled at (29153): [<ffff8000800f2fec>] run_ksoftirqd+0x44/0x80
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications (e.g., rping) are active. The netdev reset causes ice driver to remove irdma auxiliary driver, triggering device_delete and subsequent client removal. During client removal, uverbs_client waits for QP reference count to reach zero while cma_client holds the final reference, creating circular dependency and indefinite wait in iWARP mode. Skip QP reference count wait during device reset to prevent deadlock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix reference count leak in rxrpc_server_keyring() This patch fixes a reference count leak in rxrpc_server_keyring() by checking if rx->securities is already set.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len = nopaged_len - bmax; where nopaged_len = skb_headlen(skb) (linear bytes only) and bmax is BUF_SIZE_8KiB or BUF_SIZE_2KiB. However, the caller stmmac_xmit() decides to invoke jumbo_frm() based on skb->len (total length including page fragments): is_jumbo = stmmac_is_jumbo_frm(priv, skb->len, enh_desc); When a packet has a small linear portion (nopaged_len <= bmax) but a large total length due to page fragments (skb->len > bmax), the subtraction wraps as an unsigned integer, producing a huge len value (~0xFFFFxxxx). This causes the while (len != 0) loop to execute hundreds of thousands of iterations, passing skb->data + bmax * i pointers far beyond the skb buffer to dma_map_single(). On IOMMU-less SoCs (the typical deployment for stmmac), this maps arbitrary kernel memory to the DMA engine, constituting a kernel memory disclosure and potential memory corruption from hardware. Fix this by introducing a buf_len local variable clamped to min(nopaged_len, bmax). Computing len = nopaged_len - buf_len is then always safe: it is zero when the linear portion fits within a single descriptor, causing the while (len != 0) loop to be skipped naturally, and the fragment loop in stmmac_xmit() handles page fragments afterward.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() When dma_map_single() fails in tse_start_xmit(), the function returns NETDEV_TX_OK without freeing the skb. Since NETDEV_TX_OK tells the stack the packet was consumed, the skb is never freed, leaking memory on every DMA mapping failure. Add dev_kfree_skb_any() before returning to properly free the skb.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears the trailing padding bytes of struct xfrm_user_expire after setting the hard field via memset_after(), but the analogous function build_polexpire() does not do this for struct xfrm_user_polexpire. The padding bytes after the __u8 hard field are left uninitialized from the heap allocation, and are then sent to userspace via netlink multicast to XFRMNLGRP_EXPIRE listeners, leaking kernel heap memory contents. Add the missing memset_after() call, matching build_expire().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: fix use-after-free in timeout object destroy nft_ct_timeout_obj_destroy() frees the timeout object with kfree() immediately after nf_ct_untimeout(), without waiting for an RCU grace period. Concurrent packet processing on other CPUs may still hold RCU-protected references to the timeout object obtained via rcu_dereference() in nf_ct_timeout_data(). Add an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer freeing until after an RCU grace period, matching the approach already used in nfnetlink_cttimeout.c. KASAN report: BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0 Read of size 4 at addr ffff8881035fe19c by task exploit/80 Call Trace: nf_conntrack_tcp_packet+0x1381/0x29d0 nf_conntrack_in+0x612/0x8b0 nf_hook_slow+0x70/0x100 __ip_local_out+0x1b2/0x210 tcp_sendmsg_locked+0x722/0x1580 __sys_sendto+0x2d8/0x320 Allocated by task 75: nft_ct_timeout_obj_init+0xf6/0x290 nft_obj_init+0x107/0x1b0 nf_tables_newobj+0x680/0x9c0 nfnetlink_rcv_batch+0xc29/0xe00 Freed by task 26: nft_obj_destroy+0x3f/0xa0 nf_tables_trans_destroy_work+0x51c/0x5c0 process_one_work+0x2c4/0x5a0
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU to guarantee socket memory stability during RCU read-side critical sections. Both tcp_prot and tcpv6_prot have their slab caches created with this flag via proto_register(). However, MPTCP's mptcp_subflow_init() copies tcpv6_prot into tcpv6_prot_override during inet_init() (fs_initcall, level 5), before inet6_init() (module_init/device_initcall, level 6) has called proto_register(&tcpv6_prot). At that point, tcpv6_prot.slab is still NULL, so tcpv6_prot_override.slab remains NULL permanently. This causes MPTCP v6 subflow child sockets to be allocated via kmalloc (falling into kmalloc-4k) instead of the TCPv6 slab cache. The kmalloc-4k cache lacks SLAB_TYPESAFE_BY_RCU, so when these sockets are freed without SOCK_RCU_FREE (which is cleared for child sockets by design), the memory can be immediately reused. Concurrent ehash lookups under rcu_read_lock can then access freed memory, triggering a slab-use-after-free in __inet_lookup_established. Fix this by splitting the IPv6-specific initialization out of mptcp_subflow_init() into a new mptcp_subflow_v6_init(), called from mptcp_proto_v6_init() before protocol registration. This ensures tcpv6_prot_override.slab correctly inherits the SLAB_TYPESAFE_BY_RCU slab cache.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causing a potential out of memory situation. Prevent this from bounding the number of pending rfkill events at a "large" number (i.e. 1000) to prevent abuses like this.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace. Fix that up by zeroing the structure before setting individual member variables.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr during rule installation so malformed rules are rejected before the match logic can use an out-of-range value.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: flowlabel: defer exclusive option free until RCU teardown `ip6fl_seq_show()` walks the global flowlabel hash under the seq-file RCU read-side lock and prints `fl->opt->opt_nflen` when an option block is present. Exclusive flowlabels currently free `fl->opt` as soon as `fl->users` drops to zero in `fl_release()`. However, the surrounding `struct ip6_flowlabel` remains visible in the global hash table until later garbage collection removes it and `fl_free_rcu()` finally tears it down. A concurrent `/proc/net/ip6_flowlabel` reader can therefore race that early `kfree()` and dereference freed option state, triggering a crash in `ip6fl_seq_show()`. Fix this by keeping `fl->opt` alive until `fl_free_rcu()`. That matches the lifetime already required for the enclosing flowlabel while readers can still reach it under RCU.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] and assumes that these options are in the linear part of request. Its callers only guarantee that the ICMPv6 header and target address are available, so the option area can still be non-linear. Parsing ns->opt[] in that case can access data past the linear buffer. Linearize request before option parsing and derive ns from the linear network header.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and rx_scratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocated earlier in the function. Rework the failure path to use staged local unwind labels and free allocated resources in reverse order before returning -ENOMEM. This matches common netdev allocation cleanup style.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: validate ND option lengths br_nd_send() walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option payload. Validate option lengths against the remaining NS option area before advancing, and only read source LLADDR when the option is large enough for an Ethernet address.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Move iio_device_register() to correct location iio_device_register() should be at the end of the probe function to prevent race conditions. Place iio_device_register() at the end of the probe function and place iio_device_unregister() accordingly.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() Add a DMA-safe buffer and use it for spi_read() instead of a stack memory. All SPI buffers must be DMA-safe. Since we only need up to 3 bytes, we just use a u8[] instead of __be16 and __be32 and change the conversion functions appropriately.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at line 48 and returns 1 (error). This error propagates back through the call chain: x25_queue_rx_frame returns 1 | v x25_state3_machine receives the return value 1 and takes the else branch at line 278, setting queued=0 and returning 0 | v x25_process_rx_frame returns queued=0 | v x25_backlog_rcv at line 452 sees queued=0 and calls kfree_skb(skb) again This would free the same skb twice. Looking at x25_backlog_rcv: net/x25/x25_in.c:x25_backlog_rcv() { ... queued = x25_process_rx_frame(sk, skb); ... if (!queued) kfree_skb(skb); }
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject immediate NF_QUEUE verdict nft_queue is always used from userspace nftables to deliver the NF_QUEUE verdict. Immediately emitting an NF_QUEUE verdict is never used by the userspace nft tools, so reject immediate NF_QUEUE verdicts. The arp family does not provide queue support, but such an immediate verdict is still reachable. Globally reject NF_QUEUE immediate verdicts to address this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existing master conntrack helper, anything else is not really supported and it just makes validation more complicated, so just ignore what helper userspace suggests for this expectation. This was uncovered when validating CTA_EXPECT_CLASS via different helper provided by userspace than the existing master conntrack helper: BUG: KASAN: slab-out-of-bounds in nf_ct_expect_related_report+0x2479/0x27c0 Read of size 4 at addr ffff8880043fe408 by task poc/102 Call Trace: nf_ct_expect_related_report+0x2479/0x27c0 ctnetlink_create_expect+0x22b/0x3b0 ctnetlink_new_expect+0x4bd/0x5c0 nfnetlink_rcv_msg+0x67a/0x950 netlink_rcv_skb+0x120/0x350 Allowing to read kernel memory bytes off the expectation boundary. CTA_EXPECT_HELP_NAME is still used to offer the helper name to userspace via netlink dump.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent ctnetlink_alloc_expect() allocates expectations from a non-zeroing slab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not present in the netlink message, saved_addr and saved_proto are never initialized. Stale data from a previous slab occupant can then be dumped to userspace by ctnetlink_exp_dump_expect(), which checks these fields to decide whether to emit CTA_EXPECT_NAT. The safe sibling nf_ct_expect_init(), used by the packet path, explicitly zeroes these fields. Zero saved_addr, saved_proto and dir in the else branch, guarded by IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when NAT is enabled. Confirmed by priming the expect slab with NAT-bearing expectations, freeing them, creating a new expectation without CTA_EXPECT_NAT, and observing that the ctnetlink dump emits a spurious CTA_EXPECT_NAT containing stale data from the prior allocation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_helper: pass helper to expect cleanup nf_conntrack_helper_unregister() calls nf_ct_expect_iterate_destroy() to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the helper pointer as the data argument, so expect_iter_me() never matches any expectation and all of them survive the cleanup. After unregister returns, nfnl_cthelper_del() frees the helper object immediately. Subsequent expectation dumps or packet-driven init_conntrack() calls then dereference the freed exp->helper, causing a use-after-free. Pass the actual helper pointer so expectations referencing it are properly destroyed before the helper object is freed. BUG: KASAN: slab-use-after-free in string+0x38f/0x430 Read of size 1 at addr ffff888003b14d20 by task poc/103 Call Trace: string+0x38f/0x430 vsnprintf+0x3cc/0x1170 seq_printf+0x17a/0x240 exp_seq_show+0x2e5/0x560 seq_read_iter+0x419/0x1280 proc_reg_read+0x1ac/0x270 vfs_read+0x179/0x930 ksys_read+0xef/0x1c0 Freed by task 103: The buggy address is located 32 bytes inside of freed 192-byte region [ffff888003b14d00, ffff888003b14dc0)
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe() for pointers to packet In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N regsafe() may return true which may lead to current state with valid packet range not being explored. Fix the bug.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src != dst), there is no need to save the high-order sequence bits in dst as it could simply be re-copied from the source. However, the data to be hashed need to be rearranged accordingly. Thanks,
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak When building netlink messages, tc_chain_fill_node() never initializes the tcm_info field of struct tcmsg. Since the allocation is not zeroed, kernel heap memory is leaked to userspace through this 4-byte field. The fix simply zeroes tcm_info alongside the other fields that are already initialized.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inet_skb_parm. When skb is cloned into skb2 and passed to icmp6_send(), it uses IP6CB(skb2). IP6CB interprets the IPv4 inet_skb_parm as an inet6_skb_parm. The cipso offset in inet_skb_parm.opt directly overlaps with dsthao in inet6_skb_parm at offset 18. If an attacker sends a forged ICMPv4 error with a CIPSO IP option, dsthao would be a non-zero offset. Inside icmp6_send(), mip6_addr_swap() is called and uses ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO). This would scan the inner, attacker-controlled IPv6 packet starting at that offset, potentially returning a fake TLV without checking if the remaining packet length can hold the full 18-byte struct ipv6_destopt_hao. Could mip6_addr_swap() then perform a 16-byte swap that extends past the end of the packet data into skb_shared_info? Should the cb array also be cleared in ip6_err_gen_icmpv6_unreach() and ip6ip6_err() to prevent this? This patch implements the first suggestion. I am not sure if ip6ip6_err() needs to be changed. A separate patch would be better anyway.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct has three padding fields that are never zeroed and can leak kernel data The fix is simple, just zeroes the padding fields.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback NETIF_F_IPV6_CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software checksumming. Since TSO depends on checksum offload, those must revert to GSO. The below commit introduces that fallback. It always checks network header length. For tunneled packets, the inner header length must be checked instead. Extend the check accordingly. A special case is tunneled packets without inner IP protocol. Such as RFC 6951 SCTP in UDP. Those are not standard IPv6 followed by transport header either, so also must revert to the software GSO path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.6 |
Mitigation
Mitigation
None Available
|
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.6 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-019113: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.6 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-019113.html"
},
{
"category": "self",
"summary": "SSA-019113: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.6 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-019113.json"
}
],
"title": "SSA-019113: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.6",
"tracking": {
"current_release_date": "2026-07-14T00:00:00.000Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-019113",
"initial_release_date": "2026-07-14T00:00:00.000Z",
"revision_history": [
{
"date": "2026-07-14T00:00:00.000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "interim",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) \u003e= V3.1.6",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) \u003e= V3.1.6",
"product_id": "2",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) \u003e= V3.1.6",
"product_id": "3",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) \u003e= V3.1.6",
"product_id": "4",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.6",
"product": {
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) \u003e= V3.1.6",
"product_id": "5",
"product_identification_helper": {
"model_numbers": [
"6AG1518-4AX00-4AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "description",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-28531",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "description",
"text": "ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-28531"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "description",
"text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-52927",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26783",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index\n\nWith numa balancing on, when a numa system is running where a numa node\ndoesn\u0027t have its local memory so it has no managed zones, the following\noops has been observed. It\u0027s because wakeup_kswapd() is called with a\nwrong zone index, -1. Fixed it by checking the index before calling\nwakeup_kswapd().\n\n\u003e BUG: unable to handle page fault for address: 00000000000033f3\n\u003e #PF: supervisor read access in kernel mode\n\u003e #PF: error_code(0x0000) - not-present page\n\u003e PGD 0 P4D 0\n\u003e Oops: 0000 [#1] PREEMPT SMP NOPTI\n\u003e CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255\n\u003e Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n\u003e rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n\u003e RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812)\n\u003e Code: (omitted)\n\u003e RSP: 0000:ffffc90004257d58 EFLAGS: 00010286\n\u003e RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003\n\u003e RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480\n\u003e RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff\n\u003e R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003\n\u003e R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940\n\u003e FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000\n\u003e CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\u003e CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0\n\u003e DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n\u003e DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\u003e PKRU: 55555554\n\u003e Call Trace:\n\u003e \u003cTASK\u003e\n\u003e ? __die\n\u003e ? page_fault_oops\n\u003e ? __pte_offset_map_lock\n\u003e ? exc_page_fault\n\u003e ? asm_exc_page_fault\n\u003e ? wakeup_kswapd\n\u003e migrate_misplaced_page\n\u003e __handle_mm_fault\n\u003e handle_mm_fault\n\u003e do_user_addr_fault\n\u003e exc_page_fault\n\u003e asm_exc_page_fault\n\u003e RIP: 0033:0x55b897ba0808\n\u003e Code: (omitted)\n\u003e RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287\n\u003e RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0\n\u003e RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0\n\u003e RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075\n\u003e R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n\u003e R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000\n\u003e \u003c/TASK\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-26783"
},
{
"cve": "CVE-2024-27056",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: ensure offloading TID queue exists\n\nThe resume code path assumes that the TX queue for the offloading TID\nhas been configured. At resume time it then tries to sync the write\npointer as it may have been updated by the firmware.\n\nIn the unusual event that no packets have been send on TID 0, the queue\nwill not have been allocated and this causes a crash. Fix this by\nensuring the queue exist at suspend time.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-27056"
},
{
"cve": "CVE-2024-28956",
"cwe": {
"id": "CWE-1421",
"name": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution"
},
"notes": [
{
"category": "description",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-36903",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix potential uninit-value access in __ip6_make_skb()\n\nAs it was done in commit fc1092f51567 (\"ipv4: Fix uninit-value access in\n__ip_make_skb()\") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6-\u003eflowi6_flags\ninstead of testing HDRINCL on the socket to avoid a race condition which\ncauses uninit-value access.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-36903"
},
{
"cve": "CVE-2024-36927",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: Fix uninit-value access in __ip_make_skb()\n\nKMSAN reported uninit-value access in __ip_make_skb() [1]. __ip_make_skb()\ntests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a\nrace condition. If calling setsockopt(2) with IP_HDRINCL changes HDRINCL\nwhile __ip_make_skb() is running, the function will access icmphdr in the\nskb even if it is not included. This causes the issue reported by KMSAN.\n\nCheck FLOWI_FLAG_KNOWN_NH on fl4-\u003eflowi4_flags instead of testing HDRINCL\non the socket.\n\nAlso, fl4-\u003efl4_icmp_type and fl4-\u003efl4_icmp_code are not initialized. These\nare union in struct flowi4 and are implicitly initialized by\nflowi4_init_output(), but we should not rely on specific union layout.\n\nInitialize these explicitly in raw_sendmsg().\n\n[1]\nBUG: KMSAN: uninit-value in __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n __ip_make_skb+0x2b74/0x2d20 net/ipv4/ip_output.c:1481\n ip_finish_skb include/net/ip.h:243 [inline]\n ip_push_pending_frames+0x4c/0x5c0 net/ipv4/ip_output.c:1508\n raw_sendmsg+0x2381/0x2690 net/ipv4/raw.c:654\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3804 [inline]\n slab_alloc_node mm/slub.c:3845 [inline]\n kmem_cache_alloc_node+0x5f6/0xc50 mm/slub.c:3888\n kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:577\n __alloc_skb+0x35a/0x7c0 net/core/skbuff.c:668\n alloc_skb include/linux/skbuff.h:1318 [inline]\n __ip_append_data+0x49ab/0x68c0 net/ipv4/ip_output.c:1128\n ip_append_data+0x1e7/0x260 net/ipv4/ip_output.c:1365\n raw_sendmsg+0x22b1/0x2690 net/ipv4/raw.c:648\n inet_sendmsg+0x27b/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x274/0x3c0 net/socket.c:745\n __sys_sendto+0x62c/0x7b0 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x130/0x200 net/socket.c:2199\n do_syscall_64+0xd8/0x1f0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nCPU: 1 PID: 15709 Comm: syz-executor.7 Not tainted 6.8.0-11567-gb3603fcb79b1 #25\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-1.fc39 04/01/2014",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-36927"
},
{
"cve": "CVE-2024-42079",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix NULL pointer dereference in gfs2_log_flush\n\nIn gfs2_jindex_free(), set sdp-\u003esd_jdesc to NULL under the log flush\nlock to provide exclusion against gfs2_log_flush().\n\nIn gfs2_log_flush(), check if sdp-\u003esd_jdesc is non-NULL before\ndereferencing it. Otherwise, we could run into a NULL pointer\ndereference when outstanding glock work races with an unmount\n(glock_work_func -\u003e run_queue -\u003e do_xmote -\u003e inode_go_sync -\u003e\ngfs2_log_flush).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-42079"
},
{
"cve": "CVE-2024-46786",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF\n\nThe fscache_cookie_lru_timer is initialized when the fscache module\nis inserted, but is not deleted when the fscache module is removed.\nIf timer_reduce() is called before removing the fscache module,\nthe fscache_cookie_lru_timer will be added to the timer list of\nthe current cpu. Afterwards, a use-after-free will be triggered\nin the softIRQ after removing the fscache module, as follows:\n\n==================================================================\nBUG: unable to handle page fault for address: fffffbfff803c9e9\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 21ffea067 P4D 21ffea067 PUD 21ffe6067 PMD 110a7c067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G W 6.11.0-rc3 #855\nTainted: [W]=WARN\nRIP: 0010:__run_timer_base.part.0+0x254/0x8a0\nCall Trace:\n \u003cIRQ\u003e\n tmigr_handle_remote_up+0x627/0x810\n __walk_groups.isra.0+0x47/0x140\n tmigr_handle_remote+0x1fa/0x2f0\n handle_softirqs+0x180/0x590\n irq_exit_rcu+0x84/0xb0\n sysvec_apic_timer_interrupt+0x6e/0x90\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:default_idle+0xf/0x20\n default_idle_call+0x38/0x60\n do_idle+0x2b5/0x300\n cpu_startup_entry+0x54/0x60\n start_secondary+0x20d/0x280\n common_startup_64+0x13e/0x148\n \u003c/TASK\u003e\nModules linked in: [last unloaded: netfs]\n==================================================================\n\nTherefore delete fscache_cookie_lru_timer when removing the fscahe module.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-46786"
},
{
"cve": "CVE-2024-47736",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: handle overlapped pclusters out of crafted images properly\n\nsyzbot reported a task hang issue due to a deadlock case where it is\nwaiting for the folio lock of a cached folio that will be used for\ncache I/Os.\n\nAfter looking into the crafted fuzzed image, I found it\u0027s formed with\nseveral overlapped big pclusters as below:\n\n Ext: logical offset | length : physical offset | length\n 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384\n 1: 16384.. 32768 | 16384 : 155648.. 172032 | 16384\n 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384\n...\n\nHere, extent 0/1 are physically overlapped although it\u0027s entirely\n_impossible_ for normal filesystem images generated by mkfs.\n\nFirst, managed folios containing compressed data will be marked as\nup-to-date and then unlocked immediately (unlike in-place folios) when\ncompressed I/Os are complete. If physical blocks are not submitted in\nthe incremental order, there should be separate BIOs to avoid dependency\nissues. However, the current code mis-arranges z_erofs_fill_bio_vec()\nand BIO submission which causes unexpected BIO waits.\n\nSecond, managed folios will be connected to their own pclusters for\nefficient inter-queries. However, this is somewhat hard to implement\neasily if overlapped big pclusters exist. Again, these only appear in\nfuzzed images so let\u0027s simply fall back to temporary short-lived pages\nfor correctness.\n\nAdditionally, it justifies that referenced managed folios cannot be\ntruncated for now and reverts part of commit 2080ca1ed3e4 (\"erofs: tidy\nup `struct z_erofs_bvec`\") for simplicity although it shouldn\u0027t be any\ndifference.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-47736"
},
{
"cve": "CVE-2024-47809",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: fix possible lkb_resource null dereference\n\nThis patch fixes a possible null pointer dereference when this function is\ncalled from request_lock() as lkb-\u003elkb_resource is not assigned yet,\nonly after validate_lock_args() by calling attach_lkb(). Another issue\nis that a resource name could be a non printable bytearray and we cannot\nassume to be ASCII coded.\n\nThe log functionality is probably never being hit when DLM is used in\nnormal way and no debug logging is enabled. The null pointer dereference\ncan only occur on a new created lkb that does not have the resource\nassigned yet, it probably never hits the null pointer dereference but we\nshould be sure that other changes might not change this behaviour and we\nactually can hit the mentioned null pointer dereference.\n\nIn this patch we just drop the printout of the resource name, the lkb id\nis enough to make a possible connection to a resource name if this\nexists.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-47809"
},
{
"cve": "CVE-2024-49968",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: filesystems without casefold feature cannot be mounted with siphash\n\nWhen mounting the ext4 filesystem, if the default hash version is set to\nDX_HASH_SIPHASH but the casefold feature is not set, exit the mounting.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-49968"
},
{
"cve": "CVE-2024-49994",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-49998",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: improve shutdown sequence\n\nAlexander Sverdlin presents 2 problems during shutdown with the\nlan9303 driver. One is specific to lan9303 and the other just happens\nto reproduce there.\n\nThe first problem is that lan9303 is unique among DSA drivers in that it\ncalls dev_get_drvdata() at \"arbitrary runtime\" (not probe, not shutdown,\nnot remove):\n\nphy_state_machine()\n-\u003e ...\n -\u003e dsa_user_phy_read()\n -\u003e ds-\u003eops-\u003ephy_read()\n -\u003e lan9303_phy_read()\n -\u003e chip-\u003eops-\u003ephy_read()\n -\u003e lan9303_mdio_phy_read()\n -\u003e dev_get_drvdata()\n\nBut we never stop the phy_state_machine(), so it may continue to run\nafter dsa_switch_shutdown(). Our common pattern in all DSA drivers is\nto set drvdata to NULL to suppress the remove() method that may come\nafterwards. But in this case it will result in an NPD.\n\nThe second problem is that the way in which we set\ndp-\u003econduit-\u003edsa_ptr = NULL; is concurrent with receive packet\nprocessing. dsa_switch_rcv() checks once whether dev-\u003edsa_ptr is NULL,\nbut afterwards, rather than continuing to use that non-NULL value,\ndev-\u003edsa_ptr is dereferenced again and again without NULL checks:\ndsa_conduit_find_user() and many other places. In between dereferences,\nthere is no locking to ensure that what was valid once continues to be\nvalid.\n\nBoth problems have the common aspect that closing the conduit interface\nsolves them.\n\nIn the first case, dev_close(conduit) triggers the NETDEV_GOING_DOWN\nevent in dsa_user_netdevice_event() which closes user ports as well.\ndsa_port_disable_rt() calls phylink_stop(), which synchronously stops\nthe phylink state machine, and ds-\u003eops-\u003ephy_read() will thus no longer\ncall into the driver after this point.\n\nIn the second case, dev_close(conduit) should do this, as per\nDocumentation/networking/driver.rst:\n\n| Quiescence\n| ----------\n|\n| After the ndo_stop routine has been called, the hardware must\n| not receive or transmit any data. All in flight packets must\n| be aborted. If necessary, poll or wait for completion of\n| any reset commands.\n\nSo it should be sufficient to ensure that later, when we zeroize\nconduit-\u003edsa_ptr, there will be no concurrent dsa_switch_rcv() call\non this conduit.\n\nThe addition of the netif_device_detach() function is to ensure that\nioctls, rtnetlinks and ethtool requests on the user ports no longer\npropagate down to the driver - we\u0027re no longer prepared to handle them.\n\nThe race condition actually did not exist when commit 0650bf52b31f\n(\"net: dsa: be compatible with masters which unregister on shutdown\")\nfirst introduced dsa_switch_shutdown(). It was created later, when we\nstopped unregistering the user interfaces from a bad spot, and we just\nreplaced that sequence with a racy zeroization of conduit-\u003edsa_ptr\n(one which doesn\u0027t ensure that the interfaces aren\u0027t up).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-49998"
},
{
"cve": "CVE-2024-50014",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix access to uninitialised lock in fc replay path\n\nThe following kernel trace can be triggered with fstest generic/629 when\nexecuted against a filesystem with fast-commit feature enabled:\n\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 0 PID: 866 Comm: mount Not tainted 6.10.0+ #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-3-gd478f380-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x66/0x90\n register_lock_class+0x759/0x7d0\n __lock_acquire+0x85/0x2630\n ? __find_get_block+0xb4/0x380\n lock_acquire+0xd1/0x2d0\n ? __ext4_journal_get_write_access+0xd5/0x160\n _raw_spin_lock+0x33/0x40\n ? __ext4_journal_get_write_access+0xd5/0x160\n __ext4_journal_get_write_access+0xd5/0x160\n ext4_reserve_inode_write+0x61/0xb0\n __ext4_mark_inode_dirty+0x79/0x270\n ? ext4_ext_replay_set_iblocks+0x2f8/0x450\n ext4_ext_replay_set_iblocks+0x330/0x450\n ext4_fc_replay+0x14c8/0x1540\n ? jread+0x88/0x2e0\n ? rcu_is_watching+0x11/0x40\n do_one_pass+0x447/0xd00\n jbd2_journal_recover+0x139/0x1b0\n jbd2_journal_load+0x96/0x390\n ext4_load_and_init_journal+0x253/0xd40\n ext4_fill_super+0x2cc6/0x3180\n...\n\nIn the replay path there\u0027s an attempt to lock sbi-\u003es_bdev_wb_lock in\nfunction ext4_check_bdev_write_error(). Unfortunately, at this point this\nspinlock has not been initialized yet. Moving it\u0027s initialization to an\nearlier point in __ext4_fill_super() fixes this splat.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-50014"
},
{
"cve": "CVE-2024-50063",
"cwe": {
"id": "CWE-841",
"name": "Improper Enforcement of Behavioral Workflow"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tail call between progs attached to different hooks\n\nbpf progs can be attached to kernel functions, and the attached functions\ncan take different parameters or return different return values. If\nprog attached to one kernel function tail calls prog attached to another\nkernel function, the ctx access or return value verification could be\nbypassed.\n\nFor example, if prog1 is attached to func1 which takes only 1 parameter\nand prog2 is attached to func2 which takes two parameters. Since verifier\nassumes the bpf ctx passed to prog2 is constructed based on func2\u0027s\nprototype, verifier allows prog2 to access the second parameter from\nthe bpf ctx passed to it. The problem is that verifier does not prevent\nprog1 from passing its bpf ctx to prog2 via tail call. In this case,\nthe bpf ctx passed to prog2 is constructed from func1 instead of func2,\nthat is, the assumption for ctx access verification is bypassed.\n\nAnother example, if BPF LSM prog1 is attached to hook file_alloc_security,\nand BPF LSM prog2 is attached to hook bpf_lsm_audit_rule_known. Verifier\nknows the return value rules for these two hooks, e.g. it is legal for\nbpf_lsm_audit_rule_known to return positive number 1, and it is illegal\nfor file_alloc_security to return positive number. So verifier allows\nprog2 to return positive number 1, but does not allow prog1 to return\npositive number. The problem is that verifier does not prevent prog1\nfrom calling prog2 via tail call. In this case, prog2\u0027s return value 1\nwill be used as the return value for prog1\u0027s hook file_alloc_security.\nThat is, the return value rule is bypassed.\n\nThis patch adds restriction for tail call to prevent such bypasses.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-50063"
},
{
"cve": "CVE-2024-50164",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix overloading of MEM_UNINIT\u0027s meaning\n\nLonial reported an issue in the BPF verifier where check_mem_size_reg()\nhas the following code:\n\n if (!tnum_is_const(reg-\u003evar_off))\n /* For unprivileged variable accesses, disable raw\n * mode so that the program is required to\n * initialize all the memory that the helper could\n * just partially fill up.\n */\n meta = NULL;\n\nThis means that writes are not checked when the register containing the\nsize of the passed buffer has not a fixed size. Through this bug, a BPF\nprogram can write to a map which is marked as read-only, for example,\n.rodata global maps.\n\nThe problem is that MEM_UNINIT\u0027s initial meaning that \"the passed buffer\nto the BPF helper does not need to be initialized\" which was added back\nin commit 435faee1aae9 (\"bpf, verifier: add ARG_PTR_TO_RAW_STACK type\")\ngot overloaded over time with \"the passed buffer is being written to\".\n\nThe problem however is that checks such as the above which were added later\nvia 06c1c049721a (\"bpf: allow helpers access to variable memory\") set meta\nto NULL in order force the user to always initialize the passed buffer to\nthe helper. Due to the current double meaning of MEM_UNINIT, this bypasses\nverifier write checks to the memory (not boundary checks though) and only\nassumes the latter memory is read instead.\n\nFix this by reverting MEM_UNINIT back to its original meaning, and having\nMEM_WRITE as an annotation to BPF helpers in order to then trigger the\nBPF verifier checks for writing to memory.\n\nSome notes: check_arg_pair_ok() ensures that for ARG_CONST_SIZE{,_OR_ZERO}\nwe can access fn-\u003earg_type[arg - 1] since it must contain a preceding\nARG_PTR_TO_MEM. For check_mem_reg() the meta argument can be removed\naltogether since we do check both BPF_READ and BPF_WRITE. Same for the\nequivalent check_kfunc_mem_size_reg().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-50164"
},
{
"cve": "CVE-2024-50298",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: allocate vf_state during PF probes\n\nIn the previous implementation, vf_state is allocated memory only when VF\nis enabled. However, net_device_ops::ndo_set_vf_mac() may be called before\nVF is enabled to configure the MAC address of VF. If this is the case,\nenetc_pf_set_vf_mac() will access vf_state, resulting in access to a null\npointer. The simplified error log is as follows.\n\nroot@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89\n[ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n[ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy\n[ 173.641973] lr : do_setlink+0x4a8/0xec8\n[ 173.732292] Call trace:\n[ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80\n[ 173.738847] __rtnl_newlink+0x530/0x89c\n[ 173.742692] rtnl_newlink+0x50/0x7c\n[ 173.746189] rtnetlink_rcv_msg+0x128/0x390\n[ 173.750298] netlink_rcv_skb+0x60/0x130\n[ 173.754145] rtnetlink_rcv+0x18/0x24\n[ 173.757731] netlink_unicast+0x318/0x380\n[ 173.761665] netlink_sendmsg+0x17c/0x3c8",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-50298"
},
{
"cve": "CVE-2024-53124",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-53170",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix uaf for flush rq while iterating tags\n\nblk_mq_clear_flush_rq_mapping() is not called during scsi probe, by\nchecking blk_queue_init_done(). However, QUEUE_FLAG_INIT_DONE is cleared\nin del_gendisk by commit aec89dc5d421 (\"block: keep q_usage_counter in\natomic mode after del_gendisk\"), hence for disk like scsi, following\nblk_mq_destroy_queue() will not clear flush rq from tags-\u003erqs[] as well,\ncause following uaf that is found by our syzkaller for v6.6:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in blk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\nRead of size 4 at addr ffff88811c969c20 by task kworker/1:2H/224909\n\nCPU: 1 PID: 224909 Comm: kworker/1:2H Not tainted 6.6.0-ga836a5060850 #32\nWorkqueue: kblockd blk_mq_timeout_work\nCall Trace:\n\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\nprint_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\nprint_report+0x3e/0x70 mm/kasan/report.c:475\nkasan_report+0xb8/0xf0 mm/kasan/report.c:588\nblk_mq_find_and_get_req+0x16e/0x1a0 block/blk-mq-tag.c:261\nbt_iter block/blk-mq-tag.c:288 [inline]\n__sbitmap_for_each_set include/linux/sbitmap.h:295 [inline]\nsbitmap_for_each_set include/linux/sbitmap.h:316 [inline]\nbt_for_each+0x455/0x790 block/blk-mq-tag.c:325\nblk_mq_queue_tag_busy_iter+0x320/0x740 block/blk-mq-tag.c:534\nblk_mq_timeout_work+0x1a3/0x7b0 block/blk-mq.c:1673\nprocess_one_work+0x7c4/0x1450 kernel/workqueue.c:2631\nprocess_scheduled_works kernel/workqueue.c:2704 [inline]\nworker_thread+0x804/0xe40 kernel/workqueue.c:2785\nkthread+0x346/0x450 kernel/kthread.c:388\nret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:293\n\nAllocated by task 942:\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n____kasan_kmalloc mm/kasan/common.c:374 [inline]\n__kasan_kmalloc mm/kasan/common.c:383 [inline]\n__kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:380\nkasan_kmalloc include/linux/kasan.h:198 [inline]\n__do_kmalloc_node mm/slab_common.c:1007 [inline]\n__kmalloc_node+0x69/0x170 mm/slab_common.c:1014\nkmalloc_node include/linux/slab.h:620 [inline]\nkzalloc_node include/linux/slab.h:732 [inline]\nblk_alloc_flush_queue+0x144/0x2f0 block/blk-flush.c:499\nblk_mq_alloc_hctx+0x601/0x940 block/blk-mq.c:3788\nblk_mq_alloc_and_init_hctx+0x27f/0x330 block/blk-mq.c:4261\nblk_mq_realloc_hw_ctxs+0x488/0x5e0 block/blk-mq.c:4294\nblk_mq_init_allocated_queue+0x188/0x860 block/blk-mq.c:4350\nblk_mq_init_queue_data block/blk-mq.c:4166 [inline]\nblk_mq_init_queue+0x8d/0x100 block/blk-mq.c:4176\nscsi_alloc_sdev+0x843/0xd50 drivers/scsi/scsi_scan.c:335\nscsi_probe_and_add_lun+0x77c/0xde0 drivers/scsi/scsi_scan.c:1189\n__scsi_scan_target+0x1fc/0x5a0 drivers/scsi/scsi_scan.c:1727\nscsi_scan_channel drivers/scsi/scsi_scan.c:1815 [inline]\nscsi_scan_channel+0x14b/0x1e0 drivers/scsi/scsi_scan.c:1791\nscsi_scan_host_selected+0x2fe/0x400 drivers/scsi/scsi_scan.c:1844\nscsi_scan+0x3a0/0x3f0 drivers/scsi/scsi_sysfs.c:151\nstore_scan+0x2a/0x60 drivers/scsi/scsi_sysfs.c:191\ndev_attr_store+0x5c/0x90 drivers/base/core.c:2388\nsysfs_kf_write+0x11c/0x170 fs/sysfs/file.c:136\nkernfs_fop_write_iter+0x3fc/0x610 fs/kernfs/file.c:338\ncall_write_iter include/linux/fs.h:2083 [inline]\nnew_sync_write+0x1b4/0x2d0 fs/read_write.c:493\nvfs_write+0x76c/0xb00 fs/read_write.c:586\nksys_write+0x127/0x250 fs/read_write.c:639\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\nentry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nFreed by task 244687:\nkasan_save_stack+0x22/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x50 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n__kasan_slab_free+0x12a/0x1b0 mm/kasan/common.c:244\nkasan_slab_free include/linux/kasan.h:164 [in\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-53170"
},
{
"cve": "CVE-2024-54458",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-56631",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Fix slab-use-after-free read in sg_release()\n\nFix a use-after-free bug in sg_release(), detected by syzbot with KASAN:\n\nBUG: KASAN: slab-use-after-free in lock_release+0x151/0xa30\nkernel/locking/lockdep.c:5838\n__mutex_unlock_slowpath+0xe2/0x750 kernel/locking/mutex.c:912\nsg_release+0x1f4/0x2e0 drivers/scsi/sg.c:407\n\nIn sg_release(), the function kref_put(\u0026sfp-\u003ef_ref, sg_remove_sfp) is\ncalled before releasing the open_rel_lock mutex. The kref_put() call may\ndecrement the reference count of sfp to zero, triggering its cleanup\nthrough sg_remove_sfp(). This cleanup includes scheduling deferred work\nvia sg_remove_sfp_usercontext(), which ultimately frees sfp.\n\nAfter kref_put(), sg_release() continues to unlock open_rel_lock and may\nreference sfp or sdp. If sfp has already been freed, this results in a\nslab-use-after-free error.\n\nMove the kref_put(\u0026sfp-\u003ef_ref, sg_remove_sfp) call after unlocking the\nopen_rel_lock mutex. This ensures:\n\n - No references to sfp or sdp occur after the reference count is\n decremented.\n\n - Cleanup functions such as sg_remove_sfp() and\n sg_remove_sfp_usercontext() can safely execute without impacting the\n mutex handling in sg_release().\n\nThe fix has been tested and validated by syzbot. This patch closes the\nbug reported at the following syzkaller link and ensures proper\nsequencing of resource cleanup and mutex operations, eliminating the\nrisk of use-after-free errors in sg_release().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-56631"
},
{
"cve": "CVE-2024-56703",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core\u2014indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56719",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-57917",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntopology: Keep the cpumask unchanged when printing cpumap\n\nDuring fuzz testing, the following warning was discovered:\n\n different return values (15 and 11) from vsnprintf(\"%*pbl\n \", ...)\n\n test:keyward is WARNING in kvasprintf\n WARNING: CPU: 55 PID: 1168477 at lib/kasprintf.c:30 kvasprintf+0x121/0x130\n Call Trace:\n kvasprintf+0x121/0x130\n kasprintf+0xa6/0xe0\n bitmap_print_to_buf+0x89/0x100\n core_siblings_list_read+0x7e/0xb0\n kernfs_file_read_iter+0x15b/0x270\n new_sync_read+0x153/0x260\n vfs_read+0x215/0x290\n ksys_read+0xb9/0x160\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nThe call trace shows that kvasprintf() reported this warning during the\nprinting of core_siblings_list. kvasprintf() has several steps:\n\n (1) First, calculate the length of the resulting formatted string.\n\n (2) Allocate a buffer based on the returned length.\n\n (3) Then, perform the actual string formatting.\n\n (4) Check whether the lengths of the formatted strings returned in\n steps (1) and (2) are consistent.\n\nIf the core_cpumask is modified between steps (1) and (3), the lengths\nobtained in these two steps may not match. Indeed our test includes cpu\nhotplugging, which should modify core_cpumask while printing.\n\nTo fix this issue, cache the cpumask into a temporary variable before\ncalling cpumap_print_{list, cpumask}_to_buf(), to keep it unchanged\nduring the printing process.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-57917"
},
{
"cve": "CVE-2024-57924",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem \u003eencode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when -\u003eencode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of -\u003eencode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels \u003c v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels \u003c v6.6.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57973",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemcg: fix soft lockup in the OOM process\n\nA soft lockup issue was found in the product with about 56,000 tasks were\nin the OOM cgroup, it was traversing them when the soft lockup was\ntriggered.\n\nwatchdog: BUG: soft lockup - CPU#2 stuck for 23s! [VM Thread:1503066]\nCPU: 2 PID: 1503066 Comm: VM Thread Kdump: loaded Tainted: G\nHardware name: Huawei Cloud OpenStack Nova, BIOS\nRIP: 0010:console_unlock+0x343/0x540\nRSP: 0000:ffffb751447db9a0 EFLAGS: 00000247 ORIG_RAX: ffffffffffffff13\nRAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000ffffffff\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000247\nRBP: ffffffffafc71f90 R08: 0000000000000000 R09: 0000000000000040\nR10: 0000000000000080 R11: 0000000000000000 R12: ffffffffafc74bd0\nR13: ffffffffaf60a220 R14: 0000000000000247 R15: 0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f2fe6ad91f0 CR3: 00000004b2076003 CR4: 0000000000360ee0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n vprintk_emit+0x193/0x280\n printk+0x52/0x6e\n dump_task+0x114/0x130\n mem_cgroup_scan_tasks+0x76/0x100\n dump_header+0x1fe/0x210\n oom_kill_process+0xd1/0x100\n out_of_memory+0x125/0x570\n mem_cgroup_out_of_memory+0xb5/0xd0\n try_charge+0x720/0x770\n mem_cgroup_try_charge+0x86/0x180\n mem_cgroup_try_charge_delay+0x1c/0x40\n do_anonymous_page+0xb5/0x390\n handle_mm_fault+0xc4/0x1f0\n\nThis is because thousands of processes are in the OOM cgroup, it takes a\nlong time to traverse all of them. As a result, this lead to soft lockup\nin the OOM process.\n\nTo fix this issue, call \u0027cond_resched\u0027 in the \u0027mem_cgroup_scan_tasks\u0027\nfunction per 1000 iterations. For global OOM, call\n\u0027touch_softlockup_watchdog\u0027 per 1000 iterations to avoid this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57979",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-58011",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58016",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsafesetid: check size of policy writes\n\nsyzbot attempts to write a buffer with a large size to a sysfs entry\nwith writes handled by handle_policy_update(), triggering a warning\nin kmalloc.\n\nCheck the size specified for write buffers before allocating.\n\n[PM: subject tweak]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58016"
},
{
"cve": "CVE-2024-58020",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58056",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58058",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58086",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21645",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it\n\nWakeup for IRQ1 should be disabled only in cases where i8042 had\nactually enabled it, otherwise \"wake_depth\" for this IRQ will try to\ndrop below zero and there will be an unpleasant WARN() logged:\n\nkernel: atkbd serio0: Disabling IRQ1 wakeup source to avoid platform firmware bug\nkernel: ------------[ cut here ]------------\nkernel: Unbalanced IRQ 1 wake disable\nkernel: WARNING: CPU: 10 PID: 6431 at kernel/irq/manage.c:920 irq_set_irq_wake+0x147/0x1a0\n\nThe PMC driver uses DEFINE_SIMPLE_DEV_PM_OPS() to define its dev_pm_ops\nwhich sets amd_pmc_suspend_handler() to the .suspend, .freeze, and\n.poweroff handlers. i8042_pm_suspend(), however, is only set as\nthe .suspend handler.\n\nFix the issue by call PMC suspend handler only from the same set of\ndev_pm_ops handlers as i8042_pm_suspend(), which currently means just\nthe .suspend handler.\n\nTo reproduce this issue try hibernating (S4) the machine after a fresh boot\nwithout putting it into s2idle first.\n\n[ij: edited the commit message.]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21645"
},
{
"cve": "CVE-2025-21648",
"cwe": {
"id": "CWE-789",
"name": "Memory Allocation with Excessive Size Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21655",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/eventfd: ensure io_eventfd_signal() defers another RCU period\n\nio_eventfd_do_signal() is invoked from an RCU callback, but when\ndropping the reference to the io_ev_fd, it calls io_eventfd_free()\ndirectly if the refcount drops to zero. This isn\u0027t correct, as any\npotential freeing of the io_ev_fd should be deferred another RCU grace\nperiod.\n\nJust call io_eventfd_put() rather than open-code the dec-and-test and\nfree, which will correctly defer it another RCU grace period.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21655"
},
{
"cve": "CVE-2025-21676",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: handle page_pool_dev_alloc_pages error\n\nThe fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did\nnot handle the case when it returned NULL. There was a WARN_ON(!new_page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis case does seem somewhat rare but when the system is under memory\npressure it can happen. One case where I can duplicate this with some\nfrequency is when writing over a smbd share to a SATA HDD attached to an\nimx6q.\n\nSetting /proc/sys/vm/min_free_kbytes to higher values also seems to solve\nthe problem for my test case. But it still seems wrong that the fec driver\nignores the memory allocation error and can crash.\n\nThis commit handles the allocation error by dropping the current packet.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21676"
},
{
"cve": "CVE-2025-21682",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: always recalculate features after XDP clearing, fix null-deref\n\nRecalculate features when XDP is detached.\n\nBefore:\n # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp\n # ip li set dev eth0 xdp off\n # ethtool -k eth0 | grep gro\n rx-gro-hw: off [requested on]\n\nAfter:\n # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp\n # ip li set dev eth0 xdp off\n # ethtool -k eth0 | grep gro\n rx-gro-hw: on\n\nThe fact that HW-GRO doesn\u0027t get re-enabled automatically is just\na minor annoyance. The real issue is that the features will randomly\ncome back during another reconfiguration which just happens to invoke\nnetdev_update_features(). The driver doesn\u0027t handle reconfiguring\ntwo things at a time very robustly.\n\nStarting with commit 98ba1d931f61 (\"bnxt_en: Fix RSS logic in\n__bnxt_reserve_rings()\") we only reconfigure the RSS hash table\nif the \"effective\" number of Rx rings has changed. If HW-GRO is\nenabled \"effective\" number of rings is 2x what user sees.\nSo if we are in the bad state, with HW-GRO re-enablement \"pending\"\nafter XDP off, and we lower the rings by / 2 - the HW-GRO rings\ndoing 2x and the ethtool -L doing / 2 may cancel each other out,\nand the:\n\n if (old_rx_rings != bp-\u003ehw_resc.resv_rx_rings \u0026\u0026\n\ncondition in __bnxt_reserve_rings() will be false.\nThe RSS map won\u0027t get updated, and we\u0027ll crash with:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000168\n RIP: 0010:__bnxt_hwrm_vnic_set_rss+0x13a/0x1a0\n bnxt_hwrm_vnic_rss_cfg_p5+0x47/0x180\n __bnxt_setup_vnic_p5+0x58/0x110\n bnxt_init_nic+0xb72/0xf50\n __bnxt_open_nic+0x40d/0xab0\n bnxt_open_nic+0x2b/0x60\n ethtool_set_channels+0x18c/0x1d0\n\nAs we try to access a freed ring.\n\nThe issue is present since XDP support was added, really, but\nprior to commit 98ba1d931f61 (\"bnxt_en: Fix RSS logic in\n__bnxt_reserve_rings()\") it wasn\u0027t causing major issues.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21682"
},
{
"cve": "CVE-2025-21702",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21705",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle fastopen disconnect correctly\n\nSyzbot was able to trigger a data stream corruption:\n\n WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Modules linked in:\n CPU: 0 UID: 0 PID: 9846 Comm: syz-executor351 Not tainted 6.13.0-rc2-syzkaller-00059-g00a5acdbf398 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\n RIP: 0010:__mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Code: fa ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 8e fa ff ff 48 8b 7c 24 18 e8 e0 db 54 f6 e9 7f fa ff ff e8 e6 80 ee f5 90 \u003c0f\u003e 0b 90 4c 8b 6c 24 40 4d 89 f4 e9 04 f5 ff ff 44 89 f1 80 e1 07\n RSP: 0018:ffffc9000c0cf400 EFLAGS: 00010293\n RAX: ffffffff8bb0dd5a RBX: ffff888033f5d230 RCX: ffff888059ce8000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000c0cf518 R08: ffffffff8bb0d1dd R09: 1ffff110170c8928\n R10: dffffc0000000000 R11: ffffed10170c8929 R12: 0000000000000000\n R13: ffff888033f5d220 R14: dffffc0000000000 R15: ffff8880592b8000\n FS: 00007f6e866496c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f6e86f491a0 CR3: 00000000310e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup+0x7f/0x2d0 net/mptcp/protocol.c:1074\n mptcp_release_cb+0x7cb/0xb30 net/mptcp/protocol.c:3493\n release_sock+0x1aa/0x1f0 net/core/sock.c:3640\n inet_wait_for_connect net/ipv4/af_inet.c:609 [inline]\n __inet_stream_connect+0x8bd/0xf30 net/ipv4/af_inet.c:703\n mptcp_sendmsg_fastopen+0x2a2/0x530 net/mptcp/protocol.c:1755\n mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1830\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f6e86ebfe69\n Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f6e86649168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6e86f491b8 RCX: 00007f6e86ebfe69\n RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003\n RBP: 00007f6e86f491b0 R08: 00007f6e866496c0 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e86f491bc\n R13: 000000000000006e R14: 00007ffe445d9420 R15: 00007ffe445d9508\n \u003c/TASK\u003e\n\nThe root cause is the bad handling of disconnect() generated internally\nby the MPTCP protocol in case of connect FASTOPEN errors.\n\nAddress the issue increasing the socket disconnect counter even on such\na case, to allow other threads waiting on the same socket lock to\nproperly error out.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21707",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: consolidate suboption status\n\nMPTCP maintains the received sub-options status is the bitmask carrying\nthe received suboptions and in several bitfields carrying per suboption\nadditional info.\n\nZeroing the bitmask before parsing is not enough to ensure a consistent\nstatus, and the MPTCP code has to additionally clear some bitfiled\ndepending on the actually parsed suboption.\n\nThe above schema is fragile, and syzbot managed to trigger a path where\na relevant bitfield is not cleared/initialized:\n\n BUG: KMSAN: uninit-value in __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n BUG: KMSAN: uninit-value in mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n BUG: KMSAN: uninit-value in ack_update_msk net/mptcp/options.c:1060 [inline]\n BUG: KMSAN: uninit-value in mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n ack_update_msk net/mptcp/options.c:1060 [inline]\n mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n tcp_data_queue+0xb4/0x7be0 net/ipv4/tcp_input.c:5233\n tcp_rcv_established+0x1061/0x2510 net/ipv4/tcp_input.c:6264\n tcp_v4_do_rcv+0x7f3/0x11a0 net/ipv4/tcp_ipv4.c:1916\n tcp_v4_rcv+0x51df/0x5750 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x2a3/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:460 [inline]\n ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core net/core/dev.c:5704 [inline]\n __netif_receive_skb+0x319/0xa00 net/core/dev.c:5817\n process_backlog+0x4ad/0xa50 net/core/dev.c:6149\n __napi_poll+0xe7/0x980 net/core/dev.c:6902\n napi_poll net/core/dev.c:6971 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:7093\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4493\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_hh_output include/net/neighbour.h:523 [inline]\n neigh_output include/net/neighbour.h:537 [inline]\n ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236\n __ip_finish_output+0x287/0x810\n ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434\n dst_output include/net/dst.h:450 [inline]\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536\n ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550\n __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1468\n tcp_transmit_skb net/ipv4/tcp_output.c:1486 [inline]\n tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2829\n __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3012\n tcp_send_fin+0x9f6/0xf50 net/ipv4/tcp_output.c:3618\n __tcp_close+0x140c/0x1550 net/ipv4/tcp.c:3130\n __mptcp_close_ssk+0x74e/0x16f0 net/mptcp/protocol.c:2496\n mptcp_close_ssk+0x26b/0x2c0 net/mptcp/protocol.c:2550\n mptcp_pm_nl_rm_addr_or_subflow+0x635/0xd10 net/mptcp/pm_netlink.c:889\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:924 [inline]\n mptcp_pm_flush_addrs_and_subflows net/mptcp/pm_netlink.c:1688 [inline]\n mptcp_nl_flush_addrs_list net/mptcp/pm_netlink.c:1709 [inline]\n mptcp_pm_nl_flush_addrs_doit+0xe10/0x1630 net/mptcp/pm_netlink.c:1750\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n \n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21707"
},
{
"cve": "CVE-2025-21718",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21731",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21758",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21760",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21764",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21780",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix hang in nfsd4_shutdown_callback\n\nIf nfs4_client is in courtesy state then there is no point to send\nthe callback. This causes nfsd4_shutdown_callback to hang since\ncl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP\nnotifies NFSD that the connection was dropped.\n\nThis patch modifies nfsd4_run_cb_work to skip the RPC call if\nnfs4_client is in courtesy state.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21802",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix oops when unload drivers paralleling\n\nWhen unload hclge driver, it tries to disable sriov first for each\nae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at\nthe time, because it removes all the ae_dev nodes, and it may cause\noops.\n\nBut we can\u0027t simply use hnae3_common_lock for this. Because in the\nprocess flow of pci_disable_sriov(), it will trigger the remove flow\nof VF, which will also take hnae3_common_lock.\n\nTo fixes it, introduce a new mutex to protect the unload process.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21814",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21846",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21853",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: avoid holding freeze_mutex during mmap operation\n\nWe use map-\u003efreeze_mutex to prevent races between map_freeze() and\nmemory mapping BPF map contents with writable permissions. The way we\nnaively do this means we\u0027ll hold freeze_mutex for entire duration of all\nthe mm and VMA manipulations, which is completely unnecessary. This can\npotentially also lead to deadlocks, as reported by syzbot in [0].\n\nSo, instead, hold freeze_mutex only during writeability checks, bump\n(proactively) \"write active\" count for the map, unlock the mutex and\nproceed with mmap logic. And only if something went wrong during mmap\nlogic, then undo that \"write active\" counter increment.\n\n [0] https://lore.kernel.org/bpf/678dcbc9.050a0220.303755.0066.GAE@google.com/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21853"
},
{
"cve": "CVE-2025-21861",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21864",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21867",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()\n\nKMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The\ncause of the issue was that eth_skb_pkt_type() accessed skb\u0027s data\nthat didn\u0027t contain an Ethernet header. This occurs when\nbpf_prog_test_run_xdp() passes an invalid value as the user_data\nargument to bpf_test_init().\n\nFix this by returning an error when user_data is less than ETH_HLEN in\nbpf_test_init(). Additionally, remove the check for \"if (user_size \u003e\nsize)\" as it is unnecessary.\n\n[1]\nBUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\nBUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\n eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635\n xdp_recv_frames net/bpf/test_run.c:272 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318\n bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371\n __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777\n __do_sys_bpf kernel/bpf/syscall.c:5866 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5864 [inline]\n __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864\n x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1056 [inline]\n free_unref_page+0x156/0x1320 mm/page_alloc.c:2657\n __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838\n bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline]\n ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235\n bpf_map_free kernel/bpf/syscall.c:838 [inline]\n bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310\n worker_thread+0xedf/0x1550 kernel/workqueue.c:3391\n kthread+0x535/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nCPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21867"
},
{
"cve": "CVE-2025-21875",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 \u003c0f\u003e 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21875"
},
{
"cve": "CVE-2025-21887",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper-\u003ed_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n \u003c/TASK\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21887"
},
{
"cve": "CVE-2025-21913",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn\u0027t offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results\nin the following warning:\n\n unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n Call Trace:\n xen_read_msr+0x1e/0x30\n amd_get_mmconfig_range+0x2b/0x80\n quirk_amd_mmconfig_area+0x28/0x100\n pnp_fixup_device+0x39/0x50\n __pnp_add_device+0xf/0x150\n pnp_add_device+0x3d/0x100\n pnpacpi_add_device_handler+0x1f9/0x280\n acpi_ns_get_device_callback+0x104/0x1c0\n acpi_ns_walk_namespace+0x1d0/0x260\n acpi_get_devices+0x8a/0xb0\n pnpacpi_init+0x50/0x80\n do_one_initcall+0x46/0x2e0\n kernel_init_freeable+0x1da/0x2f0\n kernel_init+0x16/0x1b0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device. Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21913"
},
{
"cve": "CVE-2025-21919",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21925",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: do not use skb_get() before dev_queue_xmit()\n\nsyzbot is able to crash hosts [1], using llc and devices\nnot supporting IFF_TX_SKB_SHARING.\n\nIn this case, e1000 driver calls eth_skb_pad(), while\nthe skb is shared.\n\nSimply replace skb_get() by skb_clone() in net/llc/llc_s_ac.c\n\nNote that e1000 driver might have an issue with pktgen,\nbecause it does not clear IFF_TX_SKB_SHARING, this is an\northogonal change.\n\nWe need to audit other skb_get() uses in net/llc.\n\n[1]\n\nkernel BUG at net/core/skbuff.c:2178 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 16371 Comm: syz.2.2764 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:pskb_expand_head+0x6ce/0x1240 net/core/skbuff.c:2178\nCall Trace:\n \u003cTASK\u003e\n __skb_pad+0x18a/0x610 net/core/skbuff.c:2466\n __skb_put_padto include/linux/skbuff.h:3843 [inline]\n skb_put_padto include/linux/skbuff.h:3862 [inline]\n eth_skb_pad include/linux/etherdevice.h:656 [inline]\n e1000_xmit_frame+0x2d99/0x5800 drivers/net/ethernet/intel/e1000/e1000_main.c:3128\n __netdev_start_xmit include/linux/netdevice.h:5151 [inline]\n netdev_start_xmit include/linux/netdevice.h:5160 [inline]\n xmit_one net/core/dev.c:3806 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3822\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:4045 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4621\n dev_queue_xmit include/linux/netdevice.h:3313 [inline]\n llc_sap_action_send_test_c+0x268/0x320 net/llc/llc_s_ac.c:144\n llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n llc_sap_state_process+0x239/0x510 net/llc/llc_sap.c:209\n llc_ui_sendmsg+0xd0d/0x14e0 net/llc/af_llc.c:993\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21925"
},
{
"cve": "CVE-2025-21926",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix ownership in __udp_gso_segment\n\nIn __udp_gso_segment the skb destructor is removed before segmenting the\nskb but the socket reference is kept as-is. This is an issue if the\noriginal skb is later orphaned as we can hit the following bug:\n\n kernel BUG at ./include/linux/skbuff.h:3312! (skb_orphan)\n RIP: 0010:ip_rcv_core+0x8b2/0xca0\n Call Trace:\n ip_rcv+0xab/0x6e0\n __netif_receive_skb_one_core+0x168/0x1b0\n process_backlog+0x384/0x1100\n __napi_poll.constprop.0+0xa1/0x370\n net_rx_action+0x925/0xe50\n\nThe above can happen following a sequence of events when using\nOpenVSwitch, when an OVS_ACTION_ATTR_USERSPACE action precedes an\nOVS_ACTION_ATTR_OUTPUT action:\n\n1. OVS_ACTION_ATTR_USERSPACE is handled (in do_execute_actions): the skb\n goes through queue_gso_packets and then __udp_gso_segment, where its\n destructor is removed.\n2. The segments\u0027 data are copied and sent to userspace.\n3. OVS_ACTION_ATTR_OUTPUT is handled (in do_execute_actions) and the\n same original skb is sent to its path.\n4. If it later hits skb_orphan, we hit the bug.\n\nFix this by also removing the reference to the socket in\n__udp_gso_segment.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21926"
},
{
"cve": "CVE-2025-21938",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix \u0027scheduling while atomic\u0027 in mptcp_pm_nl_append_new_local_addr\n\nIf multiple connection requests attempt to create an implicit mptcp\nendpoint in parallel, more than one caller may end up in\nmptcp_pm_nl_append_new_local_addr because none found the address in\nlocal_addr_list during their call to mptcp_pm_nl_get_local_id. In this\ncase, the concurrent new_local_addr calls may delete the address entry\ncreated by the previous caller. These deletes use synchronize_rcu, but\nthis is not permitted in some of the contexts where this function may be\ncalled. During packet recv, the caller may be in a rcu read critical\nsection and have preemption disabled.\n\nAn example stack:\n\n BUG: scheduling while atomic: swapper/2/0/0x00000302\n\n Call Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\n dump_stack (lib/dump_stack.c:124)\n __schedule_bug (kernel/sched/core.c:5943)\n schedule_debug.constprop.0 (arch/x86/include/asm/preempt.h:33 kernel/sched/core.c:5970)\n __schedule (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 kernel/sched/features.h:29 kernel/sched/core.c:6621)\n schedule (arch/x86/include/asm/preempt.h:84 kernel/sched/core.c:6804 kernel/sched/core.c:6818)\n schedule_timeout (kernel/time/timer.c:2160)\n wait_for_completion (kernel/sched/completion.c:96 kernel/sched/completion.c:116 kernel/sched/completion.c:127 kernel/sched/completion.c:148)\n __wait_rcu_gp (include/linux/rcupdate.h:311 kernel/rcu/update.c:444)\n synchronize_rcu (kernel/rcu/tree.c:3609)\n mptcp_pm_nl_append_new_local_addr (net/mptcp/pm_netlink.c:966 net/mptcp/pm_netlink.c:1061)\n mptcp_pm_nl_get_local_id (net/mptcp/pm_netlink.c:1164)\n mptcp_pm_get_local_id (net/mptcp/pm.c:420)\n subflow_check_req (net/mptcp/subflow.c:98 net/mptcp/subflow.c:213)\n subflow_v4_route_req (net/mptcp/subflow.c:305)\n tcp_conn_request (net/ipv4/tcp_input.c:7216)\n subflow_v4_conn_request (net/mptcp/subflow.c:651)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6709)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1934)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2334)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205 (discriminator 1))\n ip_local_deliver_finish (include/linux/rcupdate.h:813 net/ipv4/ip_input.c:234)\n ip_local_deliver (include/linux/netfilter.h:314 include/linux/netfilter.h:308 net/ipv4/ip_input.c:254)\n ip_sublist_rcv_finish (include/net/dst.h:461 net/ipv4/ip_input.c:580)\n ip_sublist_rcv (net/ipv4/ip_input.c:640)\n ip_list_rcv (net/ipv4/ip_input.c:675)\n __netif_receive_skb_list_core (net/core/dev.c:5583 net/core/dev.c:5631)\n netif_receive_skb_list_internal (net/core/dev.c:5685 net/core/dev.c:5774)\n napi_complete_done (include/linux/list.h:37 include/net/gro.h:449 include/net/gro.h:444 net/core/dev.c:6114)\n igb_poll (drivers/net/ethernet/intel/igb/igb_main.c:8244) igb\n __napi_poll (net/core/dev.c:6582)\n net_rx_action (net/core/dev.c:6653 net/core/dev.c:6787)\n handle_softirqs (kernel/softirq.c:553)\n __irq_exit_rcu (kernel/softirq.c:588 kernel/softirq.c:427 kernel/softirq.c:636)\n irq_exit_rcu (kernel/softirq.c:651)\n common_interrupt (arch/x86/kernel/irq.c:247 (discriminator 14))\n \u003c/IRQ\u003e\n\nThis problem seems particularly prevalent if the user advertises an\nendpoint that has a different external vs internal address. In the case\nwhere the external address is advertised and multiple connections\nalready exist, multiple subflow SYNs arrive in parallel which tends to\ntrigger the race during creation of the first local_addr_list entries\nwhich have the internal address instead.\n\nFix by skipping the replacement of an existing implicit local address if\ncalled via mptcp_pm_nl_get_local_id.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21938"
},
{
"cve": "CVE-2025-21959",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()\n\nSince commit b36e4523d4d5 (\"netfilter: nf_conncount: fix garbage\ncollection confirm race\"), `cpu` and `jiffies32` were introduced to\nthe struct nf_conncount_tuple.\n\nThe commit made nf_conncount_add() initialize `conn-\u003ecpu` and\n`conn-\u003ejiffies32` when allocating the struct.\nIn contrast, count_tree() was not changed to initialize them.\n\nBy commit 34848d5c896e (\"netfilter: nf_conncount: Split insert and\ntraversal\"), count_tree() was split and the relevant allocation\ncode now resides in insert_tree().\nInitialize `conn-\u003ecpu` and `conn-\u003ejiffies32` in insert_tree().\n\nBUG: KMSAN: uninit-value in find_or_evict net/netfilter/nf_conncount.c:117 [inline]\nBUG: KMSAN: uninit-value in __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n find_or_evict net/netfilter/nf_conncount.c:117 [inline]\n __nf_conncount_add+0xd9c/0x2850 net/netfilter/nf_conncount.c:143\n count_tree net/netfilter/nf_conncount.c:438 [inline]\n nf_conncount_count+0x82f/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ipv4/ip_input.c:669\n __netif_receive_skb_list_ptype net/core/dev.c:5936 [inline]\n __netif_receive_skb_list_core+0x15c5/0x1670 net/core/dev.c:5983\n __netif_receive_skb_list net/core/dev.c:6035 [inline]\n netif_receive_skb_list_internal+0x1085/0x1700 net/core/dev.c:6126\n netif_receive_skb_list+0x5a/0x460 net/core/dev.c:6178\n xdp_recv_frames net/bpf/test_run.c:280 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2e86/0x3480 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0xf1d/0x1ae0 net/bpf/test_run.c:1316\n bpf_prog_test_run+0x5e5/0xa30 kernel/bpf/syscall.c:4407\n __sys_bpf+0x6aa/0xd90 kernel/bpf/syscall.c:5813\n __do_sys_bpf kernel/bpf/syscall.c:5902 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5900 [inline]\n __ia32_sys_bpf+0xa0/0xe0 kernel/bpf/syscall.c:5900\n ia32_sys_call+0x394d/0x4180 arch/x86/include/generated/asm/syscalls_32.h:358\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0xb0/0x110 arch/x86/entry/common.c:387\n do_fast_syscall_32+0x38/0x80 arch/x86/entry/common.c:412\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:450\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4121 [inline]\n slab_alloc_node mm/slub.c:4164 [inline]\n kmem_cache_alloc_noprof+0x915/0xe10 mm/slub.c:4171\n insert_tree net/netfilter/nf_conncount.c:372 [inline]\n count_tree net/netfilter/nf_conncount.c:450 [inline]\n nf_conncount_count+0x1415/0x1e80 net/netfilter/nf_conncount.c:521\n connlimit_mt+0x7f6/0xbd0 net/netfilter/xt_connlimit.c:72\n __nft_match_eval net/netfilter/nft_compat.c:403 [inline]\n nft_match_eval+0x1a5/0x300 net/netfilter/nft_compat.c:433\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\n nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288\n nft_do_chain_ipv4+0x1a5/0x230 net/netfilter/nft_chain_filter.c:23\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\n nf_hook_slow_list+0x24d/0x860 net/netfilter/core.c:663\n NF_HOOK_LIST include/linux/netfilter.h:350 [inline]\n ip_sublist_rcv+0x17b7/0x17f0 net/ipv4/ip_input.c:633\n ip_list_rcv+0x9ef/0xa40 net/ip\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21959"
},
{
"cve": "CVE-2025-21999",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX\u0027s inode instantiation.\n\nThe bug is that pde-\u003eproc_ops don\u0027t belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde-\u003eproc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde-\u003eproc_ops-\u003e... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir-\u003ei_sb, de);\n mod-\u003eexit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode-\u003ei_mode))\n\t if (de-\u003eproc_ops-\u003eproc_read_iter)\n --\u003e As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don\u0027t do 2 atomic ops on the common path]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21999"
},
{
"cve": "CVE-2025-22005",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh-\u003enh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh-\u003ert6i_pcpu, resulting in memleak.\n\nLet\u0027s call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22005"
},
{
"cve": "CVE-2025-22015",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate: fix shmem xarray update during migration\n\nA shmem folio can be either in page cache or in swap cache, but not at the\nsame time. Namely, once it is in swap cache, folio-\u003emapping should be\nNULL, and the folio is no longer in a shmem mapping.\n\nIn __folio_migrate_mapping(), to determine the number of xarray entries to\nupdate, folio_test_swapbacked() is used, but that conflates shmem in page\ncache case and shmem in swap cache case. It leads to xarray multi-index\nentry corruption, since it turns a sibling entry to a normal entry during\nxas_store() (see [1] for a userspace reproduction). Fix it by only using\nfolio_test_swapcache() to determine whether xarray is storing swap cache\nentries or not to choose the right number of xarray entries to update.\n\n[1] https://lore.kernel.org/linux-mm/Z8idPCkaJW1IChjT@casper.infradead.org/\n\nNote:\nIn __split_huge_page(), folio_test_anon() \u0026\u0026 folio_test_swapcache() is\nused to get swap_cache address space, but that ignores the shmem folio in\nswap cache case. It could lead to NULL pointer dereferencing when a\nin-swap-cache shmem folio is split at __xa_store(), since\n!folio_test_anon() is true and folio-\u003emapping is NULL. But fortunately,\nits caller split_huge_page_to_list_to_order() bails out early with EBUSY\nwhen folio-\u003emapping is NULL. So no need to take care of it here.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22015"
},
{
"cve": "CVE-2025-22055",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix geneve_opt length integer overflow\n\nstruct geneve_opt uses 5 bit length for each single option, which\nmeans every vary size option should be smaller than 128 bytes.\n\nHowever, all current related Netlink policies cannot promise this\nlength condition and the attacker can exploit a exact 128-byte size\noption to *fake* a zero length option and confuse the parsing logic,\nfurther achieve heap out-of-bounds read.\n\nOne example crash log is like below:\n\n[ 3.905425] ==================================================================\n[ 3.905925] BUG: KASAN: slab-out-of-bounds in nla_put+0xa9/0xe0\n[ 3.906255] Read of size 124 at addr ffff888005f291cc by task poc/177\n[ 3.906646]\n[ 3.906775] CPU: 0 PID: 177 Comm: poc-oob-read Not tainted 6.1.132 #1\n[ 3.907131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 3.907784] Call Trace:\n[ 3.907925] \u003cTASK\u003e\n[ 3.908048] dump_stack_lvl+0x44/0x5c\n[ 3.908258] print_report+0x184/0x4be\n[ 3.909151] kasan_report+0xc5/0x100\n[ 3.909539] kasan_check_range+0xf3/0x1a0\n[ 3.909794] memcpy+0x1f/0x60\n[ 3.909968] nla_put+0xa9/0xe0\n[ 3.910147] tunnel_key_dump+0x945/0xba0\n[ 3.911536] tcf_action_dump_1+0x1c1/0x340\n[ 3.912436] tcf_action_dump+0x101/0x180\n[ 3.912689] tcf_exts_dump+0x164/0x1e0\n[ 3.912905] fw_dump+0x18b/0x2d0\n[ 3.913483] tcf_fill_node+0x2ee/0x460\n[ 3.914778] tfilter_notify+0xf4/0x180\n[ 3.915208] tc_new_tfilter+0xd51/0x10d0\n[ 3.918615] rtnetlink_rcv_msg+0x4a2/0x560\n[ 3.919118] netlink_rcv_skb+0xcd/0x200\n[ 3.919787] netlink_unicast+0x395/0x530\n[ 3.921032] netlink_sendmsg+0x3d0/0x6d0\n[ 3.921987] __sock_sendmsg+0x99/0xa0\n[ 3.922220] __sys_sendto+0x1b7/0x240\n[ 3.922682] __x64_sys_sendto+0x72/0x90\n[ 3.922906] do_syscall_64+0x5e/0x90\n[ 3.923814] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 3.924122] RIP: 0033:0x7e83eab84407\n[ 3.924331] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 3.925330] RSP: 002b:00007ffff505e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 3.925752] RAX: ffffffffffffffda RBX: 00007e83eaafa740 RCX: 00007e83eab84407\n[ 3.926173] RDX: 00000000000001a8 RSI: 00007ffff505e3c0 RDI: 0000000000000003\n[ 3.926587] RBP: 00007ffff505f460 R08: 00007e83eace1000 R09: 000000000000000c\n[ 3.926977] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffff505f3c0\n[ 3.927367] R13: 00007ffff505f5c8 R14: 00007e83ead1b000 R15: 00005d4fbbe6dcb8\n\nFix these issues by enforing correct length condition in related\npolicies.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22055"
},
{
"cve": "CVE-2025-22056",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22060",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: Prevent parser TCAM memory corruption\n\nProtect the parser TCAM/SRAM memory, and the cached (shadow) SRAM\ninformation, from concurrent modifications.\n\nBoth the TCAM and SRAM tables are indirectly accessed by configuring\nan index register that selects the row to read or write to. This means\nthat operations must be atomic in order to, e.g., avoid spreading\nwrites across multiple rows. Since the shadow SRAM array is used to\nfind free rows in the hardware table, it must also be protected in\norder to avoid TOCTOU errors where multiple cores allocate the same\nrow.\n\nThis issue was detected in a situation where `mvpp2_set_rx_mode()` ran\nconcurrently on two CPUs. In this particular case the\nMVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the\nclassifier unit to drop all incoming unicast - indicated by the\n`rx_classifier_drops` counter.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22060"
},
{
"cve": "CVE-2025-22083",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs-\u003evs_tpg);\nvs-\u003evs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -\u003e vhost_scsi_get_req -\u003e vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs-\u003evs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs-\u003evs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs-\u003evs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven\u0027t seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don\u0027t teardown the old target tpg mapping and just overwrite\nthe target name and the vs-\u003evs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2\u0027s\nname and we will only match that target\u0027s tpgs when we loop over the\nvs-\u003evs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it\u0027s already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22083"
},
{
"cve": "CVE-2025-22090",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()\n\nIf track_pfn_copy() fails, we already added the dst VMA to the maple\ntree. As fork() fails, we\u0027ll cleanup the maple tree, and stumble over\nthe dst VMA for which we neither performed any reservation nor copied\nany page tables.\n\nConsequently untrack_pfn() will see VM_PAT and try obtaining the\nPAT information from the page table -- which fails because the page\ntable was not copied.\n\nThe easiest fix would be to simply clear the VM_PAT flag of the dst VMA\nif track_pfn_copy() fails. However, the whole thing is about \"simply\"\nclearing the VM_PAT flag is shaky as well: if we passed track_pfn_copy()\nand performed a reservation, but copying the page tables fails, we\u0027ll\nsimply clear the VM_PAT flag, not properly undoing the reservation ...\nwhich is also wrong.\n\nSo let\u0027s fix it properly: set the VM_PAT flag only if the reservation\nsucceeded (leaving it clear initially), and undo the reservation if\nanything goes wrong while copying the page tables: clearing the VM_PAT\nflag after undoing the reservation.\n\nNote that any copied page table entries will get zapped when the VMA will\nget removed later, after copy_page_range() succeeded; as VM_PAT is not set\nthen, we won\u0027t try cleaning VM_PAT up once more and untrack_pfn() will be\nhappy. Note that leaving these page tables in place without a reservation\nis not a problem, as we are aborting fork(); this process will never run.\n\nA reproducer can trigger this usually at the first try:\n\n https://gitlab.com/davidhildenbrand/scratchspace/-/raw/main/reproducers/pat_fork.c\n\n WARNING: CPU: 26 PID: 11650 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0xf6/0x110\n Modules linked in: ...\n CPU: 26 UID: 0 PID: 11650 Comm: repro3 Not tainted 6.12.0-rc5+ #92\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:get_pat_info+0xf6/0x110\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n untrack_pfn+0x52/0x110\n unmap_single_vma+0xa6/0xe0\n unmap_vmas+0x105/0x1f0\n exit_mmap+0xf6/0x460\n __mmput+0x4b/0x120\n copy_process+0x1bf6/0x2aa0\n kernel_clone+0xab/0x440\n __do_sys_clone+0x66/0x90\n do_syscall_64+0x95/0x180\n\nLikely this case was missed in:\n\n d155df53f310 (\"x86/mm/pat: clear VM_PAT if copy_p4d_range failed\")\n\n... and instead of undoing the reservation we simply cleared the VM_PAT flag.\n\nKeep the documentation of these functions in include/linux/pgtable.h,\none place is more than sufficient -- we should clean that up for the other\nfunctions like track_pfn_remap/untrack_pfn separately.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22090"
},
{
"cve": "CVE-2025-22095",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: brcmstb: Fix error path after a call to regulator_bulk_get()\n\nIf the regulator_bulk_get() returns an error and no regulators\nare created, we need to set their number to zero.\n\nIf we don\u0027t do this and the PCIe link up fails, a call to the\nregulator_bulk_free() will result in a kernel panic.\n\nWhile at it, print the error value, as we cannot return an error\nupwards as the kernel will WARN() on an error from add_bus().\n\n[kwilczynski: commit log, use comma in the message to match style with\nother similar messages]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22095"
},
{
"cve": "CVE-2025-22107",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()\n\nThere are actually 2 problems:\n- deleting the last element doesn\u0027t require the memmove of elements\n [i + 1, end) over it. Actually, element i+1 is out of bounds.\n- The memmove itself should move size - i - 1 elements, because the last\n element is out of bounds.\n\nThe out-of-bounds element still remains out of bounds after being\naccessed, so the problem is only that we touch it, not that it becomes\nin active use. But I suppose it can lead to issues if the out-of-bounds\nelement is part of an unmapped page.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22107"
},
{
"cve": "CVE-2025-22111",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.\n\nSIOCBRDELIF is passed to dev_ioctl() first and later forwarded to\nbr_ioctl_call(), which causes unnecessary RTNL dance and the splat\nbelow [0] under RTNL pressure.\n\nLet\u0027s say Thread A is trying to detach a device from a bridge and\nThread B is trying to remove the bridge.\n\nIn dev_ioctl(), Thread A bumps the bridge device\u0027s refcnt by\nnetdev_hold() and releases RTNL because the following br_ioctl_call()\nalso re-acquires RTNL.\n\nIn the race window, Thread B could acquire RTNL and try to remove\nthe bridge device. Then, rtnl_unlock() by Thread B will release RTNL\nand wait for netdev_put() by Thread A.\n\nThread A, however, must hold RTNL after the unlock in dev_ifsioc(),\nwhich may take long under RTNL pressure, resulting in the splat by\nThread B.\n\n Thread A (SIOCBRDELIF) Thread B (SIOCBRDELBR)\n ---------------------- ----------------------\n sock_ioctl sock_ioctl\n `- sock_do_ioctl `- br_ioctl_call\n `- dev_ioctl `- br_ioctl_stub\n |- rtnl_lock |\n |- dev_ifsioc \u0027\n \u0027 |- dev = __dev_get_by_name(...)\n |- netdev_hold(dev, ...) .\n / |- rtnl_unlock ------. |\n | |- br_ioctl_call `---\u003e |- rtnl_lock\n Race | | `- br_ioctl_stub |- br_del_bridge\n Window | | | |- dev = __dev_get_by_name(...)\n | | | May take long | `- br_dev_delete(dev, ...)\n | | | under RTNL pressure | `- unregister_netdevice_queue(dev, ...)\n | | | | `- rtnl_unlock\n \\ | |- rtnl_lock \u003c-\u0027 `- netdev_run_todo\n | |- ... `- netdev_run_todo\n | `- rtnl_unlock |- __rtnl_unlock\n | |- netdev_wait_allrefs_any\n |- netdev_put(dev, ...) \u003c----------------\u0027\n Wait refcnt decrement\n and log splat below\n\nTo avoid blocking SIOCBRDELBR unnecessarily, let\u0027s not call\ndev_ioctl() for SIOCBRADDIF and SIOCBRDELIF.\n\nIn the dev_ioctl() path, we do the following:\n\n 1. Copy struct ifreq by get_user_ifreq in sock_do_ioctl()\n 2. Check CAP_NET_ADMIN in dev_ioctl()\n 3. Call dev_load() in dev_ioctl()\n 4. Fetch the master dev from ifr.ifr_name in dev_ifsioc()\n\n3. can be done by request_module() in br_ioctl_call(), so we move\n1., 2., and 4. to br_ioctl_stub().\n\nNote that 2. is also checked later in add_del_if(), but it\u0027s better\nperformed before RTNL.\n\nSIOCBRADDIF and SIOCBRDELIF have been processed in dev_ioctl() since\nthe pre-git era, and there seems to be no specific reason to process\nthem there.\n\n[0]:\nunregister_netdevice: waiting for wpan3 to become free. Usage count = 2\nref_tracker: wpan3@ffff8880662d8608 has 1/1 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4282 [inline]\n netdev_hold include/linux/netdevice.h:4311 [inline]\n dev_ifsioc+0xc6a/0x1160 net/core/dev_ioctl.c:624\n dev_ioctl+0x255/0x10c0 net/core/dev_ioctl.c:826\n sock_do_ioctl+0x1ca/0x260 net/socket.c:1213\n sock_ioctl+0x23a/0x6c0 net/socket.c:1318\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x1a4/0x210 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22111"
},
{
"cve": "CVE-2025-22121",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()\n\nThere\u0027s issue as follows:\nBUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790\nRead of size 4 at addr ffff88807b003000 by task syz-executor.0/15172\n\nCPU: 3 PID: 15172 Comm: syz-executor.0\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0xbe/0xfd lib/dump_stack.c:123\n print_address_description.constprop.0+0x1e/0x280 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n ext4_xattr_inode_dec_ref_all+0x6ff/0x790 fs/ext4/xattr.c:1137\n ext4_xattr_delete_inode+0x4c7/0xda0 fs/ext4/xattr.c:2896\n ext4_evict_inode+0xb3b/0x1670 fs/ext4/inode.c:323\n evict+0x39f/0x880 fs/inode.c:622\n iput_final fs/inode.c:1746 [inline]\n iput fs/inode.c:1772 [inline]\n iput+0x525/0x6c0 fs/inode.c:1758\n ext4_orphan_cleanup fs/ext4/super.c:3298 [inline]\n ext4_fill_super+0x8c57/0xba40 fs/ext4/super.c:5300\n mount_bdev+0x355/0x410 fs/super.c:1446\n legacy_get_tree+0xfe/0x220 fs/fs_context.c:611\n vfs_get_tree+0x8d/0x2f0 fs/super.c:1576\n do_new_mount fs/namespace.c:2983 [inline]\n path_mount+0x119a/0x1ad0 fs/namespace.c:3316\n do_mount+0xfc/0x110 fs/namespace.c:3329\n __do_sys_mount fs/namespace.c:3540 [inline]\n __se_sys_mount+0x219/0x2e0 fs/namespace.c:3514\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nMemory state around the buggy address:\n ffff88807b002f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff88807b002f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effff88807b003000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ^\n ffff88807b003080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff88807b003100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\nAbove issue happens as ext4_xattr_delete_inode() isn\u0027t check xattr\nis valid if xattr is in inode.\nTo solve above issue call xattr_check_inode() check if xattr if valid\nin inode. In fact, we can directly verify in ext4_iget_extra_inode(),\nso that there is no divergent verification.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-22121"
},
{
"cve": "CVE-2025-23136",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-23136"
},
{
"cve": "CVE-2025-23143",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod.\n\nWhen I ran the repro [0] and waited a few seconds, I observed two\nLOCKDEP splats: a warning immediately followed by a null-ptr-deref. [1]\n\nReproduction Steps:\n\n 1) Mount CIFS\n 2) Add an iptables rule to drop incoming FIN packets for CIFS\n 3) Unmount CIFS\n 4) Unload the CIFS module\n 5) Remove the iptables rule\n\nAt step 3), the CIFS module calls sock_release() for the underlying\nTCP socket, and it returns quickly. However, the socket remains in\nFIN_WAIT_1 because incoming FIN packets are dropped.\n\nAt this point, the module\u0027s refcnt is 0 while the socket is still\nalive, so the following rmmod command succeeds.\n\n # ss -tan\n State Recv-Q Send-Q Local Address:Port Peer Address:Port\n FIN-WAIT-1 0 477 10.0.2.15:51062 10.0.0.137:445\n\n # lsmod | grep cifs\n cifs 1159168 0\n\nThis highlights a discrepancy between the lifetime of the CIFS module\nand the underlying TCP socket. Even after CIFS calls sock_release()\nand it returns, the TCP socket does not die immediately in order to\nclose the connection gracefully.\n\nWhile this is generally fine, it causes an issue with LOCKDEP because\nCIFS assigns a different lock class to the TCP socket\u0027s sk-\u003esk_lock\nusing sock_lock_init_class_and_name().\n\nOnce an incoming packet is processed for the socket or a timer fires,\nsk-\u003esk_lock is acquired.\n\nThen, LOCKDEP checks the lock context in check_wait_context(), where\nhlock_class() is called to retrieve the lock class. However, since\nthe module has already been unloaded, hlock_class() logs a warning\nand returns NULL, triggering the null-ptr-deref.\n\nIf LOCKDEP is enabled, we must ensure that a module calling\nsock_lock_init_class_and_name() (CIFS, NFS, etc) cannot be unloaded\nwhile such a socket is still alive to prevent this issue.\n\nLet\u0027s hold the module reference in sock_lock_init_class_and_name()\nand release it when the socket is freed in sk_prot_free().\n\nNote that sock_lock_init() clears sk-\u003esk_owner for svc_create_socket()\nthat calls sock_lock_init_class_and_name() for a listening socket,\nwhich clones a socket by sk_clone_lock() without GFP_ZERO.\n\n[0]:\nCIFS_SERVER=\"10.0.0.137\"\nCIFS_PATH=\"//${CIFS_SERVER}/Users/Administrator/Desktop/CIFS_TEST\"\nDEV=\"enp0s3\"\nCRED=\"/root/WindowsCredential.txt\"\n\nMNT=$(mktemp -d /tmp/XXXXXX)\nmount -t cifs ${CIFS_PATH} ${MNT} -o vers=3.0,credentials=${CRED},cache=none,echo_interval=1\n\niptables -A INPUT -s ${CIFS_SERVER} -j DROP\n\nfor i in $(seq 10);\ndo\n umount ${MNT}\n rmmod cifs\n sleep 1\ndone\n\nrm -r ${MNT}\n\niptables -D INPUT -s ${CIFS_SERVER} -j DROP\n\n[1]:\nDEBUG_LOCKS_WARN_ON(1)\nWARNING: CPU: 10 PID: 0 at kernel/locking/lockdep.c:234 hlock_class (kernel/locking/lockdep.c:234 kernel/locking/lockdep.c:223)\nModules linked in: cifs_arc4 nls_ucs2_utils cifs_md4 [last unloaded: cifs]\nCPU: 10 UID: 0 PID: 0 Comm: swapper/10 Not tainted 6.14.0 #36\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:hlock_class (kernel/locking/lockdep.c:234 kernel/locking/lockdep.c:223)\n...\nCall Trace:\n \u003cIRQ\u003e\n __lock_acquire (kernel/locking/lockdep.c:4853 kernel/locking/lockdep.c:5178)\n lock_acquire (kernel/locking/lockdep.c:469 kernel/locking/lockdep.c:5853 kernel/locking/lockdep.c:5816)\n _raw_spin_lock_nested (kernel/locking/spinlock.c:379)\n tcp_v4_rcv (./include/linux/skbuff.h:1678 ./include/net/tcp.h:2547 net/ipv4/tcp_ipv4.c:2350)\n...\n\nBUG: kernel NULL pointer dereference, address: 00000000000000c4\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 0\nOops: Oops: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 10 UID: 0 PID: 0 Comm: swapper/10 Tainted: G W 6.14.0 #36\nTainted: [W]=WARN\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:__lock_acquire (kernel/\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-23143"
},
{
"cve": "CVE-2025-37785",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains \u0027.\u0027 dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least \u0027.\u0027\nand \u0027..\u0027 as directory entries in the first data block. It first loads\nthe \u0027.\u0027 dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of \u0027..\u0027 dir\nentry (in ext4_next_entry). It assumes the \u0027..\u0027 dir entry fits into the\nsame data block.\n\nIf the rec_len of \u0027.\u0027 is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for \u0027.\u0027 dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \u003cTASK\u003e\n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37785"
},
{
"cve": "CVE-2025-37909",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Fix memleak issue when GSO enabled\n\nAlways map the `skb` to the LS descriptor. Previously skb was\nmapped to EXT descriptor when the number of fragments is zero with\nGSO enabled. Mapping the skb to EXT descriptor prevents it from\nbeing freed, leading to a memory leak",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37909"
},
{
"cve": "CVE-2025-37917",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll\n\nUse spin_lock_irqsave and spin_unlock_irqrestore instead of spin_lock\nand spin_unlock in mtk_star_emac driver to avoid spinlock recursion\noccurrence that can happen when enabling the DMA interrupts again in\nrx/tx poll.\n\n```\nBUG: spinlock recursion on CPU#0, swapper/0/0\n lock: 0xffff00000db9cf20, .magic: dead4ead, .owner: swapper/0/0,\n .owner_cpu: 0\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted\n 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty #28 PREEMPT\nHardware name: MediaTek MT8365 Open Platform EVK (DT)\nCall trace:\n show_stack+0x18/0x24 (C)\n dump_stack_lvl+0x60/0x80\n dump_stack+0x18/0x24\n spin_dump+0x78/0x88\n do_raw_spin_lock+0x11c/0x120\n _raw_spin_lock+0x20/0x2c\n mtk_star_handle_irq+0xc0/0x22c [mtk_star_emac]\n __handle_irq_event_percpu+0x48/0x140\n handle_irq_event+0x4c/0xb0\n handle_fasteoi_irq+0xa0/0x1bc\n handle_irq_desc+0x34/0x58\n generic_handle_domain_irq+0x1c/0x28\n gic_handle_irq+0x4c/0x120\n do_interrupt_handler+0x50/0x84\n el1_interrupt+0x34/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n regmap_mmio_read32le+0xc/0x20 (P)\n _regmap_bus_reg_read+0x6c/0xac\n _regmap_read+0x60/0xdc\n regmap_read+0x4c/0x80\n mtk_star_rx_poll+0x2f4/0x39c [mtk_star_emac]\n __napi_poll+0x38/0x188\n net_rx_action+0x164/0x2c0\n handle_softirqs+0x100/0x244\n __do_softirq+0x14/0x20\n ____do_softirq+0x10/0x20\n call_on_irq_stack+0x24/0x64\n do_softirq_own_stack+0x1c/0x40\n __irq_exit_rcu+0xd4/0x10c\n irq_exit_rcu+0x10/0x1c\n el1_interrupt+0x38/0x68\n el1h_64_irq_handler+0x18/0x24\n el1h_64_irq+0x6c/0x70\n cpuidle_enter_state+0xac/0x320 (P)\n cpuidle_enter+0x38/0x50\n do_idle+0x1e4/0x260\n cpu_startup_entry+0x34/0x3c\n rest_init+0xdc/0xe0\n console_on_rootfs+0x0/0x6c\n __primary_switched+0x88/0x90\n```",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37917"
},
{
"cve": "CVE-2025-37945",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY\n\nDSA has 2 kinds of drivers:\n\n1. Those who call dsa_switch_suspend() and dsa_switch_resume() from\n their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz\n2. Those who don\u0027t: all others. The above methods should be optional.\n\nFor type 1, dsa_switch_suspend() calls dsa_user_suspend() -\u003e phylink_stop(),\nand dsa_switch_resume() calls dsa_user_resume() -\u003e phylink_start().\nThese seem good candidates for setting mac_managed_pm = true because\nthat is essentially its definition [1], but that does not seem to be the\nbiggest problem for now, and is not what this change focuses on.\n\nTalking strictly about the 2nd category of DSA drivers here (which\ndo not have MAC managed PM, meaning that for their attached PHYs,\nmdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full),\nI have noticed that the following warning from mdio_bus_phy_resume() is\ntriggered:\n\n\tWARN_ON(phydev-\u003estate != PHY_HALTED \u0026\u0026 phydev-\u003estate != PHY_READY \u0026\u0026\n\t\tphydev-\u003estate != PHY_UP);\n\nbecause the PHY state machine is running.\n\nIt\u0027s running as a result of a previous dsa_user_open() -\u003e ... -\u003e\nphylink_start() -\u003e phy_start() having been initiated by the user.\n\nThe previous mdio_bus_phy_suspend() was supposed to have called\nphy_stop_machine(), but it didn\u0027t. So this is why the PHY is in state\nPHY_NOLINK by the time mdio_bus_phy_resume() runs.\n\nmdio_bus_phy_suspend() did not call phy_stop_machine() because for\nphylink, the phydev-\u003eadjust_link function pointer is NULL. This seems a\ntechnicality introduced by commit fddd91016d16 (\"phylib: fix PAL state\nmachine restart on resume\"). That commit was written before phylink\nexisted, and was intended to avoid crashing with consumer drivers which\ndon\u0027t use the PHY state machine - phylink always does, when using a PHY.\nBut phylink itself has historically not been developed with\nsuspend/resume in mind, and apparently not tested too much in that\nscenario, allowing this bug to exist unnoticed for so long. Plus, prior\nto the WARN_ON(), it would have likely been invisible.\n\nThis issue is not in fact restricted to type 2 DSA drivers (according to\nthe above ad-hoc classification), but can be extrapolated to any MAC\ndriver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where\nthe issue was reported. Assuming mac_managed_pm is set correctly, a\nquick search indicates the following other drivers might be affected:\n\n$ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm\ndrivers/net/ethernet/atheros/ag71xx.c\ndrivers/net/ethernet/microchip/sparx5/sparx5_main.c\ndrivers/net/ethernet/microchip/lan966x/lan966x_main.c\ndrivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c\ndrivers/net/ethernet/freescale/fs_enet/fs_enet-main.c\ndrivers/net/ethernet/freescale/dpaa/dpaa_eth.c\ndrivers/net/ethernet/freescale/ucc_geth.c\ndrivers/net/ethernet/freescale/enetc/enetc_pf_common.c\ndrivers/net/ethernet/marvell/mvpp2/mvpp2_main.c\ndrivers/net/ethernet/marvell/mvneta.c\ndrivers/net/ethernet/marvell/prestera/prestera_main.c\ndrivers/net/ethernet/mediatek/mtk_eth_soc.c\ndrivers/net/ethernet/altera/altera_tse_main.c\ndrivers/net/ethernet/wangxun/txgbe/txgbe_phy.c\ndrivers/net/ethernet/meta/fbnic/fbnic_phylink.c\ndrivers/net/ethernet/tehuti/tn40_phy.c\ndrivers/net/ethernet/mscc/ocelot_net.c\n\nMake the existing conditions dependent on the PHY device having a\nphydev-\u003ephy_link_change() implementation equal to the default\nphy_link_change() provided by phylib. Otherwise, we implicitly know that\nthe phydev has the phylink-provided phylink_phy_change() callback, and\nwhen phylink is used, the PHY state machine always needs to be stopped/\nstarted on the suspend/resume path. The code is structured as such that\nif phydev-\u003ephy_link_change() is absent, it is a matter of time until the\nkernel will crash - no need to further complicate the test.\n\nThus, for the situation where the PM is not managed b\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37945"
},
{
"cve": "CVE-2025-37959",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Scrub packet on bpf_redirect_peer\n\nWhen bpf_redirect_peer is used to redirect packets to a device in\nanother network namespace, the skb isn\u0027t scrubbed. That can lead skb\ninformation from one namespace to be \"misused\" in another namespace.\n\nAs one example, this is causing Cilium to drop traffic when using\nbpf_redirect_peer to redirect packets that just went through IPsec\ndecryption to a container namespace. The following pwru trace shows (1)\nthe packet path from the host\u0027s XFRM layer to the container\u0027s XFRM\nlayer where it\u0027s dropped and (2) the number of active skb extensions at\neach function.\n\n NETNS MARK IFACE TUPLE FUNC\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 xfrm4_rcv_cb\n .active_extensions = (__u8)2,\n 4026533547 d00 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 gro_cells_receive\n .active_extensions = (__u8)2,\n [...]\n 4026533547 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 skb_do_redirect\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 ip_rcv_core\n .active_extensions = (__u8)2,\n [...]\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 udp_queue_rcv_one_skb\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_policy_check\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 __xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 security_xfrm_decode_session\n .active_extensions = (__u8)2,\n 4026534999 0 eth0 10.244.3.124:35473-\u003e10.244.2.158:53 kfree_skb_reason(SKB_DROP_REASON_XFRM_POLICY)\n .active_extensions = (__u8)2,\n\nIn this case, there are no XFRM policies in the container\u0027s network\nnamespace so the drop is unexpected. When we decrypt the IPsec packet,\nthe XFRM state used for decryption is set in the skb extensions. This\ninformation is preserved across the netns switch. When we reach the\nXFRM policy check in the container\u0027s netns, __xfrm_policy_check drops\nthe packet with LINUX_MIB_XFRMINNOPOLS because a (container-side) XFRM\npolicy can\u0027t be found that matches the (host-side) XFRM state used for\ndecryption.\n\nThis patch fixes this by scrubbing the packet when using\nbpf_redirect_peer, as is done on typical netns switches via veth\ndevices except skb-\u003emark and skb-\u003etstamp are not zeroed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37959"
},
{
"cve": "CVE-2025-37964",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Eliminate window where TLB flushes may be inadvertently skipped\n\ntl;dr: There is a window in the mm switching code where the new CR3 is\nset and the CPU should be getting TLB flushes for the new mm. But\nshould_flush_tlb() has a bug and suppresses the flush. Fix it by\nwidening the window where should_flush_tlb() sends an IPI.\n\nLong Version:\n\n=== History ===\n\nThere were a few things leading up to this.\n\nFirst, updating mm_cpumask() was observed to be too expensive, so it was\nmade lazier. But being lazy caused too many unnecessary IPIs to CPUs\ndue to the now-lazy mm_cpumask(). So code was added to cull\nmm_cpumask() periodically[2]. But that culling was a bit too aggressive\nand skipped sending TLB flushes to CPUs that need them. So here we are\nagain.\n\n=== Problem ===\n\nThe too-aggressive code in should_flush_tlb() strikes in this window:\n\n\t// Turn on IPIs for this CPU/mm combination, but only\n\t// if should_flush_tlb() agrees:\n\tcpumask_set_cpu(cpu, mm_cpumask(next));\n\n\tnext_tlb_gen = atomic64_read(\u0026next-\u003econtext.tlb_gen);\n\tchoose_new_asid(next, next_tlb_gen, \u0026new_asid, \u0026need_flush);\n\tload_new_mm_cr3(need_flush);\n\t// ^ After \u0027need_flush\u0027 is set to false, IPIs *MUST*\n\t// be sent to this CPU and not be ignored.\n\n this_cpu_write(cpu_tlbstate.loaded_mm, next);\n\t// ^ Not until this point does should_flush_tlb()\n\t// become true!\n\nshould_flush_tlb() will suppress TLB flushes between load_new_mm_cr3()\nand writing to \u0027loaded_mm\u0027, which is a window where they should not be\nsuppressed. Whoops.\n\n=== Solution ===\n\nThankfully, the fuzzy \"just about to write CR3\" window is already marked\nwith loaded_mm==LOADED_MM_SWITCHING. Simply checking for that state in\nshould_flush_tlb() is sufficient to ensure that the CPU is targeted with\nan IPI.\n\nThis will cause more TLB flush IPIs. But the window is relatively small\nand I do not expect this to cause any kind of measurable performance\nimpact.\n\nUpdate the comment where LOADED_MM_SWITCHING is written since it grew\nyet another user.\n\nPeter Z also raised a concern that should_flush_tlb() might not observe\n\u0027loaded_mm\u0027 and \u0027is_lazy\u0027 in the same order that switch_mm_irqs_off()\nwrites them. Add a barrier to ensure that they are observed in the\norder they are written.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37964"
},
{
"cve": "CVE-2025-37972",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: mtk-pmic-keys - fix possible null pointer dereference\n\nIn mtk_pmic_keys_probe, the regs parameter is only set if the button is\nparsed in the device tree. However, on hardware where the button is left\nfloating, that node will most likely be removed not to enable that\ninput. In that case the code will try to dereference a null pointer.\n\nLet\u0027s use the regs struct instead as it is defined for all supported\nplatforms. Note that it is ok setting the key reg even if that latter is\ndisabled as the interrupt won\u0027t be enabled anyway.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37972"
},
{
"cve": "CVE-2025-37980",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-38125",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: make sure that ptp_rate is not 0 before configuring EST\n\nIf the ptp_rate recorded earlier in the driver happens to be 0, this\nbogus value will propagate up to EST configuration, where it will\ntrigger a division by 0.\n\nPrevent this division by 0 by adding the corresponding check and error\ncode.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38125"
},
{
"cve": "CVE-2025-38162",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: prevent overflow in lookup table allocation\n\nWhen calculating the lookup table size, ensure the following\nmultiplication does not overflow:\n\n- desc-\u003efield_len[] maximum value is U8_MAX multiplied by\n NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case.\n- NFT_PIPAPO_BUCKETS(f-\u003ebb) is 2^8, worst case.\n- sizeof(unsigned long), from sizeof(*f-\u003elt), lt in\n struct nft_pipapo_field.\n\nThen, use check_mul_overflow() to multiply by bucket size and then use\ncheck_add_overflow() to the alignment for avx2 (if needed). Finally, add\nlt_size_check_overflow() helper and use it to consolidate this.\n\nWhile at it, replace leftover allocation using the GFP_KERNEL to\nGFP_KERNEL_ACCOUNT for consistency, in pipapo_resize().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38162"
},
{
"cve": "CVE-2025-38192",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: clear the dst when changing skb protocol\n\nA not-so-careful NAT46 BPF program can crash the kernel\nif it indiscriminately flips ingress packets from v4 to v6:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n ip6_rcv_core (net/ipv6/ip6_input.c:190:20)\n ipv6_rcv (net/ipv6/ip6_input.c:306:8)\n process_backlog (net/core/dev.c:6186:4)\n napi_poll (net/core/dev.c:6906:9)\n net_rx_action (net/core/dev.c:7028:13)\n do_softirq (kernel/softirq.c:462:3)\n netif_rx (net/core/dev.c:5326:3)\n dev_loopback_xmit (net/core/dev.c:4015:2)\n ip_mc_finish_output (net/ipv4/ip_output.c:363:8)\n NF_HOOK (./include/linux/netfilter.h:314:9)\n ip_mc_output (net/ipv4/ip_output.c:400:5)\n dst_output (./include/net/dst.h:459:9)\n ip_local_out (net/ipv4/ip_output.c:130:9)\n ip_send_skb (net/ipv4/ip_output.c:1496:8)\n udp_send_skb (net/ipv4/udp.c:1040:8)\n udp_sendmsg (net/ipv4/udp.c:1328:10)\n\nThe output interface has a 4-\u003e6 program attached at ingress.\nWe try to loop the multicast skb back to the sending socket.\nIngress BPF runs as part of netif_rx(), pushes a valid v6 hdr\nand changes skb-\u003eprotocol to v6. We enter ip6_rcv_core which\ntries to use skb_dst(). But the dst is still an IPv4 one left\nafter IPv4 mcast output.\n\nClear the dst in all BPF helpers which change the protocol.\nTry to preserve metadata dsts, those may carry non-routing\nmetadata.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38192"
},
{
"cve": "CVE-2025-38201",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38232",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix race between nfsd registration and exports_proc\n\nAs of now nfsd calls create_proc_exports_entry() at start of init_nfsd\nand cleanup by remove_proc_entry() at last of exit_nfsd.\n\nWhich causes kernel OOPs if there is race between below 2 operations:\n(i) exportfs -r\n(ii) mount -t nfsd none /proc/fs/nfsd\n\nfor 5.4 kernel ARM64:\n\nCPU 1:\nel1_irq+0xbc/0x180\narch_counter_get_cntvct+0x14/0x18\nrunning_clock+0xc/0x18\npreempt_count_add+0x88/0x110\nprep_new_page+0xb0/0x220\nget_page_from_freelist+0x2d8/0x1778\n__alloc_pages_nodemask+0x15c/0xef0\n__vmalloc_node_range+0x28c/0x478\n__vmalloc_node_flags_caller+0x8c/0xb0\nkvmalloc_node+0x88/0xe0\nnfsd_init_net+0x6c/0x108 [nfsd]\nops_init+0x44/0x170\nregister_pernet_operations+0x114/0x270\nregister_pernet_subsys+0x34/0x50\ninit_nfsd+0xa8/0x718 [nfsd]\ndo_one_initcall+0x54/0x2e0\n\nCPU 2 :\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000010\n\nPC is at : exports_net_open+0x50/0x68 [nfsd]\n\nCall trace:\nexports_net_open+0x50/0x68 [nfsd]\nexports_proc_open+0x2c/0x38 [nfsd]\nproc_reg_open+0xb8/0x198\ndo_dentry_open+0x1c4/0x418\nvfs_open+0x38/0x48\npath_openat+0x28c/0xf18\ndo_filp_open+0x70/0xe8\ndo_sys_open+0x154/0x248\n\nSometimes it crashes at exports_net_open() and sometimes cache_seq_next_rcu().\n\nand same is happening on latest 6.14 kernel as well:\n\n[ 0.000000] Linux version 6.14.0-rc5-next-20250304-dirty\n...\n[ 285.455918] Unable to handle kernel paging request at virtual address 00001f4800001f48\n...\n[ 285.464902] pc : cache_seq_next_rcu+0x78/0xa4\n...\n[ 285.469695] Call trace:\n[ 285.470083] cache_seq_next_rcu+0x78/0xa4 (P)\n[ 285.470488] seq_read+0xe0/0x11c\n[ 285.470675] proc_reg_read+0x9c/0xf0\n[ 285.470874] vfs_read+0xc4/0x2fc\n[ 285.471057] ksys_read+0x6c/0xf4\n[ 285.471231] __arm64_sys_read+0x1c/0x28\n[ 285.471428] invoke_syscall+0x44/0x100\n[ 285.471633] el0_svc_common.constprop.0+0x40/0xe0\n[ 285.471870] do_el0_svc_compat+0x1c/0x34\n[ 285.472073] el0_svc_compat+0x2c/0x80\n[ 285.472265] el0t_32_sync_handler+0x90/0x140\n[ 285.472473] el0t_32_sync+0x19c/0x1a0\n[ 285.472887] Code: f9400885 93407c23 937d7c27 11000421 (f86378a3)\n[ 285.473422] ---[ end trace 0000000000000000 ]---\n\nIt reproduced simply with below script:\nwhile [ 1 ]\ndo\n/exportfs -r\ndone \u0026\n\nwhile [ 1 ]\ndo\ninsmod /nfsd.ko\nmount -t nfsd none /proc/fs/nfsd\numount /proc/fs/nfsd\nrmmod nfsd\ndone \u0026\n\nSo exporting interfaces to user space shall be done at last and\ncleanup at first place.\n\nWith change there is no Kernel OOPs.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38232"
},
{
"cve": "CVE-2025-38322",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel: Fix crash in icl_update_topdown_event()\n\nThe perf_fuzzer found a hard-lockup crash on a RaptorLake machine:\n\n Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000\n CPU: 23 UID: 0 PID: 0 Comm: swapper/23\n Tainted: [W]=WARN\n Hardware name: Dell Inc. Precision 9660/0VJ762\n RIP: 0010:native_read_pmc+0x7/0x40\n Code: cc e8 8d a9 01 00 48 89 03 5b cd cc cc cc cc 0f 1f ...\n RSP: 000:fffb03100273de8 EFLAGS: 00010046\n ....\n Call Trace:\n \u003cTASK\u003e\n icl_update_topdown_event+0x165/0x190\n ? ktime_get+0x38/0xd0\n intel_pmu_read_event+0xf9/0x210\n __perf_event_read+0xf9/0x210\n\nCPUs 16-23 are E-core CPUs that don\u0027t support the perf metrics feature.\nThe icl_update_topdown_event() should not be invoked on these CPUs.\n\nIt\u0027s a regression of commit:\n\n f9bdf1f95339 (\"perf/x86/intel: Avoid disable PMU if !cpuc-\u003eenabled in sample read\")\n\nThe bug introduced by that commit is that the is_topdown_event() function\nis mistakenly used to replace the is_topdown_count() call to check if the\ntopdown functions for the perf metrics feature should be invoked.\n\nFix it.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38322"
},
{
"cve": "CVE-2025-38591",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject narrower access to pointer ctx fields\n\nThe following BPF program, simplified from a syzkaller repro, causes a\nkernel warning:\n\n r0 = *(u8 *)(r1 + 169);\n exit;\n\nWith pointer field sk being at offset 168 in __sk_buff. This access is\ndetected as a narrower read in bpf_skb_is_valid_access because it\ndoesn\u0027t match offsetof(struct __sk_buff, sk). It is therefore allowed\nand later proceeds to bpf_convert_ctx_access. Note that for the\n\"is_narrower_load\" case in the convert_ctx_accesses(), the insn-\u003eoff\nis aligned, so the cnt may not be 0 because it matches the\noffsetof(struct __sk_buff, sk) in the bpf_convert_ctx_access. However,\nthe target_size stays 0 and the verifier errors with a kernel warning:\n\n verifier bug: error during ctx access conversion(1)\n\nThis patch fixes that to return a proper \"invalid bpf_context access\noff=X size=Y\" error on the load instruction.\n\nThe same issue affects multiple other fields in context structures that\nallow narrow access. Some other non-affected fields (for sk_msg,\nsk_lookup, and sockopt) were also changed to use bpf_ctx_range_ptr for\nconsistency.\n\nNote this syzkaller crash was reported in the \"Closes\" link below, which\nused to be about a different bug, fixed in\ncommit fce7bd8e385a (\"bpf/verifier: Handle BPF_LOAD_ACQ instructions\nin insn_def_regno()\"). Because syzbot somehow confused the two bugs,\nthe new crash and repro didn\u0027t get reported to the mailing list.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38591"
},
{
"cve": "CVE-2025-38614",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: Fix semi-unbounded recursion\n\nEnsure that epoll instances can never form a graph deeper than\nEP_MAX_NESTS+1 links.\n\nCurrently, ep_loop_check_proc() ensures that the graph is loop-free and\ndoes some recursion depth checks, but those recursion depth checks don\u0027t\nlimit the depth of the resulting tree for two reasons:\n\n - They don\u0027t look upwards in the tree.\n - If there are multiple downwards paths of different lengths, only one of\n the paths is actually considered for the depth check since commit\n 28d82dc1c4ed (\"epoll: limit paths\").\n\nEssentially, the current recursion depth check in ep_loop_check_proc() just\nserves to prevent it from recursing too deeply while checking for loops.\n\nA more thorough check is done in reverse_path_check() after the new graph\nedge has already been created; this checks, among other things, that no\npaths going upwards from any non-epoll file with a length of more than 5\nedges exist. However, this check does not apply to non-epoll files.\n\nAs a result, it is possible to recurse to a depth of at least roughly 500,\ntested on v6.15. (I am unsure if deeper recursion is possible; and this may\nhave changed with commit 8c44dac8add7 (\"eventpoll: Fix priority inversion\nproblem\").)\n\nTo fix it:\n\n1. In ep_loop_check_proc(), note the subtree depth of each visited node,\nand use subtree depths for the total depth calculation even when a subtree\nhas already been visited.\n2. Add ep_get_upwards_depth_proc() for similarly determining the maximum\ndepth of an upwards walk.\n3. In ep_loop_check(), use these values to limit the total path length\nbetween epoll nodes to EP_MAX_NESTS edges.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38614"
},
{
"cve": "CVE-2025-38681",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()\n\nMemory hot remove unmaps and tears down various kernel page table regions\nas required. The ptdump code can race with concurrent modifications of\nthe kernel page tables. When leaf entries are modified concurrently, the\ndump code may log stale or inconsistent information for a VA range, but\nthis is otherwise not harmful.\n\nBut when intermediate levels of kernel page table are freed, the dump code\nwill continue to use memory that has been freed and potentially\nreallocated for another purpose. In such cases, the ptdump code may\ndereference bogus addresses, leading to a number of potential problems.\n\nTo avoid the above mentioned race condition, platforms such as arm64,\nriscv and s390 take memory hotplug lock, while dumping kernel page table\nvia the sysfs interface /sys/kernel/debug/kernel_page_tables.\n\nSimilar race condition exists while checking for pages that might have\nbeen marked W+X via /sys/kernel/debug/kernel_page_tables/check_wx_pages\nwhich in turn calls ptdump_check_wx(). Instead of solving this race\ncondition again, let\u0027s just move the memory hotplug lock inside generic\nptdump_check_wx() which will benefit both the scenarios.\n\nDrop get_online_mems() and put_online_mems() combination from all existing\nplatform ptdump code paths.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38681"
},
{
"cve": "CVE-2025-38704",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu/nocb: Fix possible invalid rdp\u0027s-\u003enocb_cb_kthread pointer access\n\nIn the preparation stage of CPU online, if the corresponding\nthe rdp\u0027s-\u003enocb_cb_kthread does not exist, will be created,\nthere is a situation where the rdp\u0027s rcuop kthreads creation fails,\nand then de-offload this CPU\u0027s rdp, does not assign this CPU\u0027s\nrdp-\u003enocb_cb_kthread pointer, but this rdp\u0027s-\u003enocb_gp_rdp and\nrdp\u0027s-\u003erdp_gp-\u003enocb_gp_kthread is still valid.\n\nThis will cause the subsequent re-offload operation of this offline\nCPU, which will pass the conditional check and the kthread_unpark()\nwill access invalid rdp\u0027s-\u003enocb_cb_kthread pointer.\n\nThis commit therefore use rdp\u0027s-\u003enocb_gp_kthread instead of\nrdp_gp\u0027s-\u003enocb_gp_kthread for safety check.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38704"
},
{
"cve": "CVE-2025-38721",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: fix refcount leak on table dump\n\nThere is a reference count leak in ctnetlink_dump_table():\n if (res \u003c 0) {\n nf_conntrack_get(\u0026ct-\u003ect_general); // HERE\n cb-\u003eargs[1] = (unsigned long)ct;\n ...\n\nWhile its very unlikely, its possible that ct == last.\nIf this happens, then the refcount of ct was already incremented.\nThis 2nd increment is never undone.\n\nThis prevents the conntrack object from being released, which in turn\nkeeps prevents cnet-\u003ecount from dropping back to 0.\n\nThis will then block the netns dismantle (or conntrack rmmod) as\nnf_conntrack_cleanup_net_list() will wait forever.\n\nThis can be reproduced by running conntrack_resize.sh selftest in a loop.\nIt takes ~20 minutes for me on a preemptible kernel on average before\nI see a runaway kworker spinning in nf_conntrack_cleanup_net_list.\n\nOne fix would to change this to:\n if (res \u003c 0) {\n\t\tif (ct != last)\n\t nf_conntrack_get(\u0026ct-\u003ect_general);\n\nBut this reference counting isn\u0027t needed in the first place.\nWe can just store a cookie value instead.\n\nA followup patch will do the same for ctnetlink_exp_dump_table,\nit looks to me as if this has the same problem and like\nctnetlink_dump_table, we only need a \u0027skip hint\u0027, not the actual\nobject so we can apply the same cookie strategy there as well.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38721"
},
{
"cve": "CVE-2025-38725",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix_devices: add phy_mask for ax88772 mdio bus\n\nWithout setting phy_mask for ax88772 mdio bus, current driver may create\nat most 32 mdio phy devices with phy address range from 0x00 ~ 0x1f.\nDLink DUB-E100 H/W Ver B1 is such a device. However, only one main phy\ndevice will bind to net phy driver. This is creating issue during system\nsuspend/resume since phy_polling_mode() in phy_state_machine() will\ndirectly deference member of phydev-\u003edrv for non-main phy devices. Then\nNULL pointer dereference issue will occur. Due to only external phy or\ninternal phy is necessary, add phy_mask for ax88772 mdio bus to workarnoud\nthe issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38725"
},
{
"cve": "CVE-2025-38727",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: avoid infinite retry looping in netlink_unicast()\n\nnetlink_attachskb() checks for the socket\u0027s read memory allocation\nconstraints. Firstly, it has:\n\n rmem \u003c READ_ONCE(sk-\u003esk_rcvbuf)\n\nto check if the just increased rmem value fits into the socket\u0027s receive\nbuffer. If not, it proceeds and tries to wait for the memory under:\n\n rmem + skb-\u003etruesize \u003e READ_ONCE(sk-\u003esk_rcvbuf)\n\nThe checks don\u0027t cover the case when skb-\u003etruesize + sk-\u003esk_rmem_alloc is\nequal to sk-\u003esk_rcvbuf. Thus the function neither successfully accepts\nthese conditions, nor manages to reschedule the task - and is called in\nretry loop for indefinite time which is caught as:\n\n rcu: INFO: rcu_sched self-detected stall on CPU\n rcu: 0-....: (25999 ticks this GP) idle=ef2/1/0x4000000000000000 softirq=262269/262269 fqs=6212\n (t=26000 jiffies g=230833 q=259957)\n NMI backtrace for cpu 0\n CPU: 0 PID: 22 Comm: kauditd Not tainted 5.10.240 #68\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc42 04/01/2014\n Call Trace:\n \u003cIRQ\u003e\n dump_stack lib/dump_stack.c:120\n nmi_cpu_backtrace.cold lib/nmi_backtrace.c:105\n nmi_trigger_cpumask_backtrace lib/nmi_backtrace.c:62\n rcu_dump_cpu_stacks kernel/rcu/tree_stall.h:335\n rcu_sched_clock_irq.cold kernel/rcu/tree.c:2590\n update_process_times kernel/time/timer.c:1953\n tick_sched_handle kernel/time/tick-sched.c:227\n tick_sched_timer kernel/time/tick-sched.c:1399\n __hrtimer_run_queues kernel/time/hrtimer.c:1652\n hrtimer_interrupt kernel/time/hrtimer.c:1717\n __sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113\n asm_call_irq_on_stack arch/x86/entry/entry_64.S:808\n \u003c/IRQ\u003e\n\n netlink_attachskb net/netlink/af_netlink.c:1234\n netlink_unicast net/netlink/af_netlink.c:1349\n kauditd_send_queue kernel/audit.c:776\n kauditd_thread kernel/audit.c:897\n kthread kernel/kthread.c:328\n ret_from_fork arch/x86/entry/entry_64.S:304\n\nRestore the original behavior of the check which commit in Fixes\naccidentally missed when restructuring the code.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38727"
},
{
"cve": "CVE-2025-38732",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject: don\u0027t leak dst refcount for loopback packets\n\nrecent patches to add a WARN() when replacing skb dst entry found an\nold bug:\n\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\n[..]\nCall Trace:\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\n ..\n\nThis is because blamed commit forgot about loopback packets.\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\n\nInstead of checking hook just check if the skb already has a route\nattached to it.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38732"
},
{
"cve": "CVE-2025-38736",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: asix_devices: Fix PHY address mask in MDIO bus initialization\n\nSyzbot reported shift-out-of-bounds exception on MDIO bus initialization.\n\nThe PHY address should be masked to 5 bits (0-31). Without this\nmask, invalid PHY addresses could be used, potentially causing issues\nwith MDIO bus operations.\n\nFix this by masking the PHY address with 0x1f (31 decimal) to ensure\nit stays within the valid range.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-38736"
},
{
"cve": "CVE-2025-39681",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper\n\nSince\n\n 923f3a2b48bd (\"x86/resctrl: Query LLC monitoring properties once during boot\")\n\nresctrl_cpu_detect() has been moved from common CPU initialization code to\nthe vendor-specific BSP init helper, while Hygon didn\u0027t put that call in their\ncode.\n\nThis triggers a division by zero fault during early booting stage on our\nmachines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries\nto calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale.\n\nAdd the missing resctrl_cpu_detect() in the Hygon BSP init helper.\n\n [ bp: Massage commit message. ]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39681"
},
{
"cve": "CVE-2025-39691",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/buffer: fix use-after-free when call bh_read() helper\n\nThere\u0027s issue as follows:\nBUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110\nRead of size 8 at addr ffffc9000168f7f8 by task swapper/3/0\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.16.0-862.14.0.6.x86_64\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x2c/0x390\n print_report+0xb4/0x270\n kasan_report+0xb8/0xf0\n end_buffer_read_sync+0xe3/0x110\n end_bio_bh_io_sync+0x56/0x80\n blk_update_request+0x30a/0x720\n scsi_end_request+0x51/0x2b0\n scsi_io_completion+0xe3/0x480\n ? scsi_device_unbusy+0x11e/0x160\n blk_complete_reqs+0x7b/0x90\n handle_softirqs+0xef/0x370\n irq_exit_rcu+0xa5/0xd0\n sysvec_apic_timer_interrupt+0x6e/0x90\n \u003c/IRQ\u003e\n\n Above issue happens when do ntfs3 filesystem mount, issue may happens\n as follows:\n mount IRQ\nntfs_fill_super\n read_cache_page\n do_read_cache_folio\n filemap_read_folio\n mpage_read_folio\n\t do_mpage_readpage\n\t ntfs_get_block_vbo\n\t bh_read\n\t submit_bh\n\t wait_on_buffer(bh);\n\t blk_complete_reqs\n\t\t\t\t scsi_io_completion\n\t\t\t\t scsi_end_request\n\t\t\t\t blk_update_request\n\t\t\t\t end_bio_bh_io_sync\n\t\t\t\t\t end_buffer_read_sync\n\t\t\t\t\t __end_buffer_read_notouch\n\t\t\t\t\t unlock_buffer\n\n wait_on_buffer(bh);--\u003e return will return to caller\n\n\t\t\t\t\t put_bh\n\t\t\t\t\t --\u003e trigger stack-out-of-bounds\nIn the mpage_read_folio() function, the stack variable \u0027map_bh\u0027 is\npassed to ntfs_get_block_vbo(). Once unlock_buffer() unlocks and\nwait_on_buffer() returns to continue processing, the stack variable\nis likely to be reclaimed. Consequently, during the end_buffer_read_sync()\nprocess, calling put_bh() may result in stack overrun.\n\nIf the bh is not allocated on the stack, it belongs to a folio. Freeing\na buffer head which belongs to a folio is done by drop_buffers() which\nwill fail to free buffers which are still locked. So it is safe to call\nput_bh() before __end_buffer_read_notouch().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39691"
},
{
"cve": "CVE-2025-39721",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - flush misc workqueue during device shutdown\n\nRepeated loading and unloading of a device specific QAT driver, for\nexample qat_4xxx, in a tight loop can lead to a crash due to a\nuse-after-free scenario. This occurs when a power management (PM)\ninterrupt triggers just before the device-specific driver (e.g.,\nqat_4xxx.ko) is unloaded, while the core driver (intel_qat.ko) remains\nloaded.\n\nSince the driver uses a shared workqueue (`qat_misc_wq`) across all\ndevices and owned by intel_qat.ko, a deferred routine from the\ndevice-specific driver may still be pending in the queue. If this\nroutine executes after the driver is unloaded, it can dereference freed\nmemory, resulting in a page fault and kernel crash like the following:\n\n BUG: unable to handle page fault for address: ffa000002e50a01c\n #PF: supervisor read access in kernel mode\n RIP: 0010:pm_bh_handler+0x1d2/0x250 [intel_qat]\n Call Trace:\n pm_bh_handler+0x1d2/0x250 [intel_qat]\n process_one_work+0x171/0x340\n worker_thread+0x277/0x3a0\n kthread+0xf0/0x120\n ret_from_fork+0x2d/0x50\n\nTo prevent this, flush the misc workqueue during device shutdown to\nensure that all pending work items are completed before the driver is\nunloaded.\n\nNote: This approach may slightly increase shutdown latency if the\nworkqueue contains jobs from other devices, but it ensures correctness\nand stability.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39721"
},
{
"cve": "CVE-2025-39748",
"cwe": {
"id": "CWE-478",
"name": "Missing Default Case in Multiple Condition Expression"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Forget ranges when refining tnum after JSET\n\nSyzbot reported a kernel warning due to a range invariant violation on\nthe following BPF program.\n\n 0: call bpf_get_netns_cookie\n 1: if r0 == 0 goto \u003cexit\u003e\n 2: if r0 \u0026 Oxffffffff goto \u003cexit\u003e\n\nThe issue is on the path where we fall through both jumps.\n\nThat path is unreachable at runtime: after insn 1, we know r0 != 0, but\nwith the sign extension on the jset, we would only fallthrough insn 2\nif r0 == 0. Unfortunately, is_branch_taken() isn\u0027t currently able to\nfigure this out, so the verifier walks all branches. The verifier then\nrefines the register bounds using the second condition and we end\nup with inconsistent bounds on this unreachable path:\n\n 1: if r0 == 0 goto \u003cexit\u003e\n r0: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0xffffffffffffffff)\n 2: if r0 \u0026 0xffffffff goto \u003cexit\u003e\n r0 before reg_bounds_sync: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0)\n r0 after reg_bounds_sync: u64=[0x1, 0] var_off=(0, 0)\n\nImproving the range refinement for JSET to cover all cases is tricky. We\nalso don\u0027t expect many users to rely on JSET given LLVM doesn\u0027t generate\nthose instructions. So instead of improving the range refinement for\nJSETs, Eduard suggested we forget the ranges whenever we\u0027re narrowing\ntnums after a JSET. This patch implements that approach.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39748"
},
{
"cve": "CVE-2025-39756",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Prevent file descriptor table allocations exceeding INT_MAX\n\nWhen sysctl_nr_open is set to a very high value (for example, 1073741816\nas set by systemd), processes attempting to use file descriptors near\nthe limit can trigger massive memory allocation attempts that exceed\nINT_MAX, resulting in a WARNING in mm/slub.c:\n\n WARNING: CPU: 0 PID: 44 at mm/slub.c:5027 __kvmalloc_node_noprof+0x21a/0x288\n\nThis happens because kvmalloc_array() and kvmalloc() check if the\nrequested size exceeds INT_MAX and emit a warning when the allocation is\nnot flagged with __GFP_NOWARN.\n\nSpecifically, when nr_open is set to 1073741816 (0x3ffffff8) and a\nprocess calls dup2(oldfd, 1073741880), the kernel attempts to allocate:\n- File descriptor array: 1073741880 * 8 bytes = 8,589,935,040 bytes\n- Multiple bitmaps: ~400MB\n- Total allocation size: \u003e 8GB (exceeding INT_MAX = 2,147,483,647)\n\nReproducer:\n1. Set /proc/sys/fs/nr_open to 1073741816:\n # echo 1073741816 \u003e /proc/sys/fs/nr_open\n\n2. Run a program that uses a high file descriptor:\n #include \u003cunistd.h\u003e\n #include \u003csys/resource.h\u003e\n\n int main() {\n struct rlimit rlim = {1073741824, 1073741824};\n setrlimit(RLIMIT_NOFILE, \u0026rlim);\n dup2(2, 1073741880); // Triggers the warning\n return 0;\n }\n\n3. Observe WARNING in dmesg at mm/slub.c:5027\n\nsystemd commit a8b627a introduced automatic bumping of fs.nr_open to the\nmaximum possible value. The rationale was that systems with memory\ncontrol groups (memcg) no longer need separate file descriptor limits\nsince memory is properly accounted. However, this change overlooked\nthat:\n\n1. The kernel\u0027s allocation functions still enforce INT_MAX as a maximum\n size regardless of memcg accounting\n2. Programs and tests that legitimately test file descriptor limits can\n inadvertently trigger massive allocations\n3. The resulting allocations (\u003e8GB) are impractical and will always fail\n\nsystemd\u0027s algorithm starts with INT_MAX and keeps halving the value\nuntil the kernel accepts it. On most systems, this results in nr_open\nbeing set to 1073741816 (0x3ffffff8), which is just under 1GB of file\ndescriptors.\n\nWhile processes rarely use file descriptors near this limit in normal\noperation, certain selftests (like\ntools/testing/selftests/core/unshare_test.c) and programs that test file\ndescriptor limits can trigger this issue.\n\nFix this by adding a check in alloc_fdtable() to ensure the requested\nallocation size does not exceed INT_MAX. This causes the operation to\nfail with -EMFILE instead of triggering a kernel warning and avoids the\nimpractical \u003e8GB memory allocation request.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39756"
},
{
"cve": "CVE-2025-39764",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: remove refcounting in expectation dumpers\n\nSame pattern as previous patch: do not keep the expectation object\nalive via refcount, only store a cookie value and then use that\nas the skip hint for dump resumption.\n\nAFAICS this has the same issue as the one resolved in the conntrack\ndumper, when we do\n if (!refcount_inc_not_zero(\u0026exp-\u003euse))\n\nto increment the refcount, there is a chance that exp == last, which\ncauses a double-increment of the refcount and subsequent memory leak.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39764"
},
{
"cve": "CVE-2025-39770",
"cwe": {
"id": "CWE-573",
"name": "Improper Following of Specification by Caller"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM\n\nWhen performing Generic Segmentation Offload (GSO) on an IPv6 packet that\ncontains extension headers, the kernel incorrectly requests checksum offload\nif the egress device only advertises NETIF_F_IPV6_CSUM feature, which has\na strict contract: it supports checksum offload only for plain TCP or UDP\nover IPv6 and explicitly does not support packets with extension headers.\nThe current GSO logic violates this contract by failing to disable the feature\nfor packets with extension headers, such as those used in GREoIPv6 tunnels.\n\nThis violation results in the device being asked to perform an operation\nit cannot support, leading to a `skb_warn_bad_offload` warning and a collapse\nof network throughput. While device TSO/USO is correctly bypassed in favor\nof software GSO for these packets, the GSO stack must be explicitly told not\nto request checksum offload.\n\nMask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4\nin gso_features_check if the IPv6 header contains extension headers to compute\nchecksum in software.\n\nThe exception is a BIG TCP extension, which, as stated in commit\n68e068cabd2c6c53 (\"net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\"):\n\"The feature is only enabled on devices that support BIG TCP TSO.\nThe header is only present for PF_PACKET taps like tcpdump,\nand not transmitted by physical devices.\"\n\nkernel log output (truncated):\nWARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140\n...\nCall Trace:\n \u003cTASK\u003e\n skb_checksum_help+0x12a/0x1f0\n validate_xmit_skb+0x1a3/0x2d0\n validate_xmit_skb_list+0x4f/0x80\n sch_direct_xmit+0x1a2/0x380\n __dev_xmit_skb+0x242/0x670\n __dev_queue_xmit+0x3fc/0x7f0\n ip6_finish_output2+0x25e/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel]\n ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre]\n dev_hard_start_xmit+0x63/0x1c0\n __dev_queue_xmit+0x6d0/0x7f0\n ip6_finish_output2+0x214/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n inet6_csk_xmit+0xeb/0x150\n __tcp_transmit_skb+0x555/0xa80\n tcp_write_xmit+0x32a/0xe90\n tcp_sendmsg_locked+0x437/0x1110\n tcp_sendmsg+0x2f/0x50\n...\nskb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e\nskb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00\nskb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00\nskb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00\nskb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9\nskb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01\nskb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39770"
},
{
"cve": "CVE-2025-39773",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix soft lockup in br_multicast_query_expired()\n\nWhen set multicast_query_interval to a large value, the local variable\n\u0027time\u0027 in br_multicast_send_query() may overflow. If the time is smaller\nthan jiffies, the timer will expire immediately, and then call mod_timer()\nagain, which creates a loop and may trigger the following soft lockup\nissue.\n\n watchdog: BUG: soft lockup - CPU#1 stuck for 221s! [rb_consumer:66]\n CPU: 1 UID: 0 PID: 66 Comm: rb_consumer Not tainted 6.16.0+ #259 PREEMPT(none)\n Call Trace:\n \u003cIRQ\u003e\n __netdev_alloc_skb+0x2e/0x3a0\n br_ip6_multicast_alloc_query+0x212/0x1b70\n __br_multicast_send_query+0x376/0xac0\n br_multicast_send_query+0x299/0x510\n br_multicast_query_expired.constprop.0+0x16d/0x1b0\n call_timer_fn+0x3b/0x2a0\n __run_timers+0x619/0x950\n run_timer_softirq+0x11c/0x220\n handle_softirqs+0x18e/0x560\n __irq_exit_rcu+0x158/0x1a0\n sysvec_apic_timer_interrupt+0x76/0x90\n \u003c/IRQ\u003e\n\nThis issue can be reproduced with:\n ip link add br0 type bridge\n echo 1 \u003e /sys/class/net/br0/bridge/multicast_querier\n echo 0xffffffffffffffff \u003e\n \t/sys/class/net/br0/bridge/multicast_query_interval\n ip link set dev br0 up\n\nThe multicast_startup_query_interval can also cause this issue. Similar to\nthe commit 99b40610956a (\"net: bridge: mcast: add and enforce query\ninterval minimum\"), add check for the query interval maximum to fix this\nissue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39773"
},
{
"cve": "CVE-2025-39782",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: prevent softlockup in jbd2_log_do_checkpoint()\n\nBoth jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list()\nperiodically release j_list_lock after processing a batch of buffers to\navoid long hold times on the j_list_lock. However, since both functions\ncontend for j_list_lock, the combined time spent waiting and processing\ncan be significant.\n\njbd2_journal_shrink_checkpoint_list() explicitly calls cond_resched() when\nneed_resched() is true to avoid softlockups during prolonged operations.\nBut jbd2_log_do_checkpoint() only exits its loop when need_resched() is\ntrue, relying on potentially sleeping functions like __flush_batch() or\nwait_on_buffer() to trigger rescheduling. If those functions do not sleep,\nthe kernel may hit a softlockup.\n\nwatchdog: BUG: soft lockup - CPU#3 stuck for 156s! [kworker/u129:2:373]\nCPU: 3 PID: 373 Comm: kworker/u129:2 Kdump: loaded Not tainted 6.6.0+ #10\nHardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.27 06/13/2017\nWorkqueue: writeback wb_workfn (flush-7:2)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : native_queued_spin_lock_slowpath+0x358/0x418\nlr : jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\nCall trace:\n native_queued_spin_lock_slowpath+0x358/0x418\n jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\n __jbd2_log_wait_for_space+0xfc/0x2f8 [jbd2]\n add_transaction_credits+0x3bc/0x418 [jbd2]\n start_this_handle+0xf8/0x560 [jbd2]\n jbd2__journal_start+0x118/0x228 [jbd2]\n __ext4_journal_start_sb+0x110/0x188 [ext4]\n ext4_do_writepages+0x3dc/0x740 [ext4]\n ext4_writepages+0xa4/0x190 [ext4]\n do_writepages+0x94/0x228\n __writeback_single_inode+0x48/0x318\n writeback_sb_inodes+0x204/0x590\n __writeback_inodes_wb+0x54/0xf8\n wb_writeback+0x2cc/0x3d8\n wb_do_writeback+0x2e0/0x2f8\n wb_workfn+0x80/0x2a8\n process_one_work+0x178/0x3e8\n worker_thread+0x234/0x3b8\n kthread+0xf0/0x108\n ret_from_fork+0x10/0x20\n\nSo explicitly call cond_resched() in jbd2_log_do_checkpoint() to avoid\nsoftlockup.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39782"
},
{
"cve": "CVE-2025-39795",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid possible overflow for chunk_sectors check in blk_stack_limits()\n\nIn blk_stack_limits(), we check that the t-\u003echunk_sectors value is a\nmultiple of the t-\u003ephysical_block_size value.\n\nHowever, by finding the chunk_sectors value in bytes, we may overflow\nthe unsigned int which holds chunk_sectors, so change the check to be\nbased on sectors.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39795"
},
{
"cve": "CVE-2025-39826",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: convert \u0027use\u0027 field to refcount_t\n\nThe \u0027use\u0027 field in struct rose_neigh is used as a reference counter but\nlacks atomicity. This can lead to race conditions where a rose_neigh\nstructure is freed while still being referenced by other code paths.\n\nFor example, when rose_neigh-\u003euse becomes zero during an ioctl operation\nvia rose_rt_ioctl(), the structure may be removed while its timer is\nstill active, potentially causing use-after-free issues.\n\nThis patch changes the type of \u0027use\u0027 from unsigned short to refcount_t and\nupdates all code paths to use rose_neigh_hold() and rose_neigh_put() which\noperate reference counts atomically.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39826"
},
{
"cve": "CVE-2025-39827",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: include node references in rose_neigh refcount\n\nCurrent implementation maintains two separate reference counting\nmechanisms: the \u0027count\u0027 field in struct rose_neigh tracks references from\nrose_node structures, while the \u0027use\u0027 field (now refcount_t) tracks\nreferences from rose_sock.\n\nThis patch merges these two reference counting systems using \u0027use\u0027 field\nfor proper reference management. Specifically, this patch adds incrementing\nand decrementing of rose_neigh-\u003euse when rose_neigh-\u003ecount is incremented\nor decremented.\n\nThis patch also modifies rose_rt_free(), rose_rt_device_down() and\nrose_clear_route() to properly release references to rose_neigh objects\nbefore freeing a rose_node through rose_remove_node().\n\nThese changes ensure rose_neigh structures are properly freed only when\nall references, including those from rose_node structures, are released.\nAs a result, this resolves a slab-use-after-free issue reported by Syzbot.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39827"
},
{
"cve": "CVE-2025-39845",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings()\n\nDefine ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() to ensure\npage tables are properly synchronized when calling p*d_populate_kernel().\n\nFor 5-level paging, synchronization is performed via\npgd_populate_kernel(). In 4-level paging, pgd_populate() is a no-op, so\nsynchronization is instead performed at the P4D level via\np4d_populate_kernel().\n\nThis fixes intermittent boot failures on systems using 4-level paging and\na large amount of persistent memory:\n\n BUG: unable to handle page fault for address: ffffe70000000034\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: 0002 [#1] SMP NOPTI\n RIP: 0010:__init_single_page+0x9/0x6d\n Call Trace:\n \u003cTASK\u003e\n __init_zone_device_page+0x17/0x5d\n memmap_init_zone_device+0x154/0x1bb\n pagemap_range+0x2e0/0x40f\n memremap_pages+0x10b/0x2f0\n devm_memremap_pages+0x1e/0x60\n dev_dax_probe+0xce/0x2ec [device_dax]\n dax_bus_probe+0x6d/0xc9\n [... snip ...]\n \u003c/TASK\u003e\n\nIt also fixes a crash in vmemmap_set_pmd() caused by accessing vmemmap\nbefore sync_global_pgds() [1]:\n\n BUG: unable to handle page fault for address: ffffeb3ff1200000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0002 [#1] PREEMPT SMP NOPTI\n Tainted: [W]=WARN\n RIP: 0010:vmemmap_set_pmd+0xff/0x230\n \u003cTASK\u003e\n vmemmap_populate_hugepages+0x176/0x180\n vmemmap_populate+0x34/0x80\n __populate_section_memmap+0x41/0x90\n sparse_add_section+0x121/0x3e0\n __add_pages+0xba/0x150\n add_pages+0x1d/0x70\n memremap_pages+0x3dc/0x810\n devm_memremap_pages+0x1c/0x60\n xe_devm_add+0x8b/0x100 [xe]\n xe_tile_init_noalloc+0x6a/0x70 [xe]\n xe_device_probe+0x48c/0x740 [xe]\n [... snip ...]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39845"
},
{
"cve": "CVE-2025-39866",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: writeback: fix use-after-free in __mark_inode_dirty()\n\nAn use-after-free issue occurred when __mark_inode_dirty() get the\nbdi_writeback that was in the progress of switching.\n\nCPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1\n......\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __mark_inode_dirty+0x124/0x418\nlr : __mark_inode_dirty+0x118/0x418\nsp : ffffffc08c9dbbc0\n........\nCall trace:\n __mark_inode_dirty+0x124/0x418\n generic_update_time+0x4c/0x60\n file_modified+0xcc/0xd0\n ext4_buffered_write_iter+0x58/0x124\n ext4_file_write_iter+0x54/0x704\n vfs_write+0x1c0/0x308\n ksys_write+0x74/0x10c\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x114\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x40/0xe4\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x194/0x198\n\nRoot cause is:\n\nsystemd-random-seed kworker\n----------------------------------------------------------------------\n___mark_inode_dirty inode_switch_wbs_work_fn\n\n spin_lock(\u0026inode-\u003ei_lock);\n inode_attach_wb\n locked_inode_to_wb_and_lock_list\n get inode-\u003ei_wb\n spin_unlock(\u0026inode-\u003ei_lock);\n spin_lock(\u0026wb-\u003elist_lock)\n spin_lock(\u0026inode-\u003ei_lock)\n inode_io_list_move_locked\n spin_unlock(\u0026wb-\u003elist_lock)\n spin_unlock(\u0026inode-\u003ei_lock)\n spin_lock(\u0026old_wb-\u003elist_lock)\n inode_do_switch_wbs\n spin_lock(\u0026inode-\u003ei_lock)\n inode-\u003ei_wb = new_wb\n spin_unlock(\u0026inode-\u003ei_lock)\n spin_unlock(\u0026old_wb-\u003elist_lock)\n wb_put_many(old_wb, nr_switched)\n cgwb_release\n old wb released\n wb_wakeup_delayed() accesses wb,\n then trigger the use-after-free\n issue\n\nFix this race condition by holding inode spinlock until\nwb_wakeup_delayed() finished.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39866"
},
{
"cve": "CVE-2025-39871",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Remove improper idxd_free\n\nThe call to idxd_free() introduces a duplicate put_device() leading to a\nreference count underflow:\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 15 PID: 4428 at lib/refcount.c:28 refcount_warn_saturate+0xbe/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n idxd_remove+0xe4/0x120 [idxd]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x197/0x200\n driver_detach+0x48/0x90\n bus_remove_driver+0x74/0xf0\n pci_unregister_driver+0x2e/0xb0\n idxd_exit_module+0x34/0x7a0 [idxd]\n __do_sys_delete_module.constprop.0+0x183/0x280\n do_syscall_64+0x54/0xd70\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe idxd_unregister_devices() which is invoked at the very beginning of\nidxd_remove(), already takes care of the necessary put_device() through the\nfollowing call path:\nidxd_unregister_devices() -\u003e device_unregister() -\u003e put_device()\n\nIn addition, when CONFIG_DEBUG_KOBJECT_RELEASE is enabled, put_device() may\ntrigger asynchronous cleanup via schedule_delayed_work(). If idxd_free() is\ncalled immediately after, it can result in a use-after-free.\n\nRemove the improper idxd_free() to avoid both the refcount underflow and\npotential memory corruption during module unload.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39871"
},
{
"cve": "CVE-2025-39931",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Set merge to zero early in af_alg_sendmsg\n\nIf an error causes af_alg_sendmsg to abort, ctx-\u003emerge may contain\na garbage value from the previous loop. This may then trigger a\ncrash on the next entry into af_alg_sendmsg when it attempts to do\na merge that can\u0027t be done.\n\nFix this by setting ctx-\u003emerge to zero near the start of the loop.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39931"
},
{
"cve": "CVE-2025-39953",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncgroup: split cgroup_destroy_wq into 3 workqueues\n\nA hung task can occur during [1] LTP cgroup testing when repeatedly\nmounting/unmounting perf_event and net_prio controllers with\nsystemd.unified_cgroup_hierarchy=1. The hang manifests in\ncgroup_lock_and_drain_offline() during root destruction.\n\nRelated case:\ncgroup_fj_function_perf_event cgroup_fj_function.sh perf_event\ncgroup_fj_function_net_prio cgroup_fj_function.sh net_prio\n\nCall Trace:\n\tcgroup_lock_and_drain_offline+0x14c/0x1e8\n\tcgroup_destroy_root+0x3c/0x2c0\n\tcss_free_rwork_fn+0x248/0x338\n\tprocess_one_work+0x16c/0x3b8\n\tworker_thread+0x22c/0x3b0\n\tkthread+0xec/0x100\n\tret_from_fork+0x10/0x20\n\nRoot Cause:\n\nCPU0 CPU1\nmount perf_event umount net_prio\ncgroup1_get_tree cgroup_kill_sb\nrebind_subsystems // root destruction enqueues\n\t\t\t\t// cgroup_destroy_wq\n// kill all perf_event css\n // one perf_event css A is dying\n // css A offline enqueues cgroup_destroy_wq\n // root destruction will be executed first\n css_free_rwork_fn\n cgroup_destroy_root\n cgroup_lock_and_drain_offline\n // some perf descendants are dying\n // cgroup_destroy_wq max_active = 1\n // waiting for css A to die\n\nProblem scenario:\n1. CPU0 mounts perf_event (rebind_subsystems)\n2. CPU1 unmounts net_prio (cgroup_kill_sb), queuing root destruction work\n3. A dying perf_event CSS gets queued for offline after root destruction\n4. Root destruction waits for offline completion, but offline work is\n blocked behind root destruction in cgroup_destroy_wq (max_active=1)\n\nSolution:\nSplit cgroup_destroy_wq into three dedicated workqueues:\ncgroup_offline_wq \u2013 Handles CSS offline operations\ncgroup_release_wq \u2013 Manages resource release\ncgroup_free_wq \u2013 Performs final memory deallocation\n\nThis separation eliminates blocking in the CSS free path while waiting for\noffline operations to complete.\n\n[1] https://github.com/linux-test-project/ltp/blob/master/runtest/controllers",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39953"
},
{
"cve": "CVE-2025-39955",
"cwe": {
"id": "CWE-213",
"name": "Exposure of Sensitive Information Due to Incompatible Policies"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Clear tcp_sk(sk)-\u003efastopen_rsk in tcp_disconnect().\n\nsyzbot reported the splat below where a socket had tcp_sk(sk)-\u003efastopen_rsk\nin the TCP_ESTABLISHED state. [0]\n\nsyzbot reused the server-side TCP Fast Open socket as a new client before\nthe TFO socket completes 3WHS:\n\n 1. accept()\n 2. connect(AF_UNSPEC)\n 3. connect() to another destination\n\nAs of accept(), sk-\u003esk_state is TCP_SYN_RECV, and tcp_disconnect() changes\nit to TCP_CLOSE and makes connect() possible, which restarts timers.\n\nSince tcp_disconnect() forgot to clear tcp_sk(sk)-\u003efastopen_rsk, the\nretransmit timer triggered the warning and the intended packet was not\nretransmitted.\n\nLet\u0027s call reqsk_fastopen_remove() in tcp_disconnect().\n\n[0]:\nWARNING: CPU: 2 PID: 0 at net/ipv4/tcp_timer.c:542 tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7))\nModules linked in:\nCPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.17.0-rc5-g201825fb4278 #62 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7))\nCode: 41 55 41 54 55 53 48 8b af b8 08 00 00 48 89 fb 48 85 ed 0f 84 55 01 00 00 0f b6 47 12 3c 03 74 0c 0f b6 47 12 3c 04 74 04 90 \u003c0f\u003e 0b 90 48 8b 85 c0 00 00 00 48 89 ef 48 8b 40 30 e8 6a 4f 06 3e\nRSP: 0018:ffffc900002f8d40 EFLAGS: 00010293\nRAX: 0000000000000002 RBX: ffff888106911400 RCX: 0000000000000017\nRDX: 0000000002517619 RSI: ffffffff83764080 RDI: ffff888106911400\nRBP: ffff888106d5c000 R08: 0000000000000001 R09: ffffc900002f8de8\nR10: 00000000000000c2 R11: ffffc900002f8ff8 R12: ffff888106911540\nR13: ffff888106911480 R14: ffff888106911840 R15: ffffc900002f8de0\nFS: 0000000000000000(0000) GS:ffff88907b768000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8044d69d90 CR3: 0000000002c30003 CR4: 0000000000370ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_write_timer (net/ipv4/tcp_timer.c:738)\n call_timer_fn (kernel/time/timer.c:1747)\n __run_timers (kernel/time/timer.c:1799 kernel/time/timer.c:2372)\n timer_expire_remote (kernel/time/timer.c:2385 kernel/time/timer.c:2376 kernel/time/timer.c:2135)\n tmigr_handle_remote_up (kernel/time/timer_migration.c:944 kernel/time/timer_migration.c:1035)\n __walk_groups.isra.0 (kernel/time/timer_migration.c:533 (discriminator 1))\n tmigr_handle_remote (kernel/time/timer_migration.c:1096)\n handle_softirqs (./arch/x86/include/asm/jump_label.h:36 ./include/trace/events/irq.h:142 kernel/softirq.c:580)\n irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680 kernel/softirq.c:696)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 (discriminator 35) arch/x86/kernel/apic/apic.c:1050 (discriminator 35))\n \u003c/IRQ\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39955"
},
{
"cve": "CVE-2025-39964",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Disallow concurrent writes in af_alg_sendmsg\n\nIssuing two writes to the same af_alg socket is bogus as the\ndata will be interleaved in an unpredictable fashion. Furthermore,\nconcurrent writes may create inconsistencies in the internal\nsocket state.\n\nDisallow this by adding a new ctx-\u003ewrite field that indiciates\nexclusive ownership for writing.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39964"
},
{
"cve": "CVE-2025-39977",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-39978",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix potential use after free in otx2_tc_add_flow()\n\nThis code calls kfree_rcu(new_node, rcu) and then dereferences \"new_node\"\nand then dereferences it on the next line. Two lines later, we take\na mutex so I don\u0027t think this is an RCU safe region. Re-order it to do\nthe dereferences before queuing up the free.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39978"
},
{
"cve": "CVE-2025-39980",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnexthop: Forbid FDB status change while nexthop is in a group\n\nThe kernel forbids the creation of non-FDB nexthop groups with FDB\nnexthops:\n\n # ip nexthop add id 1 via 192.0.2.1 fdb\n # ip nexthop add id 2 group 1\n Error: Non FDB nexthop group cannot have fdb nexthops.\n\nAnd vice versa:\n\n # ip nexthop add id 3 via 192.0.2.2 dev dummy1\n # ip nexthop add id 4 group 3 fdb\n Error: FDB nexthop group can only have fdb nexthops.\n\nHowever, as long as no routes are pointing to a non-FDB nexthop group,\nthe kernel allows changing the type of a nexthop from FDB to non-FDB and\nvice versa:\n\n # ip nexthop add id 5 via 192.0.2.2 dev dummy1\n # ip nexthop add id 6 group 5\n # ip nexthop replace id 5 via 192.0.2.2 fdb\n # echo $?\n 0\n\nThis configuration is invalid and can result in a NPD [1] since FDB\nnexthops are not associated with a nexthop device:\n\n # ip route add 198.51.100.1/32 nhid 6\n # ping 198.51.100.1\n\nFix by preventing nexthop FDB status change while the nexthop is in a\ngroup:\n\n # ip nexthop add id 7 via 192.0.2.2 dev dummy1\n # ip nexthop add id 8 group 7\n # ip nexthop replace id 7 via 192.0.2.2 fdb\n Error: Cannot change nexthop FDB status while in a group.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 00000000000003c0\n[...]\nOops: Oops: 0000 [#1] SMP\nCPU: 6 UID: 0 PID: 367 Comm: ping Not tainted 6.17.0-rc6-virtme-gb65678cacc03 #1 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc41 04/01/2014\nRIP: 0010:fib_lookup_good_nhc+0x1e/0x80\n[...]\nCall Trace:\n \u003cTASK\u003e\n fib_table_lookup+0x541/0x650\n ip_route_output_key_hash_rcu+0x2ea/0x970\n ip_route_output_key_hash+0x55/0x80\n __ip4_datagram_connect+0x250/0x330\n udp_connect+0x2b/0x60\n __sys_connect+0x9c/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0xa4/0x2a0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39980"
},
{
"cve": "CVE-2025-40022",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Fix incorrect boolean values in af_alg_ctx\n\nCommit 1b34cbbf4f01 (\"crypto: af_alg - Disallow concurrent writes in\naf_alg_sendmsg\") changed some fields from bool to 1-bit bitfields of\ntype u32.\n\nHowever, some assignments to these fields, specifically \u0027more\u0027 and\n\u0027merge\u0027, assign values greater than 1. These relied on C\u0027s implicit\nconversion to bool, such that zero becomes false and nonzero becomes\ntrue.\n\nWith a 1-bit bitfields of type u32 instead, mod 2 of the value is taken\ninstead, resulting in 0 being assigned in some cases when 1 was intended.\n\nFix this by restoring the bool type.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40022"
},
{
"cve": "CVE-2025-40070",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: fix warning in pps_register_cdev when register device fail\n\nSimilar to previous commit 2a934fdb01db (\"media: v4l2-dev: fix error\nhandling in __video_register_device()\"), the release hook should be set\nbefore device_register(). Otherwise, when device_register() return error\nand put_device() try to callback the release function, the below warning\nmay happen.\n\n ------------[ cut here ]------------\n WARNING: CPU: 1 PID: 4760 at drivers/base/core.c:2567 device_release+0x1bd/0x240 drivers/base/core.c:2567\n Modules linked in:\n CPU: 1 UID: 0 PID: 4760 Comm: syz.4.914 Not tainted 6.17.0-rc3+ #1 NONE\n RIP: 0010:device_release+0x1bd/0x240 drivers/base/core.c:2567\n Call Trace:\n \u003cTASK\u003e\n kobject_cleanup+0x136/0x410 lib/kobject.c:689\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0xe9/0x130 lib/kobject.c:737\n put_device+0x24/0x30 drivers/base/core.c:3797\n pps_register_cdev+0x2da/0x370 drivers/pps/pps.c:402\n pps_register_source+0x2f6/0x480 drivers/pps/kapi.c:108\n pps_tty_open+0x190/0x310 drivers/pps/clients/pps-ldisc.c:57\n tty_ldisc_open+0xa7/0x120 drivers/tty/tty_ldisc.c:432\n tty_set_ldisc+0x333/0x780 drivers/tty/tty_ldisc.c:563\n tiocsetd drivers/tty/tty_io.c:2429 [inline]\n tty_ioctl+0x5d1/0x1700 drivers/tty/tty_io.c:2728\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:598 [inline]\n __se_sys_ioctl fs/ioctl.c:584 [inline]\n __x64_sys_ioctl+0x194/0x210 fs/ioctl.c:584\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x5f/0x2a0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nBefore commit c79a39dc8d06 (\"pps: Fix a use-after-free\"),\npps_register_cdev() call device_create() to create pps-\u003edev, which will\ninit dev-\u003erelease to device_create_release(). Now the comment is outdated,\njust remove it.\n\nThanks for the reminder from Calvin Owens, \u0027kfree_pps\u0027 should be removed\nin pps_register_source() to avoid a double free in the failure case.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40070"
},
{
"cve": "CVE-2025-40078",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Explicitly check accesses to bpf_sock_addr\n\nSyzkaller found a kernel warning on the following sock_addr program:\n\n 0: r0 = 0\n 1: r2 = *(u32 *)(r1 +60)\n 2: exit\n\nwhich triggers:\n\n verifier bug: error during ctx access conversion (0)\n\nThis is happening because offset 60 in bpf_sock_addr corresponds to an\nimplicit padding of 4 bytes, right after msg_src_ip4. Access to this\npadding isn\u0027t rejected in sock_addr_is_valid_access and it thus later\nfails to convert the access.\n\nThis patch fixes it by explicitly checking the various fields of\nbpf_sock_addr in sock_addr_is_valid_access.\n\nI checked the other ctx structures and is_valid_access functions and\ndidn\u0027t find any other similar cases. Other cases of (properly handled)\npadding are covered in new tests in a subsequent patch.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40078"
},
{
"cve": "CVE-2025-40080",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: restrict sockets to TCP and UDP\n\nRecently, syzbot started to abuse NBD with all kinds of sockets.\n\nCommit cf1b2326b734 (\"nbd: verify socket is supported during setup\")\nmade sure the socket supported a shutdown() method.\n\nExplicitely accept TCP and UNIX stream sockets.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40080"
},
{
"cve": "CVE-2025-40105",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfs: Don\u0027t leak disconnected dentries on umount\n\nWhen user calls open_by_handle_at() on some inode that is not cached, we\nwill create disconnected dentry for it. If such dentry is a directory,\nexportfs_decode_fh_raw() will then try to connect this dentry to the\ndentry tree through reconnect_path(). It may happen for various reasons\n(such as corrupted fs or race with rename) that the call to\nlookup_one_unlocked() in reconnect_one() will fail to find the dentry we\nare trying to reconnect and instead create a new dentry under the\nparent. Now this dentry will not be marked as disconnected although the\nparent still may well be disconnected (at least in case this\ninconsistency happened because the fs is corrupted and .. doesn\u0027t point\nto the real parent directory). This creates inconsistency in\ndisconnected flags but AFAICS it was mostly harmless. At least until\ncommit f1ee616214cb (\"VFS: don\u0027t keep disconnected dentries on d_anon\")\nwhich removed adding of most disconnected dentries to sb-\u003es_anon list.\nThus after this commit cleanup of disconnected dentries implicitely\nrelies on the fact that dput() will immediately reclaim such dentries.\nHowever when some leaf dentry isn\u0027t marked as disconnected, as in the\nscenario described above, the reclaim doesn\u0027t happen and the dentries\nare \"leaked\". Memory reclaim can eventually reclaim them but otherwise\nthey stay in memory and if umount comes first, we hit infamous \"Busy\ninodes after unmount\" bug. Make sure all dentries created under a\ndisconnected parent are marked as disconnected as well.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40105"
},
{
"cve": "CVE-2025-40135",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU in ip6_xmit()\n\nUse RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent\npossible UAF.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40135"
},
{
"cve": "CVE-2025-40149",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().\n\nget_netdev_for_sock() is called during setsockopt(),\nso not under RCU.\n\nUsing sk_dst_get(sk)-\u003edev could trigger UAF.\n\nLet\u0027s use __sk_dst_get() and dst_dev_rcu().\n\nNote that the only -\u003endo_sk_get_lower_dev() user is\nbond_sk_get_lower_dev(), which uses RCU.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40149"
},
{
"cve": "CVE-2025-40219",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/IOV: Fix race between SR-IOV enable/disable and hotplug\n\nCommit 05703271c3cd (\"PCI/IOV: Add PCI rescan-remove locking when\nenabling/disabling SR-IOV\") tried to fix a race between the VF removal\ninside sriov_del_vfs() and concurrent hot unplug by taking the PCI\nrescan/remove lock in sriov_del_vfs(). Similarly the PCI rescan/remove lock\nwas also taken in sriov_add_vfs() to protect addition of VFs.\n\nThis approach however causes deadlock on trying to remove PFs with SR-IOV\nenabled because PFs disable SR-IOV during removal and this removal happens\nunder the PCI rescan/remove lock. So the original fix had to be reverted.\n\nInstead of taking the PCI rescan/remove lock in sriov_add_vfs() and\nsriov_del_vfs(), fix the race that occurs with SR-IOV enable and disable vs\nhotplug higher up in the callchain by taking the lock in\nsriov_numvfs_store() before calling into the driver\u0027s sriov_configure()\ncallback.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40219"
},
{
"cve": "CVE-2025-40261",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: nvme-fc: Ensure -\u003eioerr_work is cancelled in nvme_fc_delete_ctrl()\n\nnvme_fc_delete_assocation() waits for pending I/O to complete before\nreturning, and an error can cause -\u003eioerr_work to be queued after\ncancel_work_sync() had been called. Move the call to cancel_work_sync() to\nbe after nvme_fc_delete_association() to ensure -\u003eioerr_work is not running\nwhen the nvme_fc_ctrl object is freed. Otherwise the following can occur:\n\n[ 1135.911754] list_del corruption, ff2d24c8093f31f8-\u003enext is NULL\n[ 1135.917705] ------------[ cut here ]------------\n[ 1135.922336] kernel BUG at lib/list_debug.c:52!\n[ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary)\n[ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025\n[ 1135.950969] Workqueue: 0x0 (nvme-wq)\n[ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff \u003c0f\u003e 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b\n[ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046\n[ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000\n[ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0\n[ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08\n[ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100\n[ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0\n[ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000\n[ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0\n[ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 1136.055910] PKRU: 55555554\n[ 1136.058623] Call Trace:\n[ 1136.061074] \u003cTASK\u003e\n[ 1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.071898] ? move_linked_works+0x4a/0xa0\n[ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.081744] ? __die_body.cold+0x8/0x12\n[ 1136.085584] ? die+0x2e/0x50\n[ 1136.088469] ? do_trap+0xca/0x110\n[ 1136.091789] ? do_error_trap+0x65/0x80\n[ 1136.095543] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.101289] ? exc_invalid_op+0x50/0x70\n[ 1136.105127] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20\n[ 1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.120806] move_linked_works+0x4a/0xa0\n[ 1136.124733] worker_thread+0x216/0x3a0\n[ 1136.128485] ? __pfx_worker_thread+0x10/0x10\n[ 1136.132758] kthread+0xfa/0x240\n[ 1136.135904] ? __pfx_kthread+0x10/0x10\n[ 1136.139657] ret_from_fork+0x31/0x50\n[ 1136.143236] ? __pfx_kthread+0x10/0x10\n[ 1136.146988] ret_from_fork_asm+0x1a/0x30\n[ 1136.150915] \u003c/TASK\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40261"
},
{
"cve": "CVE-2025-40300",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/vmscape: Add conditional IBPB mitigation\n\nVMSCAPE is a vulnerability that exploits insufficient branch predictor\nisolation between a guest and a userspace hypervisor (like QEMU). Existing\nmitigations already protect kernel/KVM from a malicious guest. Userspace\ncan additionally be protected by flushing the branch predictors after a\nVMexit.\n\nSince it is the userspace that consumes the poisoned branch predictors,\nconditionally issue an IBPB after a VMexit and before returning to\nuserspace. Workloads that frequently switch between hypervisor and\nuserspace will incur the most overhead from the new IBPB.\n\nThis new IBPB is not integrated with the existing IBPB sites. For\ninstance, a task can use the existing speculation control prctl() to\nget an IBPB at context switch time. With this implementation, the\nIBPB is doubled up: one at context switch and another before running\nuserspace.\n\nThe intent is to integrate and optimize these cases post-embargo.\n\n[ dhansen: elaborate on suboptimal IBPB solution ]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40300"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-61984"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows the \u0027\\0\u0027 character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-61985"
},
{
"cve": "CVE-2025-68206",
"cwe": {
"id": "CWE-166",
"name": "Improper Handling of Missing Special Element"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: add seqadj extension for natted connections\n\nSequence adjustment may be required for FTP traffic with PASV/EPSV modes.\ndue to need to re-write packet payload (IP, port) on the ftp control\nconnection. This can require changes to the TCP length and expected\nseq / ack_seq.\n\nThe easiest way to reproduce this issue is with PASV mode.\nExample ruleset:\ntable inet ftp_nat {\n ct helper ftp_helper {\n type \"ftp\" protocol tcp\n l3proto inet\n }\n\n chain prerouting {\n type filter hook prerouting priority 0; policy accept;\n tcp dport 21 ct state new ct helper set \"ftp_helper\"\n }\n}\ntable ip nat {\n chain prerouting {\n type nat hook prerouting priority -100; policy accept;\n tcp dport 21 dnat ip prefix to ip daddr map {\n\t\t\t192.168.100.1 : 192.168.13.2/32 }\n }\n\n chain postrouting {\n type nat hook postrouting priority 100 ; policy accept;\n tcp sport 21 snat ip prefix to ip saddr map {\n\t\t\t192.168.13.2 : 192.168.100.1/32 }\n }\n}\n\nNote that the ftp helper gets assigned *after* the dnat setup.\n\nThe inverse (nat after helper assign) is handled by an existing\ncheck in nf_nat_setup_info() and will not show the problem.\n\nTopoloy:\n\n +-------------------+ +----------------------------------+\n | FTP: 192.168.13.2 | \u003c-\u003e | NAT: 192.168.13.3, 192.168.100.1 |\n +-------------------+ +----------------------------------+\n |\n +-----------------------+\n | Client: 192.168.100.2 |\n +-----------------------+\n\nftp nat changes do not work as expected in this case:\nConnected to 192.168.100.1.\n[..]\nftp\u003e epsv\nEPSV/EPRT on IPv4 off.\nftp\u003e ls\n227 Entering passive mode (192,168,100,1,209,129).\n421 Service not available, remote server has closed connection.\n\nKernel logs:\nMissing nfct_seqadj_ext_add() setup call\nWARNING: CPU: 1 PID: 0 at net/netfilter/nf_conntrack_seqadj.c:41\n[..]\n __nf_nat_mangle_tcp_packet+0x100/0x160 [nf_nat]\n nf_nat_ftp+0x142/0x280 [nf_nat_ftp]\n help+0x4d1/0x880 [nf_conntrack_ftp]\n nf_confirm+0x122/0x2e0 [nf_conntrack]\n nf_hook_slow+0x3c/0xb0\n ..\n\nFix this by adding the required extension when a conntrack helper is assigned\nto a connection that has a nat binding.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68206"
},
{
"cve": "CVE-2025-68261",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: add i_data_sem protection in ext4_destroy_inline_data_nolock()\n\nFix a race between inline data destruction and block mapping.\n\nThe function ext4_destroy_inline_data_nolock() changes the inode data\nlayout by clearing EXT4_INODE_INLINE_DATA and setting EXT4_INODE_EXTENTS.\nAt the same time, another thread may execute ext4_map_blocks(), which\ntests EXT4_INODE_EXTENTS to decide whether to call ext4_ext_map_blocks()\nor ext4_ind_map_blocks().\n\nWithout i_data_sem protection, ext4_ind_map_blocks() may receive inode\nwith EXT4_INODE_EXTENTS flag and triggering assert.\n\nkernel BUG at fs/ext4/indirect.c:546!\nEXT4-fs (loop2): unmounting filesystem.\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nRIP: 0010:ext4_ind_map_blocks.cold+0x2b/0x5a fs/ext4/indirect.c:546\n\nCall Trace:\n \u003cTASK\u003e\n ext4_map_blocks+0xb9b/0x16f0 fs/ext4/inode.c:681\n _ext4_get_block+0x242/0x590 fs/ext4/inode.c:822\n ext4_block_write_begin+0x48b/0x12c0 fs/ext4/inode.c:1124\n ext4_write_begin+0x598/0xef0 fs/ext4/inode.c:1255\n ext4_da_write_begin+0x21e/0x9c0 fs/ext4/inode.c:3000\n generic_perform_write+0x259/0x5d0 mm/filemap.c:3846\n ext4_buffered_write_iter+0x15b/0x470 fs/ext4/file.c:285\n ext4_file_write_iter+0x8e0/0x17f0 fs/ext4/file.c:679\n call_write_iter include/linux/fs.h:2271 [inline]\n do_iter_readv_writev+0x212/0x3c0 fs/read_write.c:735\n do_iter_write+0x186/0x710 fs/read_write.c:861\n vfs_iter_write+0x70/0xa0 fs/read_write.c:902\n iter_file_splice_write+0x73b/0xc90 fs/splice.c:685\n do_splice_from fs/splice.c:763 [inline]\n direct_splice_actor+0x10f/0x170 fs/splice.c:950\n splice_direct_to_actor+0x33a/0xa10 fs/splice.c:896\n do_splice_direct+0x1a9/0x280 fs/splice.c:1002\n do_sendfile+0xb13/0x12c0 fs/read_write.c:1255\n __do_sys_sendfile64 fs/read_write.c:1323 [inline]\n __se_sys_sendfile64 fs/read_write.c:1309 [inline]\n __x64_sys_sendfile64+0x1cf/0x210 fs/read_write.c:1309\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68261"
},
{
"cve": "CVE-2025-68264",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: refresh inline data size before write operations\n\nThe cached ei-\u003ei_inline_size can become stale between the initial size\ncheck and when ext4_update_inline_data()/ext4_create_inline_data() use\nit. Although ext4_get_max_inline_size() reads the correct value at the\ntime of the check, concurrent xattr operations can modify i_inline_size\nbefore ext4_write_lock_xattr() is acquired.\n\nThis causes ext4_update_inline_data() and ext4_create_inline_data() to\nwork with stale capacity values, leading to a BUG_ON() crash in\next4_write_inline_data():\n\n kernel BUG at fs/ext4/inline.c:1331!\n BUG_ON(pos + len \u003e EXT4_I(inode)-\u003ei_inline_size);\n\nThe race window:\n1. ext4_get_max_inline_size() reads i_inline_size = 60 (correct)\n2. Size check passes for 50-byte write\n3. [Another thread adds xattr, i_inline_size changes to 40]\n4. ext4_write_lock_xattr() acquires lock\n5. ext4_update_inline_data() uses stale i_inline_size = 60\n6. Attempts to write 50 bytes but only 40 bytes actually available\n7. BUG_ON() triggers\n\nFix this by recalculating i_inline_size via ext4_find_inline_data_nolock()\nimmediately after acquiring xattr_sem. This ensures ext4_update_inline_data()\nand ext4_create_inline_data() work with current values that are protected\nfrom concurrent modifications.\n\nThis is similar to commit a54c4613dac1 (\"ext4: fix race writing to an\ninline_data file while its xattrs are changing\") which fixed i_inline_off\nstaleness. This patch addresses the related i_inline_size staleness issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68264"
},
{
"cve": "CVE-2025-68265",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix admin request_queue lifetime\n\nThe namespaces can access the controller\u0027s admin request_queue, and\nstale references on the namespaces may exist after tearing down the\ncontroller. Ensure the admin request_queue is active by moving the\ncontroller\u0027s \u0027put\u0027 to after all controller references have been released\nto ensure no one is can access the request_queue. This fixes a reported\nuse-after-free bug:\n\n BUG: KASAN: slab-use-after-free in blk_queue_enter+0x41c/0x4a0\n Read of size 8 at addr ffff88c0a53819f8 by task nvme/3287\n CPU: 67 UID: 0 PID: 3287 Comm: nvme Tainted: G E 6.13.2-ga1582f1a031e #15\n Tainted: [E]=UNSIGNED_MODULE\n Hardware name: Jabil /EGS 2S MB1, BIOS 1.00 06/18/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4f/0x60\n print_report+0xc4/0x620\n ? _raw_spin_lock_irqsave+0x70/0xb0\n ? _raw_read_unlock_irqrestore+0x30/0x30\n ? blk_queue_enter+0x41c/0x4a0\n kasan_report+0xab/0xe0\n ? blk_queue_enter+0x41c/0x4a0\n blk_queue_enter+0x41c/0x4a0\n ? __irq_work_queue_local+0x75/0x1d0\n ? blk_queue_start_drain+0x70/0x70\n ? irq_work_queue+0x18/0x20\n ? vprintk_emit.part.0+0x1cc/0x350\n ? wake_up_klogd_work_func+0x60/0x60\n blk_mq_alloc_request+0x2b7/0x6b0\n ? __blk_mq_alloc_requests+0x1060/0x1060\n ? __switch_to+0x5b7/0x1060\n nvme_submit_user_cmd+0xa9/0x330\n nvme_user_cmd.isra.0+0x240/0x3f0\n ? force_sigsegv+0xe0/0xe0\n ? nvme_user_cmd64+0x400/0x400\n ? vfs_fileattr_set+0x9b0/0x9b0\n ? cgroup_update_frozen_flag+0x24/0x1c0\n ? cgroup_leave_frozen+0x204/0x330\n ? nvme_ioctl+0x7c/0x2c0\n blkdev_ioctl+0x1a8/0x4d0\n ? blkdev_common_ioctl+0x1930/0x1930\n ? fdget+0x54/0x380\n __x64_sys_ioctl+0x129/0x190\n do_syscall_64+0x5b/0x160\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x7f765f703b0b\n Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d dd 52 0f 00 f7 d8 64 89 01 48\n RSP: 002b:00007ffe2cefe808 EFLAGS: 00000202 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007ffe2cefe860 RCX: 00007f765f703b0b\n RDX: 00007ffe2cefe860 RSI: 00000000c0484e41 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000000\n R10: 00007f765f611d50 R11: 0000000000000202 R12: 0000000000000003\n R13: 00000000c0484e41 R14: 0000000000000001 R15: 00007ffe2cefea60\n \u003c/TASK\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68265"
},
{
"cve": "CVE-2025-68266",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbfs: Reconstruct file type when loading from disk\n\nsyzbot is reporting that S_IFMT bits of inode-\u003ei_mode can become bogus when\nthe S_IFMT bits of the 32bits \"mode\" field loaded from disk are corrupted\nor when the 32bits \"attributes\" field loaded from disk are corrupted.\n\nA documentation says that BFS uses only lower 9 bits of the \"mode\" field.\nBut I can\u0027t find an explicit explanation that the unused upper 23 bits\n(especially, the S_IFMT bits) are initialized with 0.\n\nTherefore, ignore the S_IFMT bits of the \"mode\" field loaded from disk.\nAlso, verify that the value of the \"attributes\" field loaded from disk is\neither BFS_VREG or BFS_VDIR (because BFS supports only regular files and\nthe root directory).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68266"
},
{
"cve": "CVE-2025-68291",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: Initialise rcv_mss before calling tcp_send_active_reset() in mptcp_do_fastclose().\n\nsyzbot reported divide-by-zero in __tcp_select_window() by\nMPTCP socket. [0]\n\nWe had a similar issue for the bare TCP and fixed in commit\n499350a5a6e7 (\"tcp: initialize rcv_mss to TCP_MIN_MSS instead\nof 0\").\n\nLet\u0027s apply the same fix to mptcp_do_fastclose().\n\n[0]:\nOops: divide error: 0000 [#1] SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6068 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nRIP: 0010:__tcp_select_window+0x824/0x1320 net/ipv4/tcp_output.c:3336\nCode: ff ff ff 44 89 f1 d3 e0 89 c1 f7 d1 41 01 cc 41 21 c4 e9 a9 00 00 00 e8 ca 49 01 f8 e9 9c 00 00 00 e8 c0 49 01 f8 44 89 e0 99 \u003cf7\u003e 7c 24 1c 41 29 d4 48 bb 00 00 00 00 00 fc ff df e9 80 00 00 00\nRSP: 0018:ffffc90003017640 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88807b469e40\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc90003017730 R08: ffff888033268143 R09: 1ffff1100664d028\nR10: dffffc0000000000 R11: ffffed100664d029 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\nFS: 000055557faa0500(0000) GS:ffff888126135000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f64a1912ff8 CR3: 0000000072122000 CR4: 00000000003526f0\nCall Trace:\n \u003cTASK\u003e\n tcp_select_window net/ipv4/tcp_output.c:281 [inline]\n __tcp_transmit_skb+0xbc7/0x3aa0 net/ipv4/tcp_output.c:1568\n tcp_transmit_skb net/ipv4/tcp_output.c:1649 [inline]\n tcp_send_active_reset+0x2d1/0x5b0 net/ipv4/tcp_output.c:3836\n mptcp_do_fastclose+0x27e/0x380 net/mptcp/protocol.c:2793\n mptcp_disconnect+0x238/0x710 net/mptcp/protocol.c:3253\n mptcp_sendmsg_fastopen+0x2f8/0x580 net/mptcp/protocol.c:1776\n mptcp_sendmsg+0x1774/0x1980 net/mptcp/protocol.c:1855\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg+0xe5/0x270 net/socket.c:742\n __sys_sendto+0x3bd/0x520 net/socket.c:2244\n __do_sys_sendto net/socket.c:2251 [inline]\n __se_sys_sendto net/socket.c:2247 [inline]\n __x64_sys_sendto+0xde/0x100 net/socket.c:2247\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f66e998f749\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffff9acedb8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f66e9be5fa0 RCX: 00007f66e998f749\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007ffff9acee10 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007f66e9be5fa0 R14: 00007f66e9be5fa0 R15: 0000000000000006\n \u003c/TASK\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68291"
},
{
"cve": "CVE-2025-68337",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted\n\nThere\u0027s issue when file system corrupted:\n------------[ cut here ]------------\nkernel BUG at fs/jbd2/transaction.c:1289!\nOops: invalid opcode: 0000 [#1] SMP KASAN PTI\nCPU: 5 UID: 0 PID: 2031 Comm: mkdir Not tainted 6.18.0-rc1-next\nRIP: 0010:jbd2_journal_get_create_access+0x3b6/0x4d0\nRSP: 0018:ffff888117aafa30 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: ffff88811a86b000 RCX: ffffffff89a63534\nRDX: 1ffff110200ec602 RSI: 0000000000000004 RDI: ffff888100763010\nRBP: ffff888100763000 R08: 0000000000000001 R09: ffff888100763028\nR10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000\nR13: ffff88812c432000 R14: ffff88812c608000 R15: ffff888120bfc000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f91d6970c99 CR3: 00000001159c4000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n __ext4_journal_get_create_access+0x42/0x170\n ext4_getblk+0x319/0x6f0\n ext4_bread+0x11/0x100\n ext4_append+0x1e6/0x4a0\n ext4_init_new_dir+0x145/0x1d0\n ext4_mkdir+0x326/0x920\n vfs_mkdir+0x45c/0x740\n do_mkdirat+0x234/0x2f0\n __x64_sys_mkdir+0xd6/0x120\n do_syscall_64+0x5f/0xfa0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe above issue occurs with us in errors=continue mode when accompanied by\nstorage failures. There have been many inconsistencies in the file system\ndata.\nIn the case of file system data inconsistency, for example, if the block\nbitmap of a referenced block is not set, it can lead to the situation where\na block being committed is allocated and used again. As a result, the\nfollowing condition will not be satisfied then trigger BUG_ON. Of course,\nit is entirely possible to construct a problematic image that can trigger\nthis BUG_ON through specific operations. In fact, I have constructed such\nan image and easily reproduced this issue.\nTherefore, J_ASSERT() holds true only under ideal conditions, but it may\nnot necessarily be satisfied in exceptional scenarios. Using J_ASSERT()\ndirectly in abnormal situations would cause the system to crash, which is\nclearly not what we want. So here we directly trigger a JBD abort instead\nof immediately invoking BUG_ON.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68337"
},
{
"cve": "CVE-2025-68349",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid\n\nFixes a crash when layout is null during this call stack:\n\nwrite_inode\n -\u003e nfs4_write_inode\n -\u003e pnfs_layoutcommit_inode\n\npnfs_set_layoutcommit relies on the lseg refcount to keep the layout\naround. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt\nto reference a null layout.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68349"
},
{
"cve": "CVE-2025-68363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check skb-\u003etransport_header is set in bpf_skb_check_mtu\n\nThe bpf_skb_check_mtu helper needs to use skb-\u003etransport_header when\nthe BPF_MTU_CHK_SEGS flag is used:\n\n\tbpf_skb_check_mtu(skb, ifindex, \u0026mtu_len, 0, BPF_MTU_CHK_SEGS)\n\nThe transport_header is not always set. There is a WARN_ON_ONCE\nreport when CONFIG_DEBUG_NET is enabled + skb-\u003egso_size is set +\nbpf_prog_test_run is used:\n\nWARNING: CPU: 1 PID: 2216 at ./include/linux/skbuff.h:3071\n skb_gso_validate_network_len\n bpf_skb_check_mtu\n bpf_prog_3920e25740a41171_tc_chk_segs_flag # A test in the next patch\n bpf_test_run\n bpf_prog_test_run_skb\n\nFor a normal ingress skb (not test_run), skb_reset_transport_header\nis performed but there is plan to avoid setting it as described in\ncommit 2170a1f09148 (\"net: no longer reset transport_header in __netif_receive_skb_core()\").\n\nThis patch fixes the bpf helper by checking\nskb_transport_header_was_set(). The check is done just before\nskb-\u003etransport_header is used, to avoid breaking the existing bpf prog.\nThe WARN_ON_ONCE is limited to bpf_prog_test_run, so targeting bpf-next.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68363"
},
{
"cve": "CVE-2025-68371",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: smartpqi: Fix device resources accessed after device removal\n\nCorrect possible race conditions during device removal.\n\nPreviously, a scheduled work item to reset a LUN could still execute\nafter the device was removed, leading to use-after-free and other\nresource access issues.\n\nThis race condition occurs because the abort handler may schedule a LUN\nreset concurrently with device removal via sdev_destroy(), leading to\nuse-after-free and improper access to freed resources.\n\n - Check in the device reset handler if the device is still present in\n the controller\u0027s SCSI device list before running; if not, the reset\n is skipped.\n\n - Cancel any pending TMF work that has not started in sdev_destroy().\n\n - Ensure device freeing in sdev_destroy() is done while holding the\n LUN reset mutex to avoid races with ongoing resets.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68371"
},
{
"cve": "CVE-2025-68724",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id\n\nUse check_add_overflow() to guard against potential integer overflows\nwhen adding the binary blob lengths and the size of an asymmetric_key_id\nstructure and return ERR_PTR(-EOVERFLOW) accordingly. This prevents a\npossible buffer overflow when copying data from potentially malicious\nX.509 certificate fields that can be arbitrarily large, such as ASN.1\nINTEGER serial numbers, issuer names, etc.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68724"
},
{
"cve": "CVE-2025-68725",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Do not let BPF test infra emit invalid GSO types to stack\n\nYinhao et al. reported that their fuzzer tool was able to trigger a\nskb_warn_bad_offload() from netif_skb_features() -\u003e gso_features_check().\nWhen a BPF program - triggered via BPF test infra - pushes the packet\nto the loopback device via bpf_clone_redirect() then mentioned offload\nwarning can be seen. GSO-related features are then rightfully disabled.\n\nWe get into this situation due to convert___skb_to_skb() setting\ngso_segs and gso_size but not gso_type. Technically, it makes sense\nthat this warning triggers since the GSO properties are malformed due\nto the gso_type. Potentially, the gso_type could be marked non-trustworthy\nthrough setting it at least to SKB_GSO_DODGY without any other specific\nassumptions, but that also feels wrong given we should not go further\ninto the GSO engine in the first place.\n\nThe checks were added in 121d57af308d (\"gso: validate gso_type in GSO\nhandlers\") because there were malicious (syzbot) senders that combine\na protocol with a non-matching gso_type. If we would want to drop such\npackets, gso_features_check() currently only returns feature flags via\nnetif_skb_features(), so one location for potentially dropping such skbs\ncould be validate_xmit_unreadable_skb(), but then otoh it would be\nan additional check in the fast-path for a very corner case. Given\nbpf_clone_redirect() is the only place where BPF test infra could emit\nsuch packets, lets reject them right there.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68725"
},
{
"cve": "CVE-2025-68742",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix invalid prog-\u003estats access when update_effective_progs fails\n\nSyzkaller triggers an invalid memory access issue following fault\ninjection in update_effective_progs. The issue can be described as\nfollows:\n\n__cgroup_bpf_detach\n update_effective_progs\n compute_effective_progs\n bpf_prog_array_alloc \u003c-- fault inject\n purge_effective_progs\n /* change to dummy_bpf_prog */\n array-\u003eitems[index] = \u0026dummy_bpf_prog.prog\n\n---softirq start---\n__do_softirq\n ...\n __cgroup_bpf_run_filter_skb\n __bpf_prog_run_save_cb\n bpf_prog_run\n stats = this_cpu_ptr(prog-\u003estats)\n /* invalid memory access */\n flags = u64_stats_update_begin_irqsave(\u0026stats-\u003esyncp)\n---softirq end---\n\n static_branch_dec(\u0026cgroup_bpf_enabled_key[atype])\n\nThe reason is that fault injection caused update_effective_progs to fail\nand then changed the original prog into dummy_bpf_prog.prog in\npurge_effective_progs. Then a softirq came, and accessing the members of\ndummy_bpf_prog.prog in the softirq triggers invalid mem access.\n\nTo fix it, skip updating stats when stats is NULL.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68742"
},
{
"cve": "CVE-2025-68764",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags\n\nWhen a filesystem is being automounted, it needs to preserve the\nuser-set superblock mount options, such as the \"ro\" flag.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68764"
},
{
"cve": "CVE-2025-68773",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-cpm: Check length parity before switching to 16 bit mode\n\nCommit fc96ec826bce (\"spi: fsl-cpm: Use 16 bit mode for large transfers\nwith even size\") failed to make sure that the size is really even\nbefore switching to 16 bit mode. Until recently the problem went\nunnoticed because kernfs uses a pre-allocated bounce buffer of size\nPAGE_SIZE for reading EEPROM.\n\nBut commit 8ad6249c51d0 (\"eeprom: at25: convert to spi-mem API\")\nintroduced an additional dynamically allocated bounce buffer whose size\nis exactly the size of the transfer, leading to a buffer overrun in\nthe fsl-cpm driver when that size is odd.\n\nAdd the missing length parity verification and remain in 8 bit mode\nwhen the length is not even.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68773"
},
{
"cve": "CVE-2025-68776",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/hsr: fix NULL pointer dereference in prp_get_untagged_frame()\n\nprp_get_untagged_frame() calls __pskb_copy() to create frame-\u003eskb_std\nbut doesn\u0027t check if the allocation failed. If __pskb_copy() returns\nNULL, skb_clone() is called with a NULL pointer, causing a crash:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000f: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000078-0x000000000000007f]\nCPU: 0 UID: 0 PID: 5625 Comm: syz.1.18 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:skb_clone+0xd7/0x3a0 net/core/skbuff.c:2041\nCode: 03 42 80 3c 20 00 74 08 4c 89 f7 e8 23 29 05 f9 49 83 3e 00 0f 85 a0 01 00 00 e8 94 dd 9d f8 48 8d 6b 7e 49 89 ee 49 c1 ee 03 \u003c43\u003e 0f b6 04 26 84 c0 0f 85 d1 01 00 00 44 0f b6 7d 00 41 83 e7 0c\nRSP: 0018:ffffc9000d00f200 EFLAGS: 00010207\nRAX: ffffffff892235a1 RBX: 0000000000000000 RCX: ffff88803372a480\nRDX: 0000000000000000 RSI: 0000000000000820 RDI: 0000000000000000\nRBP: 000000000000007e R08: ffffffff8f7d0f77 R09: 1ffffffff1efa1ee\nR10: dffffc0000000000 R11: fffffbfff1efa1ef R12: dffffc0000000000\nR13: 0000000000000820 R14: 000000000000000f R15: ffff88805144cc00\nFS: 0000555557f6d500(0000) GS:ffff88808d72f000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000555581d35808 CR3: 000000005040e000 CR4: 0000000000352ef0\nCall Trace:\n \u003cTASK\u003e\n hsr_forward_do net/hsr/hsr_forward.c:-1 [inline]\n hsr_forward_skb+0x1013/0x2860 net/hsr/hsr_forward.c:741\n hsr_handle_frame+0x6ce/0xa70 net/hsr/hsr_slave.c:84\n __netif_receive_skb_core+0x10b9/0x4380 net/core/dev.c:5966\n __netif_receive_skb_one_core net/core/dev.c:6077 [inline]\n __netif_receive_skb+0x72/0x380 net/core/dev.c:6192\n netif_receive_skb_internal net/core/dev.c:6278 [inline]\n netif_receive_skb+0x1cb/0x790 net/core/dev.c:6337\n tun_rx_batched+0x1b9/0x730 drivers/net/tun.c:1485\n tun_get_user+0x2b65/0x3e90 drivers/net/tun.c:1953\n tun_chr_write_iter+0x113/0x200 drivers/net/tun.c:1999\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x5c9/0xb30 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f0449f8e1ff\nCode: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48\nRSP: 002b:00007ffd7ad94c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 00007f044a1e5fa0 RCX: 00007f0449f8e1ff\nRDX: 000000000000003e RSI: 0000200000000500 RDI: 00000000000000c8\nRBP: 00007ffd7ad94d20 R08: 0000000000000000 R09: 0000000000000000\nR10: 000000000000003e R11: 0000000000000293 R12: 0000000000000001\nR13: 00007f044a1e5fa0 R14: 00007f044a1e5fa0 R15: 0000000000000003\n \u003c/TASK\u003e\n\nAdd a NULL check immediately after __pskb_copy() to handle allocation\nfailures gracefully.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68776"
},
{
"cve": "CVE-2025-68782",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: Reset t_task_cdb pointer in error case\n\nIf allocation of cmd-\u003et_task_cdb fails, it remains NULL but is later\ndereferenced in the \u0027err\u0027 path.\n\nIn case of error, reset NULL t_task_cdb value to point at the default\nfixed-size buffer.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68782"
},
{
"cve": "CVE-2025-68787",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Fix memory leak in nr_sendmsg()\n\nsyzbot reported a memory leak [1].\n\nWhen function sock_alloc_send_skb() return NULL in nr_output(), the\noriginal skb is not freed, which was allocated in nr_sendmsg(). Fix this\nby freeing it before return.\n\n[1]\nBUG: memory leak\nunreferenced object 0xffff888129f35500 (size 240):\n comm \"syz.0.17\", pid 6119, jiffies 4294944652\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 10 52 28 81 88 ff ff ..........R(....\n backtrace (crc 1456a3e4):\n kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]\n slab_post_alloc_hook mm/slub.c:4983 [inline]\n slab_alloc_node mm/slub.c:5288 [inline]\n kmem_cache_alloc_node_noprof+0x36f/0x5e0 mm/slub.c:5340\n __alloc_skb+0x203/0x240 net/core/skbuff.c:660\n alloc_skb include/linux/skbuff.h:1383 [inline]\n alloc_skb_with_frags+0x69/0x3f0 net/core/skbuff.c:6671\n sock_alloc_send_pskb+0x379/0x3e0 net/core/sock.c:2965\n sock_alloc_send_skb include/net/sock.h:1859 [inline]\n nr_sendmsg+0x287/0x450 net/netrom/af_netrom.c:1105\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n sock_write_iter+0x293/0x2a0 net/socket.c:1195\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x45d/0x710 fs/read_write.c:686\n ksys_write+0x143/0x170 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa4/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68787"
},
{
"cve": "CVE-2025-68788",
"cwe": {
"id": "CWE-360",
"name": "Trust of System Event Data"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsnotify: do not generate ACCESS/MODIFY events on child for special files\n\ninotify/fanotify do not allow users with no read access to a file to\nsubscribe to events (e.g. IN_ACCESS/IN_MODIFY), but they do allow the\nsame user to subscribe for watching events on children when the user\nhas access to the parent directory (e.g. /dev).\n\nUsers with no read access to a file but with read access to its parent\ndirectory can still stat the file and see if it was accessed/modified\nvia atime/mtime change.\n\nThe same is not true for special files (e.g. /dev/null). Users will not\ngenerally observe atime/mtime changes when other users read/write to\nspecial files, only when someone sets atime/mtime via utimensat().\n\nAlign fsnotify events with this stat behavior and do not generate\nACCESS/MODIFY events to parent watchers on read/write of special files.\nThe events are still generated to parent watchers on utimensat(). This\ncloses some side-channels that could be possibly used for information\nexfiltration [1].\n\n[1] https://snee.la/pdf/pubs/file-notification-attacks.pdf",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68788"
},
{
"cve": "CVE-2025-68798",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd: Check event before enable to avoid GPF\n\nOn AMD machines cpuc-\u003eevents[idx] can become NULL in a subtle race\ncondition with NMI-\u003ethrottle-\u003ex86_pmu_stop().\n\nCheck event for NULL in amd_pmu_enable_all() before enable to avoid a GPF.\nThis appears to be an AMD only issue.\n\nSyzkaller reported a GPF in amd_pmu_enable_all.\n\nINFO: NMI handler (perf_event_nmi_handler) took too long to run: 13.143\n msecs\nOops: general protection fault, probably for non-canonical address\n 0xdffffc0000000034: 0000 PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x00000000000001a0-0x00000000000001a7]\nCPU: 0 UID: 0 PID: 328415 Comm: repro_36674776 Not tainted 6.12.0-rc1-syzk\nRIP: 0010:x86_pmu_enable_event (arch/x86/events/perf_event.h:1195\n arch/x86/events/core.c:1430)\nRSP: 0018:ffff888118009d60 EFLAGS: 00010012\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000034 RSI: 0000000000000000 RDI: 00000000000001a0\nRBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002\nR13: ffff88811802a440 R14: ffff88811802a240 R15: ffff8881132d8601\nFS: 00007f097dfaa700(0000) GS:ffff888118000000(0000) GS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200001c0 CR3: 0000000103d56000 CR4: 00000000000006f0\nCall Trace:\n \u003cIRQ\u003e\namd_pmu_enable_all (arch/x86/events/amd/core.c:760 (discriminator 2))\nx86_pmu_enable (arch/x86/events/core.c:1360)\nevent_sched_out (kernel/events/core.c:1191 kernel/events/core.c:1186\n kernel/events/core.c:2346)\n__perf_remove_from_context (kernel/events/core.c:2435)\nevent_function (kernel/events/core.c:259)\nremote_function (kernel/events/core.c:92 (discriminator 1)\n kernel/events/core.c:72 (discriminator 1))\n__flush_smp_call_function_queue (./arch/x86/include/asm/jump_label.h:27\n ./include/linux/jump_label.h:207 ./include/trace/events/csd.h:64\n kernel/smp.c:135 kernel/smp.c:540)\n__sysvec_call_function_single (./arch/x86/include/asm/jump_label.h:27\n ./include/linux/jump_label.h:207\n ./arch/x86/include/asm/trace/irq_vectors.h:99 arch/x86/kernel/smp.c:272)\nsysvec_call_function_single (arch/x86/kernel/smp.c:266 (discriminator 47)\n arch/x86/kernel/smp.c:266 (discriminator 47))\n \u003c/IRQ\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68798"
},
{
"cve": "CVE-2025-68803",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: NFSv4 file creation neglects setting ACL\n\nAn NFSv4 client that sets an ACL with a named principal during file\ncreation retrieves the ACL afterwards, and finds that it is only a\ndefault ACL (based on the mode bits) and not the ACL that was\nrequested during file creation. This violates RFC 8881 section\n6.4.1.3: \"the ACL attribute is set as given\".\n\nThe issue occurs in nfsd_create_setattr(), which calls\nnfsd_attrs_valid() to determine whether to call nfsd_setattr().\nHowever, nfsd_attrs_valid() checks only for iattr changes and\nsecurity labels, but not POSIX ACLs. When only an ACL is present,\nthe function returns false, nfsd_setattr() is skipped, and the\nPOSIX ACL is never applied to the inode.\n\nSubsequently, when the client retrieves the ACL, the server finds\nno POSIX ACL on the inode and returns one generated from the file\u0027s\nmode bits rather than returning the originally-specified ACL.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68803"
},
{
"cve": "CVE-2025-68814",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix filename leak in __io_openat_prep()\n\n __io_openat_prep() allocates a struct filename using getname(). However,\nfor the condition of the file being installed in the fixed file table as\nwell as having O_CLOEXEC flag set, the function returns early. At that\npoint, the request doesn\u0027t have REQ_F_NEED_CLEANUP flag set. Due to this,\nthe memory for the newly allocated struct filename is not cleaned up,\ncausing a memory leak.\n\nFix this by setting the REQ_F_NEED_CLEANUP for the request just after the\nsuccessful getname() call, so that when the request is torn down, the\nfilename will be cleaned up, along with other resources needing cleanup.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68814"
},
{
"cve": "CVE-2025-68816",
"cwe": {
"id": "CWE-134",
"name": "Use of Externally-Controlled Format String"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: fw_tracer, Validate format string parameters\n\nAdd validation for format string parameters in the firmware tracer to\nprevent potential security vulnerabilities and crashes from malformed\nformat strings received from firmware.\n\nThe firmware tracer receives format strings from the device firmware and\nuses them to format trace messages. Without proper validation, bad\nfirmware could provide format strings with invalid format specifiers\n(e.g., %s, %p, %n) that could lead to crashes, or other undefined\nbehavior.\n\nAdd mlx5_tracer_validate_params() to validate that all format specifiers\nin trace strings are limited to safe integer/hex formats (%x, %d, %i,\n%u, %llx, %lx, etc.). Reject strings containing other format types that\ncould be used to access arbitrary memory or cause crashes.\nInvalid format strings are added to the trace output for visibility with\n\"BAD_FORMAT: \" prefix.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68816"
},
{
"cve": "CVE-2025-68818",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: Revert \"scsi: qla2xxx: Perform lockless command completion in abort path\"\n\nThis reverts commit 0367076b0817d5c75dfb83001ce7ce5c64d803a9.\n\nThe commit being reverted added code to __qla2x00_abort_all_cmds() to\ncall sp-\u003edone() without holding a spinlock. But unlike the older code\nbelow it, this new code failed to check sp-\u003ecmd_type and just assumed\nTYPE_SRB, which results in a jump to an invalid pointer in target-mode\nwith TYPE_TGT_CMD:\n\nqla2xxx [0000:65:00.0]-d034:8: qla24xx_do_nack_work create sess success\n 0000000009f7a79b\nqla2xxx [0000:65:00.0]-5003:8: ISP System Error - mbx1=1ff5h mbx2=10h\n mbx3=0h mbx4=0h mbx5=191h mbx6=0h mbx7=0h.\nqla2xxx [0000:65:00.0]-d01e:8: -\u003e fwdump no buffer\nqla2xxx [0000:65:00.0]-f03a:8: qla_target(0): System error async event\n 0x8002 occurred\nqla2xxx [0000:65:00.0]-00af:8: Performing ISP error recovery -\n ha=0000000058183fda.\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPF: supervisor instruction fetch in kernel mode\nPF: error_code(0x0010) - not-present page\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9446 Comm: qla2xxx_8_dpc Tainted: G O 6.1.133 #1\nHardware name: Supermicro Super Server/X11SPL-F, BIOS 4.2 12/15/2023\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at 0xffffffffffffffd6.\nRSP: 0018:ffffc90001f93dc8 EFLAGS: 00010206\nRAX: 0000000000000282 RBX: 0000000000000355 RCX: ffff88810d16a000\nRDX: ffff88810dbadaa8 RSI: 0000000000080000 RDI: ffff888169dc38c0\nRBP: ffff888169dc38c0 R08: 0000000000000001 R09: 0000000000000045\nR10: ffffffffa034bdf0 R11: 0000000000000000 R12: ffff88810800bb40\nR13: 0000000000001aa8 R14: ffff888100136610 R15: ffff8881070f7400\nFS: 0000000000000000(0000) GS:ffff88bf80080000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffffffffd6 CR3: 000000010c8ff006 CR4: 00000000003706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x4d/0x8b\n ? page_fault_oops+0x91/0x180\n ? trace_buffer_unlock_commit_regs+0x38/0x1a0\n ? exc_page_fault+0x391/0x5e0\n ? asm_exc_page_fault+0x22/0x30\n __qla2x00_abort_all_cmds+0xcb/0x3e0 [qla2xxx_scst]\n qla2x00_abort_all_cmds+0x50/0x70 [qla2xxx_scst]\n qla2x00_abort_isp_cleanup+0x3b7/0x4b0 [qla2xxx_scst]\n qla2x00_abort_isp+0xfd/0x860 [qla2xxx_scst]\n qla2x00_do_dpc+0x581/0xa40 [qla2xxx_scst]\n kthread+0xa8/0xd0\n \u003c/TASK\u003e\n\nThen commit 4475afa2646d (\"scsi: qla2xxx: Complete command early within\nlock\") added the spinlock back, because not having the lock caused a\nrace and a crash. But qla2x00_abort_srb() in the switch below already\nchecks for qla2x00_chip_is_down() and handles it the same way, so the\ncode above the switch is now redundant and still buggy in target-mode.\nRemove it.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68818"
},
{
"cve": "CVE-2025-68820",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: xattr: fix null pointer deref in ext4_raw_inode()\n\nIf ext4_get_inode_loc() fails (e.g. if it returns -EFSCORRUPTED),\niloc.bh will remain set to NULL. Since ext4_xattr_inode_dec_ref_all()\nlacks error checking, this will lead to a null pointer dereference\nin ext4_raw_inode(), called right after ext4_get_inode_loc().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-68820"
},
{
"cve": "CVE-2025-71064",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: using the num_tqps in the vf driver to apply for resources\n\nCurrently, hdev-\u003ehtqp is allocated using hdev-\u003enum_tqps, and kinfo-\u003etqp\nis allocated using kinfo-\u003enum_tqps. However, kinfo-\u003enum_tqps is set to\nmin(new_tqps, hdev-\u003enum_tqps); Therefore, kinfo-\u003enum_tqps may be smaller\nthan hdev-\u003enum_tqps, which causes some hdev-\u003ehtqp[i] to remain\nuninitialized in hclgevf_knic_setup().\n\nThus, this patch allocates hdev-\u003ehtqp and kinfo-\u003etqp using hdev-\u003enum_tqps,\nensuring that the lengths of hdev-\u003ehtqp and kinfo-\u003etqp are consistent\nand that all elements are properly initialized.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71064"
},
{
"cve": "CVE-2025-71075",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: aic94xx: fix use-after-free in device removal path\n\nThe asd_pci_remove() function fails to synchronize with pending tasklets\nbefore freeing the asd_ha structure, leading to a potential\nuse-after-free vulnerability.\n\nWhen a device removal is triggered (via hot-unplug or module unload),\nrace condition can occur.\n\nThe fix adds tasklet_kill() before freeing the asd_ha structure,\nensuring all scheduled tasklets complete before cleanup proceeds.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71075"
},
{
"cve": "CVE-2025-71079",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write\n\nA deadlock can occur between nfc_unregister_device() and rfkill_fop_write()\ndue to lock ordering inversion between device_lock and rfkill_global_mutex.\n\nThe problematic lock order is:\n\nThread A (rfkill_fop_write):\n rfkill_fop_write()\n mutex_lock(\u0026rfkill_global_mutex)\n rfkill_set_block()\n nfc_rfkill_set_block()\n nfc_dev_down()\n device_lock(\u0026dev-\u003edev) \u003c- waits for device_lock\n\nThread B (nfc_unregister_device):\n nfc_unregister_device()\n device_lock(\u0026dev-\u003edev)\n rfkill_unregister()\n mutex_lock(\u0026rfkill_global_mutex) \u003c- waits for rfkill_global_mutex\n\nThis creates a classic ABBA deadlock scenario.\n\nFix this by moving rfkill_unregister() and rfkill_destroy() outside the\ndevice_lock critical section. Store the rfkill pointer in a local variable\nbefore releasing the lock, then call rfkill_unregister() after releasing\ndevice_lock.\n\nThis change is safe because rfkill_fop_write() holds rfkill_global_mutex\nwhile calling the rfkill callbacks, and rfkill_unregister() also acquires\nrfkill_global_mutex before cleanup. Therefore, rfkill_unregister() will\nwait for any ongoing callback to complete before proceeding, and\ndevice_del() is only called after rfkill_unregister() returns, preventing\nany use-after-free.\n\nThe similar lock ordering in nfc_register_device() (device_lock -\u003e\nrfkill_global_mutex via rfkill_register) is safe because during\nregistration the device is not yet in rfkill_list, so no concurrent\nrfkill operations can occur on this device.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71079"
},
{
"cve": "CVE-2025-71085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()\n\nThere exists a kernel oops caused by a BUG_ON(nhead \u003c 0) at\nnet/core/skbuff.c:2232 in pskb_expand_head().\nThis bug is triggered as part of the calipso_skbuff_setattr()\nroutine when skb_cow() is passed headroom \u003e INT_MAX\n(i.e. (int)(skb_headroom(skb) + len_delta) \u003c 0).\n\nThe root cause of the bug is due to an implicit integer cast in\n__skb_cow(). The check (headroom \u003e skb_headroom(skb)) is meant to ensure\nthat delta = headroom - skb_headroom(skb) is never negative, otherwise\nwe will trigger a BUG_ON in pskb_expand_head(). However, if\nheadroom \u003e INT_MAX and delta \u003c= -NET_SKB_PAD, the check passes, delta\nbecomes negative, and pskb_expand_head() is passed a negative value for\nnhead.\n\nFix the trigger condition in calipso_skbuff_setattr(). Avoid passing\n\"negative\" headroom sizes to skb_cow() within calipso_skbuff_setattr()\nby only using skb_cow() to grow headroom.\n\nPoC:\n\tUsing `netlabelctl` tool:\n\n netlabelctl map del default\n netlabelctl calipso add pass doi:7\n netlabelctl map add default address:0::1/128 protocol:calipso,7\n\n Then run the following PoC:\n\n int fd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);\n\n // setup msghdr\n int cmsg_size = 2;\n int cmsg_len = 0x60;\n struct msghdr msg;\n struct sockaddr_in6 dest_addr;\n struct cmsghdr * cmsg = (struct cmsghdr *) calloc(1,\n sizeof(struct cmsghdr) + cmsg_len);\n msg.msg_name = \u0026dest_addr;\n msg.msg_namelen = sizeof(dest_addr);\n msg.msg_iov = NULL;\n msg.msg_iovlen = 0;\n msg.msg_control = cmsg;\n msg.msg_controllen = cmsg_len;\n msg.msg_flags = 0;\n\n // setup sockaddr\n dest_addr.sin6_family = AF_INET6;\n dest_addr.sin6_port = htons(31337);\n dest_addr.sin6_flowinfo = htonl(31337);\n dest_addr.sin6_addr = in6addr_loopback;\n dest_addr.sin6_scope_id = 31337;\n\n // setup cmsghdr\n cmsg-\u003ecmsg_len = cmsg_len;\n cmsg-\u003ecmsg_level = IPPROTO_IPV6;\n cmsg-\u003ecmsg_type = IPV6_HOPOPTS;\n char * hop_hdr = (char *)cmsg + sizeof(struct cmsghdr);\n hop_hdr[1] = 0x9; //set hop size - (0x9 + 1) * 8 = 80\n\n sendmsg(fd, \u0026msg, 0);",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71085"
},
{
"cve": "CVE-2025-71086",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix invalid array index in rose_kill_by_device()\n\nrose_kill_by_device() collects sockets into a local array[] and then\niterates over them to disconnect sockets bound to a device being brought\ndown.\n\nThe loop mistakenly indexes array[cnt] instead of array[i]. For cnt \u003c\nARRAY_SIZE(array), this reads an uninitialized entry; for cnt ==\nARRAY_SIZE(array), it is an out-of-bounds read. Either case can lead to\nan invalid socket pointer dereference and also leaks references taken\nvia sock_hold().\n\nFix the index to use i.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71086"
},
{
"cve": "CVE-2025-71088",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fallback earlier on simult connection\n\nSyzkaller reports a simult-connect race leading to inconsistent fallback\nstatus:\n\n WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n Modules linked in:\n CPU: 3 UID: 0 PID: 33 Comm: ksoftirqd/3 Not tainted syzkaller #0 PREEMPT(full)\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n Code: 89 ee e8 78 61 3c f6 40 84 ed 75 21 e8 8e 66 3c f6 44 89 fe bf 07 00 00 00 e8 c1 61 3c f6 41 83 ff 07 74 09 e8 76 66 3c f6 90 \u003c0f\u003e 0b 90 e8 6d 66 3c f6 48 89 df e8 e5 ad ff ff 31 ff 89 c5 89 c6\n RSP: 0018:ffffc900006cf338 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff888031acd100 RCX: ffffffff8b7f2abf\n RDX: ffff88801e6ea440 RSI: ffffffff8b7f2aca RDI: 0000000000000005\n RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000007\n R10: 0000000000000004 R11: 0000000000002c10 R12: ffff88802ba69900\n R13: 1ffff920000d9e67 R14: ffff888046f81800 R15: 0000000000000004\n FS: 0000000000000000(0000) GS:ffff8880d69bc000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000560fc0ca1670 CR3: 0000000032c3a000 CR4: 0000000000352ef0\n Call Trace:\n \u003cTASK\u003e\n tcp_data_queue+0x13b0/0x4f90 net/ipv4/tcp_input.c:5197\n tcp_rcv_state_process+0xfdf/0x4ec0 net/ipv4/tcp_input.c:6922\n tcp_v6_do_rcv+0x492/0x1740 net/ipv6/tcp_ipv6.c:1672\n tcp_v6_rcv+0x2976/0x41e0 net/ipv6/tcp_ipv6.c:1918\n ip6_protocol_deliver_rcu+0x188/0x1520 net/ipv6/ip6_input.c:438\n ip6_input_finish+0x1e4/0x4b0 net/ipv6/ip6_input.c:489\n NF_HOOK include/linux/netfilter.h:318 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ip6_input+0x105/0x2f0 net/ipv6/ip6_input.c:500\n dst_input include/net/dst.h:471 [inline]\n ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n NF_HOOK include/linux/netfilter.h:318 [inline]\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0x264/0x650 net/ipv6/ip6_input.c:311\n __netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:5979\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:6092\n process_backlog+0x442/0x15e0 net/core/dev.c:6444\n __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7494\n napi_poll net/core/dev.c:7557 [inline]\n net_rx_action+0xa9f/0xfe0 net/core/dev.c:7684\n handle_softirqs+0x216/0x8e0 kernel/softirq.c:579\n run_ksoftirqd kernel/softirq.c:968 [inline]\n run_ksoftirqd+0x3a/0x60 kernel/softirq.c:960\n smpboot_thread_fn+0x3f7/0xae0 kernel/smpboot.c:160\n kthread+0x3c2/0x780 kernel/kthread.c:463\n ret_from_fork+0x5d7/0x6f0 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nThe TCP subflow can process the simult-connect syn-ack packet after\ntransitioning to TCP_FIN1 state, bypassing the MPTCP fallback check,\nas the sk_state_change() callback is not invoked for * -\u003e FIN_WAIT1\ntransitions.\n\nThat will move the msk socket to an inconsistent status and the next\nincoming data will hit the reported splat.\n\nClose the race moving the simult-fallback check at the earliest possible\nstage - that is at syn-ack generation time.\n\nAbout the fixes tags: [2] was supposed to also fix this issue introduced\nby [3]. [1] is required as a dependence: it was not explicitly marked as\na fix, but it is one and it has already been backported before [3]. In\nother words, this commit should be backported up to [3], including [2]\nand [1] if that\u0027s not already there.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71088"
},
{
"cve": "CVE-2025-71095",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix the crash issue for zero copy XDP_TX action\n\nThere is a crash issue when running zero copy XDP_TX action, the crash\nlog is shown below.\n\n[ 216.122464] Unable to handle kernel paging request at virtual address fffeffff80000000\n[ 216.187524] Internal error: Oops: 0000000096000144 [#1] SMP\n[ 216.301694] Call trace:\n[ 216.304130] dcache_clean_poc+0x20/0x38 (P)\n[ 216.308308] __dma_sync_single_for_device+0x1bc/0x1e0\n[ 216.313351] stmmac_xdp_xmit_xdpf+0x354/0x400\n[ 216.317701] __stmmac_xdp_run_prog+0x164/0x368\n[ 216.322139] stmmac_napi_poll_rxtx+0xba8/0xf00\n[ 216.326576] __napi_poll+0x40/0x218\n[ 216.408054] Kernel panic - not syncing: Oops: Fatal exception in interrupt\n\nFor XDP_TX action, the xdp_buff is converted to xdp_frame by\nxdp_convert_buff_to_frame(). The memory type of the resulting xdp_frame\ndepends on the memory type of the xdp_buff. For page pool based xdp_buff\nit produces xdp_frame with memory type MEM_TYPE_PAGE_POOL. For zero copy\nXSK pool based xdp_buff it produces xdp_frame with memory type\nMEM_TYPE_PAGE_ORDER0. However, stmmac_xdp_xmit_back() does not check the\nmemory type and always uses the page pool type, this leads to invalid\nmappings and causes the crash. Therefore, check the xdp_buff memory type\nin stmmac_xdp_xmit_back() to fix this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71095"
},
{
"cve": "CVE-2025-71097",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: Fix reference count leak when using error routes with nexthop objects\n\nWhen a nexthop object is deleted, it is marked as dead and then\nfib_table_flush() is called to flush all the routes that are using the\ndead nexthop.\n\nThe current logic in fib_table_flush() is to only flush error routes\n(e.g., blackhole) when it is called as part of network namespace\ndismantle (i.e., with flush_all=true). Therefore, error routes are not\nflushed when their nexthop object is deleted:\n\n # ip link add name dummy1 up type dummy\n # ip nexthop add id 1 dev dummy1\n # ip route add 198.51.100.1/32 nhid 1\n # ip route add blackhole 198.51.100.2/32 nhid 1\n # ip nexthop del id 1\n # ip route show\n blackhole 198.51.100.2 nhid 1 dev dummy1\n\nAs such, they keep holding a reference on the nexthop object which in\nturn holds a reference on the nexthop device, resulting in a reference\ncount leak:\n\n # ip link del dev dummy1\n [ 70.516258] unregister_netdevice: waiting for dummy1 to become free. Usage count = 2\n\nFix by flushing error routes when their nexthop is marked as dead.\n\nIPv6 does not suffer from this problem.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71097"
},
{
"cve": "CVE-2025-71098",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: make ip6gre_header() robust\n\nOver the years, syzbot found many ways to crash the kernel\nin ip6gre_header() [1].\n\nThis involves team or bonding drivers ability to dynamically\nchange their dev-\u003eneeded_headroom and/or dev-\u003ehard_header_len\n\nIn this particular crash mld_newpack() allocated an skb\nwith a too small reserve/headroom, and by the time mld_sendpack()\nwas called, syzbot managed to attach an ip6gre device.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff8a1d69a8 len:136 put:40 head:ffff888059bc7000 data:ffff888059bc6fe8 tail:0x70 end:0x6c0 dev:team0\n------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:213 !\n \u003cTASK\u003e\n skb_under_panic net/core/skbuff.c:223 [inline]\n skb_push+0xc3/0xe0 net/core/skbuff.c:2641\n ip6gre_header+0xc8/0x790 net/ipv6/ip6_gre.c:1371\n dev_hard_header include/linux/netdevice.h:3436 [inline]\n neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618\n neigh_output include/net/neighbour.h:556 [inline]\n ip6_finish_output2+0xfb3/0x1480 net/ipv6/ip6_output.c:136\n __ip6_finish_output net/ipv6/ip6_output.c:-1 [inline]\n ip6_finish_output+0x234/0x7d0 net/ipv6/ip6_output.c:220\n NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247\n NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318\n mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71098"
},
{
"cve": "CVE-2025-71104",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer\n\nWhen advancing the target expiration for the guest\u0027s APIC timer in periodic\nmode, set the expiration to \"now\" if the target expiration is in the past\n(similar to what is done in update_target_expiration()). Blindly adding\nthe period to the previous target expiration can result in KVM generating\na practically unbounded number of hrtimer IRQs due to programming an\nexpired timer over and over. In extreme scenarios, e.g. if userspace\npauses/suspends a VM for an extended duration, this can even cause hard\nlockups in the host.\n\nCurrently, the bug only affects Intel CPUs when using the hypervisor timer\n(HV timer), a.k.a. the VMX preemption timer. Unlike the software timer,\na.k.a. hrtimer, which KVM keeps running even on exits to userspace, the\nHV timer only runs while the guest is active. As a result, if the vCPU\ndoes not run for an extended duration, there will be a huge gap between\nthe target expiration and the current time the vCPU resumes running.\nBecause the target expiration is incremented by only one period on each\ntimer expiration, this leads to a series of timer expirations occurring\nrapidly after the vCPU/VM resumes.\n\nMore critically, when the vCPU first triggers a periodic HV timer\nexpiration after resuming, advancing the expiration by only one period\nwill result in a target expiration in the past. As a result, the delta\nmay be calculated as a negative value. When the delta is converted into\nan absolute value (tscdeadline is an unsigned u64), the resulting value\ncan overflow what the HV timer is capable of programming. I.e. the large\nvalue will exceed the VMX Preemption Timer\u0027s maximum bit width of\ncpu_preemption_timer_multi + 32, and thus cause KVM to switch from the\nHV timer to the software timer (hrtimers).\n\nAfter switching to the software timer, periodic timer expiration callbacks\nmay be executed consecutively within a single clock interrupt handler,\nbecause hrtimers honors KVM\u0027s request for an expiration in the past and\nimmediately re-invokes KVM\u0027s callback after reprogramming. And because\nthe interrupt handler runs with IRQs disabled, restarting KVM\u0027s hrtimer\nover and over until the target expiration is advanced to \"now\" can result\nin a hard lockup.\n\nE.g. the following hard lockup was triggered in the host when running a\nWindows VM (only relevant because it used the APIC timer in periodic mode)\nafter resuming the VM from a long suspend (in the host).\n\n NMI watchdog: Watchdog detected hard LOCKUP on cpu 45\n ...\n RIP: 0010:advance_periodic_target_expiration+0x4d/0x80 [kvm]\n ...\n RSP: 0018:ff4f88f5d98d8ef0 EFLAGS: 00000046\n RAX: fff0103f91be678e RBX: fff0103f91be678e RCX: 00843a7d9e127bcc\n RDX: 0000000000000002 RSI: 0052ca4003697505 RDI: ff440d5bfbdbd500\n RBP: ff440d5956f99200 R08: ff2ff2a42deb6a84 R09: 000000000002a6c0\n R10: 0122d794016332b3 R11: 0000000000000000 R12: ff440db1af39cfc0\n R13: ff440db1af39cfc0 R14: ffffffffc0d4a560 R15: ff440db1af39d0f8\n FS: 00007f04a6ffd700(0000) GS:ff440db1af380000(0000) knlGS:000000e38a3b8000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000d5651feff8 CR3: 000000684e038002 CR4: 0000000000773ee0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n apic_timer_fn+0x31/0x50 [kvm]\n __hrtimer_run_queues+0x100/0x280\n hrtimer_interrupt+0x100/0x210\n ? ttwu_do_wakeup+0x19/0x160\n smp_apic_timer_interrupt+0x6a/0x130\n apic_timer_interrupt+0xf/0x20\n \u003c/IRQ\u003e\n\nMoreover, if the suspend duration of the virtual machine is not long enough\nto trigger a hard lockup in this scenario, since commit 98c25ead5eda\n(\"KVM: VMX: Move preemption timer \u003c=\u003e hrtimer dance to common x86\"), KVM\nwill continue using the software timer until the guest reprograms the APIC\ntimer in some way. Since the periodic timer does not require frequent APIC\ntimer register programming, the guest may continue to use the software\ntimer in \n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71104"
},
{
"cve": "CVE-2025-71112",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: add VLAN id validation before using\n\nCurrently, the VLAN id may be used without validation when\nreceive a VLAN configuration mailbox from VF. The length of\nvlan_del_fail_bmap is BITS_TO_LONGS(VLAN_N_VID). It may cause\nout-of-bounds memory access once the VLAN id is bigger than\nor equal to VLAN_N_VID.\n\nTherefore, VLAN id needs to be checked to ensure it is within\nthe range of VLAN_N_VID.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71112"
},
{
"cve": "CVE-2025-71113",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - zero initialize memory allocated via sock_kmalloc\n\nSeveral crypto user API contexts and requests allocated with\nsock_kmalloc() were left uninitialized, relying on callers to\nset fields explicitly. This resulted in the use of uninitialized\ndata in certain error paths or when new fields are added in the\nfuture.\n\nThe ACVP patches also contain two user-space interface files:\nalgif_kpp.c and algif_akcipher.c. These too rely on proper\ninitialization of their context structures.\n\nA particular issue has been observed with the newly added\n\u0027inflight\u0027 variable introduced in af_alg_ctx by commit:\n\n 67b164a871af (\"crypto: af_alg - Disallow multiple in-flight AIO requests\")\n\nBecause the context is not memset to zero after allocation,\nthe inflight variable has contained garbage values. As a result,\naf_alg_alloc_areq() has incorrectly returned -EBUSY randomly when\nthe garbage value was interpreted as true:\n\n https://github.com/gregkh/linux/blame/master/crypto/af_alg.c#L1209\n\nThe check directly tests ctx-\u003einflight without explicitly\ncomparing against true/false. Since inflight is only ever set to\ntrue or false later, an uninitialized value has triggered\n-EBUSY failures. Zero-initializing memory allocated with\nsock_kmalloc() ensures inflight and other fields start in a known\nstate, removing random issues caused by uninitialized data.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71113"
},
{
"cve": "CVE-2025-71114",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvia_wdt: fix critical boot hang due to unnamed resource allocation\n\nThe VIA watchdog driver uses allocate_resource() to reserve a MMIO\nregion for the watchdog control register. However, the allocated\nresource was not given a name, which causes the kernel resource tree\nto contain an entry marked as \"\u003cBAD\u003e\" under /proc/iomem on x86\nplatforms.\n\nDuring boot, this unnamed resource can lead to a critical hang because\nsubsequent resource lookups and conflict checks fail to handle the\ninvalid entry properly.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71114"
},
{
"cve": "CVE-2025-71120",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf\n\nA zero length gss_token results in pages == 0 and in_token-\u003epages[0]\nis NULL. The code unconditionally evaluates\npage_address(in_token-\u003epages[0]) for the initial memcpy, which can\ndereference NULL even when the copy length is 0. Guard the first\nmemcpy so it only runs when length \u003e 0.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71120"
},
{
"cve": "CVE-2025-71123",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix string copying in parse_apply_sb_mount_options()\n\nstrscpy_pad() can\u0027t be used to copy a non-NUL-term string into a NUL-term\nstring of possibly bigger size. Commit 0efc5990bca5 (\"string.h: Introduce\nmemtostr() and memtostr_pad()\") provides additional information in that\nregard. So if this happens, the following warning is observed:\n\nstrnlen: detected buffer overflow: 65 byte read of buffer size 64\nWARNING: CPU: 0 PID: 28655 at lib/string_helpers.c:1032 __fortify_report+0x96/0xc0 lib/string_helpers.c:1032\nModules linked in:\nCPU: 0 UID: 0 PID: 28655 Comm: syz-executor.3 Not tainted 6.12.54-syzkaller-00144-g5f0270f1ba00 #0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:__fortify_report+0x96/0xc0 lib/string_helpers.c:1032\nCall Trace:\n \u003cTASK\u003e\n __fortify_panic+0x1f/0x30 lib/string_helpers.c:1039\n strnlen include/linux/fortify-string.h:235 [inline]\n sized_strscpy include/linux/fortify-string.h:309 [inline]\n parse_apply_sb_mount_options fs/ext4/super.c:2504 [inline]\n __ext4_fill_super fs/ext4/super.c:5261 [inline]\n ext4_fill_super+0x3c35/0xad00 fs/ext4/super.c:5706\n get_tree_bdev_flags+0x387/0x620 fs/super.c:1636\n vfs_get_tree+0x93/0x380 fs/super.c:1814\n do_new_mount fs/namespace.c:3553 [inline]\n path_mount+0x6ae/0x1f70 fs/namespace.c:3880\n do_mount fs/namespace.c:3893 [inline]\n __do_sys_mount fs/namespace.c:4103 [inline]\n __se_sys_mount fs/namespace.c:4080 [inline]\n __x64_sys_mount+0x280/0x300 fs/namespace.c:4080\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x64/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSince userspace is expected to provide s_mount_opts field to be at most 63\ncharacters long with the ending byte being NUL-term, use a 64-byte buffer\nwhich matches the size of s_mount_opts, so that strscpy_pad() does its job\nproperly. Return with error if the user still managed to provide a\nnon-NUL-term string here.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71123"
},
{
"cve": "CVE-2025-71131",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: seqiv - Do not use req-\u003eiv after crypto_aead_encrypt\n\nAs soon as crypto_aead_encrypt is called, the underlying request\nmay be freed by an asynchronous completion. Thus dereferencing\nreq-\u003eiv after it returns is invalid.\n\nInstead of checking req-\u003eiv against info, create a new variable\nunaligned_info and use it for that purpose instead.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71131"
},
{
"cve": "CVE-2025-71161",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-verity: disable recursive forward error correction\n\nThere are two problems with the recursive correction:\n\n1. It may cause denial-of-service. In fec_read_bufs, there is a loop that\nhas 253 iterations. For each iteration, we may call verity_hash_for_block\nrecursively. There is a limit of 4 nested recursions - that means that\nthere may be at most 253^4 (4 billion) iterations. Red Hat QE team\nactually created an image that pushes dm-verity to this limit - and this\nimage just makes the udev-worker process get stuck in the \u0027D\u0027 state.\n\n2. It doesn\u0027t work. In fec_read_bufs we store data into the variable\n\"fio-\u003ebufs\", but fio bufs is shared between recursive invocations, if\n\"verity_hash_for_block\" invoked correction recursively, it would\noverwrite partially filled fio-\u003ebufs.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71161"
},
{
"cve": "CVE-2025-71162",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: tegra-adma: Fix use-after-free\n\nA use-after-free bug exists in the Tegra ADMA driver when audio streams\nare terminated, particularly during XRUN conditions. The issue occurs\nwhen the DMA buffer is freed by tegra_adma_terminate_all() before the\nvchan completion tasklet finishes accessing it.\n\nThe race condition follows this sequence:\n\n 1. DMA transfer completes, triggering an interrupt that schedules the\n completion tasklet (tasklet has not executed yet)\n 2. Audio playback stops, calling tegra_adma_terminate_all() which\n frees the DMA buffer memory via kfree()\n 3. The scheduled tasklet finally executes, calling vchan_complete()\n which attempts to access the already-freed memory\n\nSince tasklets can execute at any time after being scheduled, there is\nno guarantee that the buffer will remain valid when vchan_complete()\nruns.\n\nFix this by properly synchronizing the virtual channel completion:\n - Calling vchan_terminate_vdesc() in tegra_adma_stop() to mark the\n descriptors as terminated instead of freeing the descriptor.\n - Add the callback tegra_adma_synchronize() that calls\n vchan_synchronize() which kills any pending tasklets and frees any\n terminated descriptors.\n\nCrash logs:\n[ 337.427523] BUG: KASAN: use-after-free in vchan_complete+0x124/0x3b0\n[ 337.427544] Read of size 8 at addr ffff000132055428 by task swapper/0/0\n\n[ 337.427562] Call trace:\n[ 337.427564] dump_backtrace+0x0/0x320\n[ 337.427571] show_stack+0x20/0x30\n[ 337.427575] dump_stack_lvl+0x68/0x84\n[ 337.427584] print_address_description.constprop.0+0x74/0x2b8\n[ 337.427590] kasan_report+0x1f4/0x210\n[ 337.427598] __asan_load8+0xa0/0xd0\n[ 337.427603] vchan_complete+0x124/0x3b0\n[ 337.427609] tasklet_action_common.constprop.0+0x190/0x1d0\n[ 337.427617] tasklet_action+0x30/0x40\n[ 337.427623] __do_softirq+0x1a0/0x5c4\n[ 337.427628] irq_exit+0x110/0x140\n[ 337.427633] handle_domain_irq+0xa4/0xe0\n[ 337.427640] gic_handle_irq+0x64/0x160\n[ 337.427644] call_on_irq_stack+0x20/0x4c\n[ 337.427649] do_interrupt_handler+0x7c/0x90\n[ 337.427654] el1_interrupt+0x30/0x80\n[ 337.427659] el1h_64_irq_handler+0x18/0x30\n[ 337.427663] el1h_64_irq+0x7c/0x80\n[ 337.427667] cpuidle_enter_state+0xe4/0x540\n[ 337.427674] cpuidle_enter+0x54/0x80\n[ 337.427679] do_idle+0x2e0/0x380\n[ 337.427685] cpu_startup_entry+0x2c/0x70\n[ 337.427690] rest_init+0x114/0x130\n[ 337.427695] arch_call_rest_init+0x18/0x24\n[ 337.427702] start_kernel+0x380/0x3b4\n[ 337.427706] __primary_switched+0xc0/0xc8",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71162"
},
{
"cve": "CVE-2025-71163",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: fix device leaks on compat bind and unbind\n\nMake sure to drop the reference taken when looking up the idxd device as\npart of the compat bind and unbind sysfs interface.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71163"
},
{
"cve": "CVE-2025-71185",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: ti: dma-crossbar: fix device leak on am335x route allocation\n\nMake sure to drop the reference taken when looking up the crossbar\nplatform device during am335x route allocation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71185"
},
{
"cve": "CVE-2025-71186",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: stm32: dmamux: fix device leak on route allocation\n\nMake sure to drop the reference taken when looking up the DMA mux\nplatform device during route allocation.\n\nNote that holding a reference to a device does not prevent its driver\ndata from going away so there is no point in keeping the reference.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71186"
},
{
"cve": "CVE-2025-71189",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw: dmamux: fix OF node leak on route allocation failure\n\nMake sure to drop the reference taken to the DMA master OF node also on\nlate route allocation failures.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71189"
},
{
"cve": "CVE-2025-71190",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: bcm-sba-raid: fix device leak on probe\n\nMake sure to drop the reference taken when looking up the mailbox device\nduring probe on probe failures and on driver unbind.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71190"
},
{
"cve": "CVE-2025-71191",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: at_hdmac: fix device leak on of_dma_xlate()\n\nMake sure to drop the reference taken when looking up the DMA platform\ndevice during of_dma_xlate() when releasing channel resources.\n\nNote that commit 3832b78b3ec2 (\"dmaengine: at_hdmac: add missing\nput_device() call in at_dma_xlate()\") fixed the leak in a couple of\nerror paths but the reference is still leaking on successful allocation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71191"
},
{
"cve": "CVE-2025-71197",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nw1: therm: Fix off-by-one buffer overflow in alarms_store\n\nThe sysfs buffer passed to alarms_store() is allocated with \u0027size + 1\u0027\nbytes and a NUL terminator is appended. However, the \u0027size\u0027 argument\ndoes not account for this extra byte. The original code then allocated\n\u0027size\u0027 bytes and used strcpy() to copy \u0027buf\u0027, which always writes one\nbyte past the allocated buffer since strcpy() copies until the NUL\nterminator at index \u0027size\u0027.\n\nFix this by parsing the \u0027buf\u0027 parameter directly using simple_strtoll()\nwithout allocating any intermediate memory or string copying. This\nremoves the overflow while simplifying the code.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71197"
},
{
"cve": "CVE-2025-71221",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()\n\nAdd proper locking in mmp_pdma_residue() to prevent use-after-free when\naccessing descriptor list and descriptor contents.\n\nThe race occurs when multiple threads call tx_status() while the tasklet\non another CPU is freeing completed descriptors:\n\nCPU 0 CPU 1\n----- -----\nmmp_pdma_tx_status()\nmmp_pdma_residue()\n -\u003e NO LOCK held\n list_for_each_entry(sw, ..)\n DMA interrupt\n dma_do_tasklet()\n -\u003e spin_lock(\u0026desc_lock)\n list_move(sw-\u003enode, ...)\n spin_unlock(\u0026desc_lock)\n | dma_pool_free(sw) \u003c- FREED!\n -\u003e access sw-\u003edesc \u003c- UAF!\n\nThis issue can be reproduced when running dmatest on the same channel with\nmultiple threads (threads_per_chan \u003e 1).\n\nFix by protecting the chain_running list iteration and descriptor access\nwith the chan-\u003edesc_lock spinlock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71221"
},
{
"cve": "CVE-2025-71265",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata\n\nWe found an infinite loop bug in the ntfs3 file system that can lead to a\nDenial-of-Service (DoS) condition.\n\nA malformed NTFS image can cause an infinite loop when an attribute header\nindicates an empty run list, while directory entries reference it as\ncontaining actual data. In NTFS, setting evcn=-1 with svcn=0 is a valid way\nto represent an empty run list, and run_unpack() correctly handles this by\nchecking if evcn + 1 equals svcn and returning early without parsing any run\ndata. However, this creates a problem when there is metadata inconsistency,\nwhere the attribute header claims to be empty (evcn=-1) but the caller\nexpects to read actual data. When run_unpack() immediately returns success\nupon seeing this condition, it leaves the runs_tree uninitialized with\nrun-\u003eruns as a NULL. The calling function attr_load_runs_range() assumes\nthat a successful return means that the runs were loaded and sets clen to 0,\nexpecting the next run_lookup_entry() call to succeed. Because runs_tree\nremains uninitialized, run_lookup_entry() continues to fail, and the loop\nincrements vcn by zero (vcn += 0), leading to an infinite loop.\n\nThis patch adds a retry counter to detect when run_lookup_entry() fails\nconsecutively after attr_load_runs_vcn(). If the run is still not found on\nthe second attempt, it indicates corrupted metadata and returns -EINVAL,\npreventing the Denial-of-Service (DoS) vulnerability.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71265"
},
{
"cve": "CVE-2025-71266",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: ntfs3: check return value of indx_find to avoid infinite loop\n\nWe found an infinite loop bug in the ntfs3 file system that can lead to a\nDenial-of-Service (DoS) condition.\n\nA malformed dentry in the ntfs3 filesystem can cause the kernel to hang\nduring the lookup operations. By setting the HAS_SUB_NODE flag in an\nINDEX_ENTRY within a directory\u0027s INDEX_ALLOCATION block and manipulating the\nVCN pointer, an attacker can cause the indx_find() function to repeatedly\nread the same block, allocating 4 KB of memory each time. The kernel lacks\nVCN loop detection and depth limits, causing memory exhaustion and an OOM\ncrash.\n\nThis patch adds a return value check for fnd_push() to prevent a memory\nexhaustion vulnerability caused by infinite loops. When the index exceeds the\nsize of the fnd-\u003enodes array, fnd_push() returns -EINVAL. The indx_find()\nfunction checks this return value and stops processing, preventing further\nmemory allocation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71266"
},
{
"cve": "CVE-2025-71267",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST\n\nWe found an infinite loop bug in the ntfs3 file system that can lead to a\nDenial-of-Service (DoS) condition.\n\nA malformed NTFS image can cause an infinite loop when an ATTR_LIST attribute\nindicates a zero data size while the driver allocates memory for it.\n\nWhen ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set\nto zero, it still allocates memory because of al_aligned(0). This creates an\ninconsistent state where ni-\u003eattr_list.size is zero, but ni-\u003eattr_list.le is\nnon-null. This causes ni_enum_attr_ex to incorrectly assume that no attribute\nlist exists and enumerates only the primary MFT record. When it finds\nATTR_LIST, the code reloads it and restarts the enumeration, repeating\nindefinitely. The mount operation never completes, hanging the kernel thread.\n\nThis patch adds validation to ensure that data_size is non-zero before memory\nallocation. When a zero-sized ATTR_LIST is detected, the function returns\n-EINVAL, preventing a DoS vulnerability.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-71267"
},
{
"cve": "CVE-2026-3497",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workaround is to use ssh_packet_disconnect() instead, which does terminate the process. The impact of the vulnerability depends heavily on the compiler flag hardening configuration.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-3497"
},
{
"cve": "CVE-2026-22977",
"cwe": {
"id": "CWE-489",
"name": "Active Debug Code"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sock: fix hardened usercopy panic in sock_recv_errqueue\n\nskbuff_fclone_cache was created without defining a usercopy region,\n[1] unlike skbuff_head_cache which properly whitelists the cb[] field.\n[2] This causes a usercopy BUG() when CONFIG_HARDENED_USERCOPY is\nenabled and the kernel attempts to copy sk_buff.cb data to userspace\nvia sock_recv_errqueue() -\u003e put_cmsg().\n\nThe crash occurs when: 1. TCP allocates an skb using alloc_skb_fclone()\n (from skbuff_fclone_cache) [1]\n2. The skb is cloned via skb_clone() using the pre-allocated fclone\n[3] 3. The cloned skb is queued to sk_error_queue for timestamp\nreporting 4. Userspace reads the error queue via recvmsg(MSG_ERRQUEUE)\n5. sock_recv_errqueue() calls put_cmsg() to copy serr-\u003eee from skb-\u003ecb\n[4] 6. __check_heap_object() fails because skbuff_fclone_cache has no\n usercopy whitelist [5]\n\nWhen cloned skbs allocated from skbuff_fclone_cache are used in the\nsocket error queue, accessing the sock_exterr_skb structure in skb-\u003ecb\nvia put_cmsg() triggers a usercopy hardening violation:\n\n[ 5.379589] usercopy: Kernel memory exposure attempt detected from SLUB object \u0027skbuff_fclone_cache\u0027 (offset 296, size 16)!\n[ 5.382796] kernel BUG at mm/usercopy.c:102!\n[ 5.383923] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n[ 5.384903] CPU: 1 UID: 0 PID: 138 Comm: poc_put_cmsg Not tainted 6.12.57 #7\n[ 5.384903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 5.384903] RIP: 0010:usercopy_abort+0x6c/0x80\n[ 5.384903] Code: 1a 86 51 48 c7 c2 40 15 1a 86 41 52 48 c7 c7 c0 15 1a 86 48 0f 45 d6 48 c7 c6 80 15 1a 86 48 89 c1 49 0f 45 f3 e8 84 27 88 ff \u003c0f\u003e 0b 490\n[ 5.384903] RSP: 0018:ffffc900006f77a8 EFLAGS: 00010246\n[ 5.384903] RAX: 000000000000006f RBX: ffff88800f0ad2a8 RCX: 1ffffffff0f72e74\n[ 5.384903] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff87b973a0\n[ 5.384903] RBP: 0000000000000010 R08: 0000000000000000 R09: fffffbfff0f72e74\n[ 5.384903] R10: 0000000000000003 R11: 79706f6372657375 R12: 0000000000000001\n[ 5.384903] R13: ffff88800f0ad2b8 R14: ffffea00003c2b40 R15: ffffea00003c2b00\n[ 5.384903] FS: 0000000011bc4380(0000) GS:ffff8880bf100000(0000) knlGS:0000000000000000\n[ 5.384903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 5.384903] CR2: 000056aa3b8e5fe4 CR3: 000000000ea26004 CR4: 0000000000770ef0\n[ 5.384903] PKRU: 55555554\n[ 5.384903] Call Trace:\n[ 5.384903] \u003cTASK\u003e\n[ 5.384903] __check_heap_object+0x9a/0xd0\n[ 5.384903] __check_object_size+0x46c/0x690\n[ 5.384903] put_cmsg+0x129/0x5e0\n[ 5.384903] sock_recv_errqueue+0x22f/0x380\n[ 5.384903] tls_sw_recvmsg+0x7ed/0x1960\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? schedule+0x6d/0x270\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? mutex_unlock+0x81/0xd0\n[ 5.384903] ? __pfx_mutex_unlock+0x10/0x10\n[ 5.384903] ? __pfx_tls_sw_recvmsg+0x10/0x10\n[ 5.384903] ? _raw_spin_lock_irqsave+0x8f/0xf0\n[ 5.384903] ? _raw_read_unlock_irqrestore+0x20/0x40\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n\nThe crash offset 296 corresponds to skb2-\u003ecb within skbuff_fclones:\n - sizeof(struct sk_buff) = 232 - offsetof(struct sk_buff, cb) = 40 -\n offset of skb2.cb in fclones = 232 + 40 = 272 - crash offset 296 =\n 272 + 24 (inside sock_exterr_skb.ee)\n\nThis patch uses a local stack variable as a bounce buffer to avoid the hardened usercopy check failure.\n\n[1] https://elixir.bootlin.com/linux/v6.12.62/source/net/ipv4/tcp.c#L885\n[2] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5104\n[3] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5566\n[4] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5491\n[5] https://elixir.bootlin.com/linux/v6.12.62/source/mm/slub.c#L5719",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-22977"
},
{
"cve": "CVE-2026-22979",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix memory leak in skb_segment_list for GRO packets\n\nWhen skb_segment_list() is called during packet forwarding, it handles\npackets that were aggregated by the GRO engine.\n\nHistorically, the segmentation logic in skb_segment_list assumes that\nindividual segments are split from a parent SKB and may need to carry\ntheir own socket memory accounting. Accordingly, the code transfers\ntruesize from the parent to the newly created segments.\n\nPrior to commit ed4cccef64c1 (\"gro: fix ownership transfer\"), this\ntruesize subtraction in skb_segment_list() was valid because fragments\nstill carry a reference to the original socket.\n\nHowever, commit ed4cccef64c1 (\"gro: fix ownership transfer\") changed\nthis behavior by ensuring that fraglist entries are explicitly\norphaned (skb-\u003esk = NULL) to prevent illegal orphaning later in the\nstack. This change meant that the entire socket memory charge remained\nwith the head SKB, but the corresponding accounting logic in\nskb_segment_list() was never updated.\n\nAs a result, the current code unconditionally adds each fragment\u0027s\ntruesize to delta_truesize and subtracts it from the parent SKB. Since\nthe fragments are no longer charged to the socket, this subtraction\nresults in an effective under-count of memory when the head is freed.\nThis causes sk_wmem_alloc to remain non-zero, preventing socket\ndestruction and leading to a persistent memory leak.\n\nThe leak can be observed via KMEMLEAK when tearing down the networking\nenvironment:\n\nunreferenced object 0xffff8881e6eb9100 (size 2048):\n comm \"ping\", pid 6720, jiffies 4295492526\n backtrace:\n kmem_cache_alloc_noprof+0x5c6/0x800\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x35/0xa00\n inet6_create.part.0+0x303/0x10d0\n __sock_create+0x248/0x640\n __sys_socket+0x11b/0x1d0\n\nSince skb_segment_list() is exclusively used for SKB_GSO_FRAGLIST\npackets constructed by GRO, the truesize adjustment is removed.\n\nThe call to skb_release_head_state() must be preserved. As documented in\ncommit cf673ed0e057 (\"net: fix fraglist segmentation reference count\nleak\"), it is still required to correctly drop references to SKB\nextensions that may be overwritten during __copy_skb_header().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-22979"
},
{
"cve": "CVE-2026-22980",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: provide locking for v4_end_grace\n\nWriting to v4_end_grace can race with server shutdown and result in\nmemory being accessed after it was freed - reclaim_str_hashtbl in\nparticularly.\n\nWe cannot hold nfsd_mutex across the nfsd4_end_grace() call as that is\nheld while client_tracking_op-\u003einit() is called and that can wait for\nan upcall to nfsdcltrack which can write to v4_end_grace, resulting in a\ndeadlock.\n\nnfsd4_end_grace() is also called by the landromat work queue and this\ndoesn\u0027t require locking as server shutdown will stop the work and wait\nfor it before freeing anything that nfsd4_end_grace() might access.\n\nHowever, we must be sure that writing to v4_end_grace doesn\u0027t restart\nthe work item after shutdown has already waited for it. For this we\nadd a new flag protected with nn-\u003eclient_lock. It is set only while it\nis safe to make client tracking calls, and v4_end_grace only schedules\nwork while the flag is set with the spinlock held.\n\nSo this patch adds a nfsd_net field \"client_tracking_active\" which is\nset as described. Another field \"grace_end_forced\", is set when\nv4_end_grace is written. After this is set, and providing\nclient_tracking_active is set, the laundromat is scheduled.\nThis \"grace_end_forced\" field bypasses other checks for whether the\ngrace period has finished.\n\nThis resolves a race which can result in use-after-free.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-22980"
},
{
"cve": "CVE-2026-22982",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mscc: ocelot: Fix crash when adding interface under a lag\n\nCommit 15faa1f67ab4 (\"lan966x: Fix crash when adding interface under a lag\")\nfixed a similar issue in the lan966x driver caused by a NULL pointer dereference.\nThe ocelot_set_aggr_pgids() function in the ocelot driver has similar logic\nand is susceptible to the same crash.\n\nThis issue specifically affects the ocelot_vsc7514.c frontend, which leaves\nunused ports as NULL pointers. The felix_vsc9959.c frontend is unaffected as\nit uses the DSA framework which registers all ports.\n\nFix this by checking if the port pointer is valid before accessing it.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-22982"
},
{
"cve": "CVE-2026-22992",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: return the handler error from mon_handle_auth_done()\n\nCurrently any error from ceph_auth_handle_reply_done() is propagated\nvia finish_auth() but isn\u0027t returned from mon_handle_auth_done(). This\nresults in higher layers learning that (despite the monitor considering\nus to be successfully authenticated) something went wrong in the\nauthentication phase and reacting accordingly, but msgr2 still trying\nto proceed with establishing the session in the background. In the\ncase of secure mode this can trigger a WARN in setup_crypto() and later\nlead to a NULL pointer dereference inside of prepare_auth_signature().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-22992"
},
{
"cve": "CVE-2026-22994",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix reference count leak in bpf_prog_test_run_xdp()\n\nsyzbot is reporting\n\n unregister_netdevice: waiting for sit0 to become free. Usage count = 2\n\nproblem. A debug printk() patch found that a refcount is obtained at\nxdp_convert_md_to_buff() from bpf_prog_test_run_xdp().\n\nAccording to commit ec94670fcb3b (\"bpf: Support specifying ingress via\nxdp_md context in BPF_PROG_TEST_RUN\"), the refcount obtained by\nxdp_convert_md_to_buff() will be released by xdp_convert_buff_to_md().\n\nTherefore, we can consider that the error handling path introduced by\ncommit 1c1949982524 (\"bpf: introduce frags support to\nbpf_prog_test_run_xdp()\") forgot to call xdp_convert_buff_to_md().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-22994"
},
{
"cve": "CVE-2026-23003",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv()\n\nBlamed commit did not take care of VLAN encapsulations\nas spotted by syzbot [1].\n\nUse skb_vlan_inet_prepare() instead of pskb_inet_may_pull().\n\n[1]\n BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7a8/0x1fa0 include/net/inet_ecn.h:321\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP6_ECN_decapsulate+0x7a8/0x1fa0 include/net/inet_ecn.h:321\n ip6ip6_dscp_ecn_decapsulate+0x16f/0x1b0 net/ipv6/ip6_tunnel.c:729\n __ip6_tnl_rcv+0xed9/0x1b50 net/ipv6/ip6_tunnel.c:860\n ip6_tnl_rcv+0xc3/0x100 net/ipv6/ip6_tunnel.c:903\n gre_rcv+0x1529/0x1b90 net/ipv6/ip6_gre.c:-1\n ip6_protocol_deliver_rcu+0x1c89/0x2c60 net/ipv6/ip6_input.c:438\n ip6_input_finish+0x1f4/0x4a0 net/ipv6/ip6_input.c:489\n NF_HOOK include/linux/netfilter.h:318 [inline]\n ip6_input+0x9c/0x330 net/ipv6/ip6_input.c:500\n ip6_mc_input+0x7ca/0xc10 net/ipv6/ip6_input.c:590\n dst_input include/net/dst.h:474 [inline]\n ip6_rcv_finish+0x958/0x990 net/ipv6/ip6_input.c:79\n NF_HOOK include/linux/netfilter.h:318 [inline]\n ipv6_rcv+0xf1/0x3c0 net/ipv6/ip6_input.c:311\n __netif_receive_skb_one_core net/core/dev.c:6139 [inline]\n __netif_receive_skb+0x1df/0xac0 net/core/dev.c:6252\n netif_receive_skb_internal net/core/dev.c:6338 [inline]\n netif_receive_skb+0x57/0x630 net/core/dev.c:6397\n tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485\n tun_get_user+0x5c0e/0x6c60 drivers/net/tun.c:1953\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xbe2/0x15d0 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]\n __se_sys_write fs/read_write.c:746 [inline]\n __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746\n x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4960 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_node_noprof+0x9e7/0x17a0 mm/slub.c:5315\n kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:586\n __alloc_skb+0x805/0x1040 net/core/skbuff.c:690\n alloc_skb include/linux/skbuff.h:1383 [inline]\n alloc_skb_with_frags+0xc5/0xa60 net/core/skbuff.c:6712\n sock_alloc_send_pskb+0xacc/0xc60 net/core/sock.c:2995\n tun_alloc_skb drivers/net/tun.c:1461 [inline]\n tun_get_user+0x1142/0x6c60 drivers/net/tun.c:1794\n tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0xbe2/0x15d0 fs/read_write.c:686\n ksys_write fs/read_write.c:738 [inline]\n __do_sys_write fs/read_write.c:749 [inline]\n __se_sys_write fs/read_write.c:746 [inline]\n __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746\n x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 6465 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(none)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23003"
},
{
"cve": "CVE-2026-23005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1\n\nWhen loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in\nresponse to a guest WRMSR, clear XFD-disabled features in the saved (or to\nbe restored) XSTATE_BV to ensure KVM doesn\u0027t attempt to load state for\nfeatures that are disabled via the guest\u0027s XFD. Because the kernel\nexecutes XRSTOR with the guest\u0027s XFD, saving XSTATE_BV[i]=1 with XFD[i]=1\nwill cause XRSTOR to #NM and panic the kernel.\n\nE.g. if fpu_update_guest_xfd() sets XFD without clearing XSTATE_BV:\n\n ------------[ cut here ]------------\n WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#29: amx_test/848\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 29 UID: 1000 PID: 848 Comm: amx_test Not tainted 6.19.0-rc2-ffa07f7fd437-x86_amx_nm_xfd_non_init-vm #171 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:exc_device_not_available+0x101/0x110\n Call Trace:\n \u003cTASK\u003e\n asm_exc_device_not_available+0x1a/0x20\n RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90\n switch_fpu_return+0x4a/0xb0\n kvm_arch_vcpu_ioctl_run+0x1245/0x1e40 [kvm]\n kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm]\n __x64_sys_ioctl+0x8f/0xd0\n do_syscall_64+0x62/0x940\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nThis can happen if the guest executes WRMSR(MSR_IA32_XFD) to set XFD[18] = 1,\nand a host IRQ triggers kernel_fpu_begin() prior to the vmexit handler\u0027s\ncall to fpu_update_guest_xfd().\n\nand if userspace stuffs XSTATE_BV[i]=1 via KVM_SET_XSAVE:\n\n ------------[ cut here ]------------\n WARNING: arch/x86/kernel/traps.c:1524 at exc_device_not_available+0x101/0x110, CPU#14: amx_test/867\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 14 UID: 1000 PID: 867 Comm: amx_test Not tainted 6.19.0-rc2-2dace9faccd6-x86_amx_nm_xfd_non_init-vm #168 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:exc_device_not_available+0x101/0x110\n Call Trace:\n \u003cTASK\u003e\n asm_exc_device_not_available+0x1a/0x20\n RIP: 0010:restore_fpregs_from_fpstate+0x36/0x90\n fpu_swap_kvm_fpstate+0x6b/0x120\n kvm_load_guest_fpu+0x30/0x80 [kvm]\n kvm_arch_vcpu_ioctl_run+0x85/0x1e40 [kvm]\n kvm_vcpu_ioctl+0x2c3/0x8f0 [kvm]\n __x64_sys_ioctl+0x8f/0xd0\n do_syscall_64+0x62/0x940\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nThe new behavior is consistent with the AMX architecture. Per Intel\u0027s SDM,\nXSAVE saves XSTATE_BV as \u00270\u0027 for components that are disabled via XFD\n(and non-compacted XSAVE saves the initial configuration of the state\ncomponent):\n\n If XSAVE, XSAVEC, XSAVEOPT, or XSAVES is saving the state component i,\n the instruction does not generate #NM when XCR0[i] = IA32_XFD[i] = 1;\n instead, it operates as if XINUSE[i] = 0 (and the state component was\n in its initial state): it saves bit i of XSTATE_BV field of the XSAVE\n header as 0; in addition, XSAVE saves the initial configuration of the\n state component (the other instructions do not save state component i).\n\nAlternatively, KVM could always do XRSTOR with XFD=0, e.g. by using\na constant XFD based on the set of enabled features when XSAVEing for\na struct fpu_guest. However, having XSTATE_BV[i]=1 for XFD-disabled\nfeatures can only happen in the above interrupt case, or in similar\nscenarios involving preemption on preemptible kernels, because\nfpu_swap_kvm_fpstate()\u0027s call to save_fpregs_to_fpstate() saves the\noutgoing FPU state with the current XFD; and that is (on all but the\nfirst WRMSR to XFD) the guest XFD.\n\nTherefore, XFD can only go out of sync with XSTATE_BV in the above\ninterrupt case, or in similar scenarios involving preemption on\npreemptible kernels, and it we can consider it (de facto) part of KVM\nABI that KVM_GET_XSAVE returns XSTATE_BV[i]=0 for XFD-disabled features.\n\n[Move clea\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23005"
},
{
"cve": "CVE-2026-23010",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix use-after-free in inet6_addr_del().\n\nsyzbot reported use-after-free of inet6_ifaddr in\ninet6_addr_del(). [0]\n\nThe cited commit accidentally moved ipv6_del_addr() for\nmngtmpaddr before reading its ifp-\u003eflags for temporary\naddresses in inet6_addr_del().\n\nLet\u0027s move ipv6_del_addr() down to fix the UAF.\n\n[0]:\nBUG: KASAN: slab-use-after-free in inet6_addr_del.constprop.0+0x67a/0x6b0 net/ipv6/addrconf.c:3117\nRead of size 4 at addr ffff88807b89c86c by task syz.3.1618/9593\n\nCPU: 0 UID: 0 PID: 9593 Comm: syz.3.1618 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcd/0x630 mm/kasan/report.c:482\n kasan_report+0xe0/0x110 mm/kasan/report.c:595\n inet6_addr_del.constprop.0+0x67a/0x6b0 net/ipv6/addrconf.c:3117\n addrconf_del_ifaddr+0x11e/0x190 net/ipv6/addrconf.c:3181\n inet6_ioctl+0x1e5/0x2b0 net/ipv6/af_inet6.c:582\n sock_do_ioctl+0x118/0x280 net/socket.c:1254\n sock_ioctl+0x227/0x6b0 net/socket.c:1375\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f164cf8f749\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f164de64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f164d1e5fa0 RCX: 00007f164cf8f749\nRDX: 0000200000000000 RSI: 0000000000008936 RDI: 0000000000000003\nRBP: 00007f164d013f91 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007f164d1e6038 R14: 00007f164d1e5fa0 R15: 00007ffde15c8288\n \u003c/TASK\u003e\n\nAllocated by task 9593:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:56\n kasan_save_track+0x14/0x30 mm/kasan/common.c:77\n poison_kmalloc_redzone mm/kasan/common.c:397 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:414\n kmalloc_noprof include/linux/slab.h:957 [inline]\n kzalloc_noprof include/linux/slab.h:1094 [inline]\n ipv6_add_addr+0x4e3/0x2010 net/ipv6/addrconf.c:1120\n inet6_addr_add+0x256/0x9b0 net/ipv6/addrconf.c:3050\n addrconf_add_ifaddr+0x1fc/0x450 net/ipv6/addrconf.c:3160\n inet6_ioctl+0x103/0x2b0 net/ipv6/af_inet6.c:580\n sock_do_ioctl+0x118/0x280 net/socket.c:1254\n sock_ioctl+0x227/0x6b0 net/socket.c:1375\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 6099:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:56\n kasan_save_track+0x14/0x30 mm/kasan/common.c:77\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:584\n poison_slab_object mm/kasan/common.c:252 [inline]\n __kasan_slab_free+0x5f/0x80 mm/kasan/common.c:284\n kasan_slab_free include/linux/kasan.h:234 [inline]\n slab_free_hook mm/slub.c:2540 [inline]\n slab_free_freelist_hook mm/slub.c:2569 [inline]\n slab_free_bulk mm/slub.c:6696 [inline]\n kmem_cache_free_bulk mm/slub.c:7383 [inline]\n kmem_cache_free_bulk+0x2bf/0x680 mm/slub.c:7362\n kfree_bulk include/linux/slab.h:830 [inline]\n kvfree_rcu_bulk+0x1b7/0x1e0 mm/slab_common.c:1523\n kvfree_rcu_drain_ready mm/slab_common.c:1728 [inline]\n kfree_rcu_monitor+0x1d0/0x2f0 mm/slab_common.c:1801\n process_one_work+0x9ba/0x1b20 kernel/workqueue.c:3257\n process_scheduled_works kernel/workqu\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23010"
},
{
"cve": "CVE-2026-23011",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_gre: make ipgre_header() robust\n\nAnalog to commit db5b4e39c4e6 (\"ip6_gre: make ip6gre_header() robust\")\n\nOver the years, syzbot found many ways to crash the kernel\nin ipgre_header() [1].\n\nThis involves team or bonding drivers ability to dynamically\nchange their dev-\u003eneeded_headroom and/or dev-\u003ehard_header_len\n\nIn this particular crash mld_newpack() allocated an skb\nwith a too small reserve/headroom, and by the time mld_sendpack()\nwas called, syzbot managed to attach an ipgre device.\n\n[1]\nskbuff: skb_under_panic: text:ffffffff89ea3cb7 len:2030915468 put:2030915372 head:ffff888058b43000 data:ffff887fdfa6e194 tail:0x120 end:0x6c0 dev:team0\n kernel BUG at net/core/skbuff.c:213 !\nOops: invalid opcode: 0000 [#1] SMP KASAN PTI\nCPU: 1 UID: 0 PID: 1322 Comm: kworker/1:9 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025\nWorkqueue: mld mld_ifc_work\n RIP: 0010:skb_panic+0x157/0x160 net/core/skbuff.c:213\nCall Trace:\n \u003cTASK\u003e\n skb_under_panic net/core/skbuff.c:223 [inline]\n skb_push+0xc3/0xe0 net/core/skbuff.c:2641\n ipgre_header+0x67/0x290 net/ipv4/ip_gre.c:897\n dev_hard_header include/linux/netdevice.h:3436 [inline]\n neigh_connected_output+0x286/0x460 net/core/neighbour.c:1618\n NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n ip6_output+0x340/0x550 net/ipv6/ip6_output.c:247\n NF_HOOK+0x9e/0x380 include/linux/netfilter.h:318\n mld_sendpack+0x8d4/0xe60 net/ipv6/mcast.c:1855\n mld_send_cr net/ipv6/mcast.c:2154 [inline]\n mld_ifc_work+0x83e/0xd60 net/ipv6/mcast.c:2693\n process_one_work kernel/workqueue.c:3257 [inline]\n process_scheduled_works+0xad1/0x1770 kernel/workqueue.c:3340\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3421\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x510/0xa50 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23011"
},
{
"cve": "CVE-2026-23019",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: marvell: prestera: fix NULL dereference on devlink_alloc() failure\n\ndevlink_alloc() may return NULL on allocation failure, but\nprestera_devlink_alloc() unconditionally calls devlink_priv() on\nthe returned pointer.\n\nThis leads to a NULL pointer dereference if devlink allocation fails.\nAdd a check for a NULL devlink pointer and return NULL early to avoid\nthe crash.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23019"
},
{
"cve": "CVE-2026-23026",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()\n\nFix a memory leak in gpi_peripheral_config() where the original memory\npointed to by gchan-\u003econfig could be lost if krealloc() fails.\n\nThe issue occurs when:\n1. gchan-\u003econfig points to previously allocated memory\n2. krealloc() fails and returns NULL\n3. The function directly assigns NULL to gchan-\u003econfig, losing the\n reference to the original memory\n4. The original memory becomes unreachable and cannot be freed\n\nFix this by using a temporary variable to hold the krealloc() result\nand only updating gchan-\u003econfig when the allocation succeeds.\n\nFound via static analysis and code review.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23026"
},
{
"cve": "CVE-2026-23038",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node()\n\nIn nfs4_ff_alloc_deviceid_node(), if the allocation for ds_versions fails,\nthe function jumps to the out_scratch label without freeing the already\nallocated dsaddrs list, leading to a memory leak.\n\nFix this by jumping to the out_err_drain_dsaddrs label, which properly\nfrees the dsaddrs list before cleaning up other resources.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23038"
},
{
"cve": "CVE-2026-23054",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hv_netvsc: reject RSS hash key programming without RX indirection table\n\nRSS configuration requires a valid RX indirection table. When the device\nreports a single receive queue, rndis_filter_device_add() does not\nallocate an indirection table, accepting RSS hash key updates in this\nstate leads to a hang.\n\nFix this by gating netvsc_set_rxfh() on ndc-\u003erx_table_sz and return\n-EOPNOTSUPP when the table is absent. This aligns set_rxfh with the device\ncapabilities and prevents incorrect behavior.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23054"
},
{
"cve": "CVE-2026-23060",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: authencesn - reject too-short AAD (assoclen\u003c8) to match ESP/ESN spec\n\nauthencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than\nthe minimum expected length, crypto_authenc_esn_decrypt() can advance past\nthe end of the destination scatterlist and trigger a NULL pointer dereference\nin scatterwalk_map_and_copy(), leading to a kernel panic (DoS).\n\nAdd a minimum AAD length check to fail fast on invalid inputs.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23060"
},
{
"cve": "CVE-2026-23083",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Don\u0027t allow 0 for FOU_ATTR_IPPROTO.\n\nfou_udp_recv() has the same problem mentioned in the previous\npatch.\n\nIf FOU_ATTR_IPPROTO is set to 0, skb is not freed by\nfou_udp_recv() nor \"resubmit\"-ted in ip_protocol_deliver_rcu().\n\nLet\u0027s forbid 0 for FOU_ATTR_IPPROTO.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23083"
},
{
"cve": "CVE-2026-23084",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list\n\nWhen the parameter pmac_id_valid argument of be_cmd_get_mac_from_list() is\nset to false, the driver may request the PMAC_ID from the firmware of the\nnetwork card, and this function will store that PMAC_ID at the provided\naddress pmac_id. This is the contract of this function.\n\nHowever, there is a location within the driver where both\npmac_id_valid == false and pmac_id == NULL are being passed. This could\nresult in dereferencing a NULL pointer.\n\nTo resolve this issue, it is necessary to pass the address of a stub\nvariable to the function.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23084"
},
{
"cve": "CVE-2026-23086",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: cap TX credit to local buffer size\n\nThe virtio transports derives its TX credit directly from peer_buf_alloc,\nwhich is set from the remote endpoint\u0027s SO_VM_SOCKETS_BUFFER_SIZE value.\n\nOn the host side this means that the amount of data we are willing to\nqueue for a connection is scaled by a guest-chosen buffer size, rather\nthan the host\u0027s own vsock configuration. A malicious guest can advertise\na large buffer and read slowly, causing the host to allocate a\ncorrespondingly large amount of sk_buff memory.\nThe same thing would happen in the guest with a malicious host, since\nvirtio transports share the same code base.\n\nIntroduce a small helper, virtio_transport_tx_buf_size(), that\nreturns min(peer_buf_alloc, buf_alloc), and use it wherever we consume\npeer_buf_alloc.\n\nThis ensures the effective TX window is bounded by both the peer\u0027s\nadvertised buffer and our own buf_alloc (already clamped to\nbuffer_max_size via SO_VM_SOCKETS_BUFFER_MAX_SIZE), so a remote peer\ncannot force the other to queue more data than allowed by its own\nvsock settings.\n\nOn an unpatched Ubuntu 22.04 host (~64 GiB RAM), running a PoC with\n32 guest vsock connections advertising 2 GiB each and reading slowly\ndrove Slab/SUnreclaim from ~0.5 GiB to ~57 GiB; the system only\nrecovered after killing the QEMU process. That said, if QEMU memory is\nlimited with cgroups, the maximum memory used will be limited.\n\nWith this patch applied:\n\n Before:\n MemFree: ~61.6 GiB\n Slab: ~142 MiB\n SUnreclaim: ~117 MiB\n\n After 32 high-credit connections:\n MemFree: ~61.5 GiB\n Slab: ~178 MiB\n SUnreclaim: ~152 MiB\n\nOnly ~35 MiB increase in Slab/SUnreclaim, no host OOM, and the guest\nremains responsive.\n\nCompatibility with non-virtio transports:\n\n - VMCI uses the AF_VSOCK buffer knobs to size its queue pairs per\n socket based on the local vsk-\u003ebuffer_* values; the remote side\n cannot enlarge those queues beyond what the local endpoint\n configured.\n\n - Hyper-V\u0027s vsock transport uses fixed-size VMBus ring buffers and\n an MTU bound; there is no peer-controlled credit field comparable\n to peer_buf_alloc, and the remote endpoint cannot drive in-flight\n kernel memory above those ring sizes.\n\n - The loopback path reuses virtio_transport_common.c, so it\n naturally follows the same semantics as the virtio transport.\n\nThis change is limited to virtio_transport_common.c and thus affects\nvirtio-vsock, vhost-vsock, and loopback, bringing them in line with the\n\"remote window intersected with local policy\" behaviour that VMCI and\nHyper-V already effectively have.\n\n[Stefano: small adjustments after changing the previous patch]\n[Stefano: tweak the commit message]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23086"
},
{
"cve": "CVE-2026-23087",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: xen: scsiback: Fix potential memory leak in scsiback_remove()\n\nMemory allocated for struct vscsiblk_info in scsiback_probe() is not\nfreed in scsiback_remove() leading to potential memory leaks on remove,\nas well as in the scsiback_probe() error paths. Fix that by freeing it\nin scsiback_remove().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23087"
},
{
"cve": "CVE-2026-23095",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngue: Fix skb memleak with inner IP protocol 0.\n\nsyzbot reported skb memleak below. [0]\n\nThe repro generated a GUE packet with its inner protocol 0.\n\ngue_udp_recv() returns -guehdr-\u003eproto_ctype for \"resubmit\"\nin ip_protocol_deliver_rcu(), but this only works with\nnon-zero protocol number.\n\nLet\u0027s drop such packets.\n\nNote that 0 is a valid number (IPv6 Hop-by-Hop Option).\n\nI think it is not practical to encap HOPOPT in GUE, so once\nsomeone starts to complain, we could pass down a resubmit\nflag pointer to distinguish two zeros from the upper layer:\n\n * no error\n * resubmit HOPOPT\n\n[0]\nBUG: memory leak\nunreferenced object 0xffff888109695a00 (size 240):\n comm \"syz.0.17\", pid 6088, jiffies 4294943096\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 40 c2 10 81 88 ff ff 00 00 00 00 00 00 00 00 .@..............\n backtrace (crc a84b336f):\n kmemleak_alloc_recursive include/linux/kmemleak.h:44 [inline]\n slab_post_alloc_hook mm/slub.c:4958 [inline]\n slab_alloc_node mm/slub.c:5263 [inline]\n kmem_cache_alloc_noprof+0x3b4/0x590 mm/slub.c:5270\n __build_skb+0x23/0x60 net/core/skbuff.c:474\n build_skb+0x20/0x190 net/core/skbuff.c:490\n __tun_build_skb drivers/net/tun.c:1541 [inline]\n tun_build_skb+0x4a1/0xa40 drivers/net/tun.c:1636\n tun_get_user+0xc12/0x2030 drivers/net/tun.c:1770\n tun_chr_write_iter+0x71/0x120 drivers/net/tun.c:1999\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x45d/0x710 fs/read_write.c:686\n ksys_write+0xa7/0x170 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa4/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23095"
},
{
"cve": "CVE-2026-23100",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix hugetlb_pmd_shared()\n\nPatch series \"mm/hugetlb: fixes for PMD table sharing (incl. using\nmmu_gather)\", v3.\n\nOne functional fix, one performance regression fix, and two related\ncomment fixes.\n\nI cleaned up my prototype I recently shared [1] for the performance fix,\ndeferring most of the cleanups I had in the prototype to a later point. \nWhile doing that I identified the other things.\n\nThe goal of this patch set is to be backported to stable trees \"fairly\"\neasily. At least patch #1 and #4.\n\nPatch #1 fixes hugetlb_pmd_shared() not detecting any sharing\nPatch #2 + #3 are simple comment fixes that patch #4 interacts with.\nPatch #4 is a fix for the reported performance regression due to excessive\nIPI broadcasts during fork()+exit().\n\nThe last patch is all about TLB flushes, IPIs and mmu_gather.\nRead: complicated\n\nThere are plenty of cleanups in the future to be had + one reasonable\noptimization on x86. But that\u0027s all out of scope for this series.\n\nRuntime tested, with a focus on fixing the performance regression using\nthe original reproducer [2] on x86.\n\n\nThis patch (of 4):\n\nWe switched from (wrongly) using the page count to an independent shared\ncount. Now, shared page tables have a refcount of 1 (excluding\nspeculative references) and instead use ptdesc-\u003ept_share_count to identify\nsharing.\n\nWe didn\u0027t convert hugetlb_pmd_shared(), so right now, we would never\ndetect a shared PMD table as such, because sharing/unsharing no longer\ntouches the refcount of a PMD table.\n\nPage migration, like mbind() or migrate_pages() would allow for migrating\nfolios mapped into such shared PMD tables, even though the folios are not\nexclusive. In smaps we would account them as \"private\" although they are\n\"shared\", and we would be wrongly setting the PM_MMAP_EXCLUSIVE in the\npagemap interface.\n\nFix it by properly using ptdesc_pmd_is_shared() in hugetlb_pmd_shared().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23100"
},
{
"cve": "CVE-2026-23103",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Make the addrs_lock be per port\n\nMake the addrs_lock be per port, not per ipvlan dev.\n\nInitial code seems to be written in the assumption,\nthat any address change must occur under RTNL.\nBut it is not so for the case of IPv6. So\n\n1) Introduce per-port addrs_lock.\n\n2) It was needed to fix places where it was forgotten\nto take lock (ipvlan_open/ipvlan_close)\n\nThis appears to be a very minor problem though.\nSince it\u0027s highly unlikely that ipvlan_add_addr() will\nbe called on 2 CPU simultaneously. But nevertheless,\nthis could cause:\n\n1) False-negative of ipvlan_addr_busy(): one interface\niterated through all port-\u003eipvlans + ipvlan-\u003eaddrs\nunder some ipvlan spinlock, and another added IP\nunder its own lock. Though this is only possible\nfor IPv6, since looks like only ipvlan_addr6_event() can be\ncalled without rtnl_lock.\n\n2) Race since ipvlan_ht_addr_add(port) is called under\ndifferent ipvlan-\u003eaddrs_lock locks\n\nThis should not affect performance, since add/remove IP\nis a rare situation and spinlock is not taken on fast\npaths.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23103"
},
{
"cve": "CVE-2026-23110",
"cwe": {
"id": "CWE-821",
"name": "Incorrect Synchronization"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Wake up the error handler when final completions race against each other\n\nThe fragile ordering between marking commands completed or failed so\nthat the error handler only wakes when the last running command\ncompletes or times out has race conditions. These race conditions can\ncause the SCSI layer to fail to wake the error handler, leaving I/O\nthrough the SCSI host stuck as the error state cannot advance.\n\nFirst, there is an memory ordering issue within scsi_dec_host_busy().\nThe write which clears SCMD_STATE_INFLIGHT may be reordered with reads\ncounting in scsi_host_busy(). While the local CPU will see its own\nwrite, reordering can allow other CPUs in scsi_dec_host_busy() or\nscsi_eh_inc_host_failed() to see a raised busy count, causing no CPU to\nsee a host busy equal to the host_failed count.\n\nThis race condition can be prevented with a memory barrier on the error\npath to force the write to be visible before counting host busy\ncommands.\n\nSecond, there is a general ordering issue with scsi_eh_inc_host_failed(). By\ncounting busy commands before incrementing host_failed, it can race with a\nfinal command in scsi_dec_host_busy(), such that scsi_dec_host_busy() does\nnot see host_failed incremented but scsi_eh_inc_host_failed() counts busy\ncommands before SCMD_STATE_INFLIGHT is cleared by scsi_dec_host_busy(),\nresulting in neither waking the error handler task.\n\nThis needs the call to scsi_host_busy() to be moved after host_failed is\nincremented to close the race condition.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23110"
},
{
"cve": "CVE-2026-23111",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()\n\nnft_map_catchall_activate() has an inverted element activity check\ncompared to its non-catchall counterpart nft_mapelem_activate() and\ncompared to what is logically required.\n\nnft_map_catchall_activate() is called from the abort path to re-activate\ncatchall map elements that were deactivated during a failed transaction.\nIt should skip elements that are already active (they don\u0027t need\nre-activation) and process elements that are inactive (they need to be\nrestored). Instead, the current code does the opposite: it skips inactive\nelements and processes active ones.\n\nCompare the non-catchall activate callback, which is correct:\n\n nft_mapelem_activate():\n if (nft_set_elem_active(ext, iter-\u003egenmask))\n return 0; /* skip active, process inactive */\n\nWith the buggy catchall version:\n\n nft_map_catchall_activate():\n if (!nft_set_elem_active(ext, genmask))\n continue; /* skip inactive, process active */\n\nThe consequence is that when a DELSET operation is aborted,\nnft_setelem_data_activate() is never called for the catchall element.\nFor NFT_GOTO verdict elements, this means nft_data_hold() is never\ncalled to restore the chain-\u003euse reference count. Each abort cycle\npermanently decrements chain-\u003euse. Once chain-\u003euse reaches zero,\nDELCHAIN succeeds and frees the chain while catchall verdict elements\nstill reference it, resulting in a use-after-free.\n\nThis is exploitable for local privilege escalation from an unprivileged\nuser via user namespaces + nftables on distributions that enable\nCONFIG_USER_NS and CONFIG_NF_TABLES.\n\nFix by removing the negation so the check matches nft_mapelem_activate():\nskip active elements, process inactive ones.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23111"
},
{
"cve": "CVE-2026-23113",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop\n\nCurrently this is checked before running the pending work. Normally this\nis quite fine, as work items either end up blocking (which will create a\nnew worker for other items), or they complete fairly quickly. But syzbot\nreports an issue where io-wq takes seemingly forever to exit, and with a\nbit of debugging, this turns out to be because it queues a bunch of big\n(2GB - 4096b) reads with a /dev/msr* file. Since this file type doesn\u0027t\nsupport -\u003eread_iter(), loop_rw_iter() ends up handling them. Each read\nreturns 16MB of data read, which takes 20 (!!) seconds. With a bunch of\nthese pending, processing the whole chain can take a long time. Easily\nlonger than the syzbot uninterruptible sleep timeout of 140 seconds.\nThis then triggers a complaint off the io-wq exit path:\n\nINFO: task syz.4.135:6326 blocked for more than 143 seconds.\n Not tainted syzkaller #0\n Blocked by coredump.\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:syz.4.135 state:D stack:26824 pid:6326 tgid:6324 ppid:5957 task_flags:0x400548 flags:0x00080000\nCall Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5256 [inline]\n __schedule+0x1139/0x6150 kernel/sched/core.c:6863\n __schedule_loop kernel/sched/core.c:6945 [inline]\n schedule+0xe7/0x3a0 kernel/sched/core.c:6960\n schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75\n do_wait_for_common kernel/sched/completion.c:100 [inline]\n __wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:121\n io_wq_exit_workers io_uring/io-wq.c:1328 [inline]\n io_wq_put_and_exit+0x271/0x8a0 io_uring/io-wq.c:1356\n io_uring_clean_tctx+0x10d/0x190 io_uring/tctx.c:203\n io_uring_cancel_generic+0x69c/0x9a0 io_uring/cancel.c:651\n io_uring_files_cancel include/linux/io_uring.h:19 [inline]\n do_exit+0x2ce/0x2bd0 kernel/exit.c:911\n do_group_exit+0xd3/0x2a0 kernel/exit.c:1112\n get_signal+0x2671/0x26d0 kernel/signal.c:3034\n arch_do_signal_or_restart+0x8f/0x7e0 arch/x86/kernel/signal.c:337\n __exit_to_user_mode_loop kernel/entry/common.c:41 [inline]\n exit_to_user_mode_loop+0x8c/0x540 kernel/entry/common.c:75\n __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]\n syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]\n do_syscall_64+0x4ee/0xf80 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fa02738f749\nRSP: 002b:00007fa0281ae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca\nRAX: fffffffffffffe00 RBX: 00007fa0275e6098 RCX: 00007fa02738f749\nRDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa0275e6098\nRBP: 00007fa0275e6090 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fa0275e6128 R14: 00007fff14e4fcb0 R15: 00007fff14e4fd98\n\nThere\u0027s really nothing wrong here, outside of processing these reads\nwill take a LONG time. However, we can speed up the exit by checking the\nIO_WQ_BIT_EXIT inside the io_worker_handle_work() loop, as syzbot will\nexit the ring after queueing up all of these reads. Then once the first\nitem is processed, io-wq will simply cancel the rest. That should avoid\nsyzbot running into this complaint again.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23113"
},
{
"cve": "CVE-2026-23154",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix segmentation of forwarding fraglist GRO\n\nThis patch enhances GSO segment handling by properly checking\nthe SKB_GSO_DODGY flag for frag_list GSO packets, addressing\nlow throughput issues observed when a station accesses IPv4\nservers via hotspots with an IPv6-only upstream interface.\n\nSpecifically, it fixes a bug in GSO segmentation when forwarding\nGRO packets containing a frag_list. The function skb_segment_list\ncannot correctly process GRO skbs that have been converted by XLAT,\nsince XLAT only translates the header of the head skb. Consequently,\nskbs in the frag_list may remain untranslated, resulting in protocol\ninconsistencies and reduced throughput.\n\nTo address this, the patch explicitly sets the SKB_GSO_DODGY flag\nfor GSO packets in XLAT\u0027s IPv4/IPv6 protocol translation helpers\n(bpf_skb_proto_4_to_6 and bpf_skb_proto_6_to_4). This marks GSO\npackets as potentially modified after protocol translation. As a\nresult, GSO segmentation will avoid using skb_segment_list and\ninstead falls back to skb_segment for packets with the SKB_GSO_DODGY\nflag. This ensures that only safe and fully translated frag_list\npackets are processed by skb_segment_list, resolving protocol\ninconsistencies and improving throughput when forwarding GRO packets\nconverted by XLAT.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23154"
},
{
"cve": "CVE-2026-23204",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23231",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix use-after-free in nf_tables_addchain()\n\nnf_tables_addchain() publishes the chain to table-\u003echains via\nlist_add_tail_rcu() (in nft_chain_add()) before registering hooks.\nIf nf_tables_register_hook() then fails, the error path calls\nnft_chain_del() (list_del_rcu()) followed by nf_tables_chain_destroy()\nwith no RCU grace period in between.\n\nThis creates two use-after-free conditions:\n\n 1) Control-plane: nf_tables_dump_chains() traverses table-\u003echains\n under rcu_read_lock(). A concurrent dump can still be walking\n the chain when the error path frees it.\n\n 2) Packet path: for NFPROTO_INET, nf_register_net_hook() briefly\n installs the IPv4 hook before IPv6 registration fails. Packets\n entering nft_do_chain() via the transient IPv4 hook can still be\n dereferencing chain-\u003eblob_gen_X when the error path frees the\n chain.\n\nAdd synchronize_rcu() between nft_chain_del() and the chain destroy\nso that all RCU readers -- both dump threads and in-flight packet\nevaluation -- have finished before the chain is freed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23231"
},
{
"cve": "CVE-2026-23242",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix potential NULL pointer dereference in header processing\n\nIf siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(),\nqp-\u003erx_fpdu can be NULL. The error path in siw_tcp_rx_data()\ndereferences qp-\u003erx_fpdu-\u003emore_ddp_segs without checking, which\nmay lead to a NULL pointer deref. Only check more_ddp_segs when\nrx_fpdu is present.\n\nKASAN splat:\n[ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]\n[ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23242"
},
{
"cve": "CVE-2026-23243",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umad: Reject negative data_len in ib_umad_write\n\nib_umad_write computes data_len from user-controlled count and the\nMAD header sizes. With a mismatched user MAD header size and RMPP\nheader length, data_len can become negative and reach ib_create_send_mad().\nThis can make the padding calculation exceed the segment size and trigger\nan out-of-bounds memset in alloc_send_rmpp_list().\n\nAdd an explicit check to reject negative data_len before creating the\nsend buffer.\n\nKASAN splat:\n[ 211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0\n[ 211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102\n[ 211.365867] ib_create_send_mad+0xa01/0x11b0\n[ 211.365887] ib_umad_write+0x853/0x1c80",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23243"
},
{
"cve": "CVE-2026-23245",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_gate: snapshot parameters with RCU on replace\n\nThe gate action can be replaced while the hrtimer callback or dump path is\nwalking the schedule list.\n\nConvert the parameters to an RCU-protected snapshot and swap updates under\ntcf_lock, freeing the previous snapshot via call_rcu(). When REPLACE omits\nthe entry list, preserve the existing schedule so the effective state is\nunchanged.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23245"
},
{
"cve": "CVE-2026-23270",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks\n\nAs Paolo said earlier [1]:\n\n\"Since the blamed commit below, classify can return TC_ACT_CONSUMED while\nthe current skb being held by the defragmentation engine. As reported by\nGangMin Kim, if such packet is that may cause a UaF when the defrag engine\nlater on tries to tuch again such packet.\"\n\nact_ct was never meant to be used in the egress path, however some users\nare attaching it to egress today [2]. Attempting to reach a middle\nground, we noticed that, while most qdiscs are not handling\nTC_ACT_CONSUMED, clsact/ingress qdiscs are. With that in mind, we\naddress the issue by only allowing act_ct to bind to clsact/ingress\nqdiscs and shared blocks. That way it\u0027s still possible to attach act_ct to\negress (albeit only with clsact).\n\n[1] https://lore.kernel.org/netdev/674b8cbfc385c6f37fb29a1de08d8fe5c2b0fbee.1771321118.git.pabeni@redhat.com/\n[2] https://lore.kernel.org/netdev/cc6bfb4a-4a2b-42d8-b9ce-7ef6644fb22b@ovn.org/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23270"
},
{
"cve": "CVE-2026-23271",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix __perf_event_overflow() vs perf_remove_from_context() race\n\nMake sure that __perf_event_overflow() runs with IRQs disabled for all\npossible callchains. Specifically the software events can end up running\nit with only preemption disabled.\n\nThis opens up a race vs perf_event_exit_event() and friends that will go\nand free various things the overflow path expects to be present, like\nthe BPF program.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23271"
},
{
"cve": "CVE-2026-23273",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: observe an RCU grace period in macvlan_common_newlink() error path\n\nvalis reported that a race condition still happens after my prior patch.\n\nmacvlan_common_newlink() might have made @dev visible before\ndetecting an error, and its caller will directly call free_netdev(dev).\n\nWe must respect an RCU period, either in macvlan or the core networking\nstack.\n\nAfter adding a temporary mdelay(1000) in macvlan_forward_source_one()\nto open the race window, valis repro was:\n\nip link add p1 type veth peer p2\nip link set address 00:00:00:00:00:20 dev p1\nip link set up dev p1\nip link set up dev p2\nip link add mv0 link p2 type macvlan mode source\n\n(ip link add invalid% link p2 type macvlan mode source macaddr add\n00:00:00:00:00:20 \u0026) ; sleep 0.5 ; ping -c1 -I p1 1.2.3.4\nPING 1.2.3.4 (1.2.3.4): 56 data bytes\nRTNETLINK answers: Invalid argument\n\nBUG: KASAN: slab-use-after-free in macvlan_forward_source\n(drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nRead of size 8 at addr ffff888016bb89c0 by task e/175\n\nCPU: 1 UID: 1000 PID: 175 Comm: e Not tainted 6.19.0-rc8+ #33 NONE\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n\u003cIRQ\u003e\ndump_stack_lvl (lib/dump_stack.c:123)\nprint_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nkasan_report (mm/kasan/report.c:597)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nmacvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\n? tasklet_init (kernel/softirq.c:983)\nmacvlan_handle_frame (drivers/net/macvlan.c:501)\n\nAllocated by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\n__kasan_kmalloc (mm/kasan/common.c:419)\n__kvmalloc_node_noprof (./include/linux/kasan.h:263 mm/slub.c:5657\nmm/slub.c:7140)\nalloc_netdev_mqs (net/core/dev.c:12012)\nrtnl_create_link (net/core/rtnetlink.c:3648)\nrtnl_newlink (net/core/rtnetlink.c:3830 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)\n\nFreed by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\nkasan_save_free_info (mm/kasan/generic.c:587)\n__kasan_slab_free (mm/kasan/common.c:287)\nkfree (mm/slub.c:6674 mm/slub.c:6882)\nrtnl_newlink (net/core/rtnetlink.c:3845 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23273"
},
{
"cve": "CVE-2026-23274",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels\n\nIDLETIMER revision 0 rules reuse existing timers by label and always call\nmod_timer() on timer-\u003etimer.\n\nIf the label was created first by revision 1 with XT_IDLETIMER_ALARM,\nthe object uses alarm timer semantics and timer-\u003etimer is never initialized.\nReusing that object from revision 0 causes mod_timer() on an uninitialized\ntimer_list, triggering debugobjects warnings and possible panic when\npanic_on_warn=1.\n\nFix this by rejecting revision 0 rule insertion when an existing timer with\nthe same label is of ALARM type.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23274"
},
{
"cve": "CVE-2026-23277",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit\n\nteql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit\nthrough slave devices, but does not update skb-\u003edev to the slave device\nbeforehand.\n\nWhen a gretap tunnel is a TEQL slave, the transmit path reaches\niptunnel_xmit() which saves dev = skb-\u003edev (still pointing to teql0\nmaster) and later calls iptunnel_xmit_stats(dev, pkt_len). This\nfunction does:\n\n get_cpu_ptr(dev-\u003etstats)\n\nSince teql_master_setup() does not set dev-\u003epcpu_stat_type to\nNETDEV_PCPU_STAT_TSTATS, the core network stack never allocates tstats\nfor teql0, so dev-\u003etstats is NULL. get_cpu_ptr(NULL) computes\nNULL + __per_cpu_offset[cpu], resulting in a page fault.\n\n BUG: unable to handle page fault for address: ffff8880e6659018\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 68bc067 P4D 68bc067 PUD 0\n Oops: Oops: 0002 [#1] SMP KASAN PTI\n RIP: 0010:iptunnel_xmit (./include/net/ip_tunnels.h:664 net/ipv4/ip_tunnel_core.c:89)\n Call Trace:\n \u003cTASK\u003e\n ip_tunnel_xmit (net/ipv4/ip_tunnel.c:847)\n __gre_xmit (net/ipv4/ip_gre.c:478)\n gre_tap_xmit (net/ipv4/ip_gre.c:779)\n teql_master_xmit (net/sched/sch_teql.c:319)\n dev_hard_start_xmit (net/core/dev.c:3887)\n sch_direct_xmit (net/sched/sch_generic.c:347)\n __dev_queue_xmit (net/core/dev.c:4802)\n neigh_direct_output (net/core/neighbour.c:1660)\n ip_finish_output2 (net/ipv4/ip_output.c:237)\n __ip_finish_output.part.0 (net/ipv4/ip_output.c:315)\n ip_mc_output (net/ipv4/ip_output.c:369)\n ip_send_skb (net/ipv4/ip_output.c:1508)\n udp_send_skb (net/ipv4/udp.c:1195)\n udp_sendmsg (net/ipv4/udp.c:1485)\n inet_sendmsg (net/ipv4/af_inet.c:859)\n __sys_sendto (net/socket.c:2206)\n\nFix this by setting skb-\u003edev = slave before calling\nnetdev_start_xmit(), so that tunnel xmit functions see the correct\nslave device with properly allocated tstats.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23277"
},
{
"cve": "CVE-2026-23284",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()\n\nReset eBPF program pointer to old_prog and do not decrease its ref-count\nif mtk_open routine in mtk_xdp_setup() fails.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23284"
},
{
"cve": "CVE-2026-23287",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/sifive-plic: Fix frozen interrupt due to affinity setting\n\nPLIC ignores interrupt completion message for disabled interrupt, explained\nby the specification:\n\n The PLIC signals it has completed executing an interrupt handler by\n writing the interrupt ID it received from the claim to the\n claim/complete register. The PLIC does not check whether the completion\n ID is the same as the last claim ID for that target. If the completion\n ID does not match an interrupt source that is currently enabled for\n the target, the completion is silently ignored.\n\nThis caused problems in the past, because an interrupt can be disabled\nwhile still being handled and plic_irq_eoi() had no effect. That was fixed\nby checking if the interrupt is disabled, and if so enable it, before\nsending the completion message. That check is done with irqd_irq_disabled().\n\nHowever, that is not sufficient because the enable bit for the handling\nhart can be zero despite irqd_irq_disabled(d) being false. This can happen\nwhen affinity setting is changed while a hart is still handling the\ninterrupt.\n\nThis problem is easily reproducible by dumping a large file to uart (which\ngenerates lots of interrupts) and at the same time keep changing the uart\ninterrupt\u0027s affinity setting. The uart port becomes frozen almost\ninstantaneously.\n\nFix this by checking PLIC\u0027s enable bit instead of irqd_irq_disabled().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23287"
},
{
"cve": "CVE-2026-23290",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: pegasus: validate USB endpoints\n\nThe pegasus driver should validate that the device it is probing has the\nproper number and types of USB endpoints it is expecting before it binds\nto it. If a malicious device were to not have the same urbs the driver\nwill crash later on when it blindly accesses these endpoints.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23290"
},
{
"cve": "CVE-2026-23293",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled\n\nWhen booting with the \u0027ipv6.disable=1\u0027 parameter, the nd_tbl is never\ninitialized because inet6_init() exits before ndisc_init() is called\nwhich initializes it. If an IPv6 packet is injected into the interface,\nroute_shortcircuit() is called and a NULL pointer dereference happens on\nneigh_lookup().\n\n BUG: kernel NULL pointer dereference, address: 0000000000000380\n Oops: Oops: 0000 [#1] SMP NOPTI\n [...]\n RIP: 0010:neigh_lookup+0x20/0x270\n [...]\n Call Trace:\n \u003cTASK\u003e\n vxlan_xmit+0x638/0x1ef0 [vxlan]\n dev_hard_start_xmit+0x9e/0x2e0\n __dev_queue_xmit+0xbee/0x14e0\n packet_sendmsg+0x116f/0x1930\n __sys_sendto+0x1f5/0x200\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0x12f/0x1590\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFix this by adding an early check on route_shortcircuit() when protocol\nis ETH_P_IPV6. Note that ipv6_mod_enabled() cannot be used here because\nVXLAN can be built-in even when IPv6 is built as a module.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23293"
},
{
"cve": "CVE-2026-23300",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop\n\nWhen a standalone IPv6 nexthop object is created with a loopback device\n(e.g., \"ip -6 nexthop add id 100 dev lo\"), fib6_nh_init() misclassifies\nit as a reject route. This is because nexthop objects have no destination\nprefix (fc_dst=::), causing fib6_is_reject() to match any loopback\nnexthop. The reject path skips fib_nh_common_init(), leaving\nnhc_pcpu_rth_output unallocated. If an IPv4 route later references this\nnexthop, __mkroute_output() dereferences NULL nhc_pcpu_rth_output and\npanics.\n\nSimplify the check in fib6_nh_init() to only match explicit reject\nroutes (RTF_REJECT) instead of using fib6_is_reject(). The loopback\npromotion heuristic in fib6_is_reject() is handled separately by\nip6_route_info_create_nh(). After this change, the three cases behave\nas follows:\n\n1. Explicit reject route (\"ip -6 route add unreachable 2001:db8::/64\"):\n RTF_REJECT is set, enters reject path, skips fib_nh_common_init().\n No behavior change.\n\n2. Implicit loopback reject route (\"ip -6 route add 2001:db8::/32 dev lo\"):\n RTF_REJECT is not set, takes normal path, fib_nh_common_init() is\n called. ip6_route_info_create_nh() still promotes it to reject\n afterward. nhc_pcpu_rth_output is allocated but unused, which is\n harmless.\n\n3. Standalone nexthop object (\"ip -6 nexthop add id 100 dev lo\"):\n RTF_REJECT is not set, takes normal path, fib_nh_common_init() is\n called. nhc_pcpu_rth_output is properly allocated, fixing the crash\n when IPv4 routes reference this nexthop.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23300"
},
{
"cve": "CVE-2026-23304",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()\n\nl3mdev_master_dev_rcu() can return NULL when the slave device is being\nun-slaved from a VRF. All other callers deal with this, but we lost\nthe fallback to loopback in ip6_rt_pcpu_alloc() -\u003e ip6_rt_get_dev_rcu()\nwith commit 4832c30d5458 (\"net: ipv6: put host and anycast routes on\ndevice with address\").\n\n KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]\n RIP: 0010:ip6_rt_pcpu_alloc (net/ipv6/route.c:1418)\n Call Trace:\n ip6_pol_route (net/ipv6/route.c:2318)\n fib6_rule_lookup (net/ipv6/fib6_rules.c:115)\n ip6_route_output_flags (net/ipv6/route.c:2607)\n vrf_process_v6_outbound (drivers/net/vrf.c:437)\n\nI was tempted to rework the un-slaving code to clear the flag first\nand insert synchronize_rcu() before we remove the upper. But looks like\nthe explicit fallback to loopback_dev is an established pattern.\nAnd I guess avoiding the synchronize_rcu() is nice, too.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23304"
},
{
"cve": "CVE-2026-23319",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim\n\nThe root cause of this bug is that when \u0027bpf_link_put\u0027 reduces the\nrefcount of \u0027shim_link-\u003elink.link\u0027 to zero, the resource is considered\nreleased but may still be referenced via \u0027tr-\u003eprogs_hlist\u0027 in\n\u0027cgroup_shim_find\u0027. The actual cleanup of \u0027tr-\u003eprogs_hlist\u0027 in\n\u0027bpf_shim_tramp_link_release\u0027 is deferred. During this window, another\nprocess can cause a use-after-free via \u0027bpf_trampoline_link_cgroup_shim\u0027.\n\nBased on Martin KaFai Lau\u0027s suggestions, I have created a simple patch.\n\nTo fix this:\n Add an atomic non-zero check in \u0027bpf_trampoline_link_cgroup_shim\u0027.\n Only increment the refcount if it is not already zero.\n\nTesting:\n I verified the fix by adding a delay in\n \u0027bpf_shim_tramp_link_release\u0027 to make the bug easier to trigger:\n\nstatic void bpf_shim_tramp_link_release(struct bpf_link *link)\n{\n\t/* ... */\n\tif (!shim_link-\u003etrampoline)\n\t\treturn;\n\n+\tmsleep(100);\n\tWARN_ON_ONCE(bpf_trampoline_unlink_prog(\u0026shim_link-\u003elink,\n\t\tshim_link-\u003etrampoline, NULL));\n\tbpf_trampoline_put(shim_link-\u003etrampoline);\n}\n\nBefore the patch, running a PoC easily reproduced the crash(almost 100%)\nwith a call trace similar to KaiyanM\u0027s report.\nAfter the patch, the bug no longer occurs even after millions of\niterations.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23319"
},
{
"cve": "CVE-2026-23321",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: in-kernel: always mark signal+subflow endp as used\n\nSyzkaller managed to find a combination of actions that was generating\nthis warning:\n\n msk-\u003epm.local_addr_used == 0\n WARNING: net/mptcp/pm_kernel.c:1071 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline], CPU#1: syz.2.17/961\n WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline], CPU#1: syz.2.17/961\n WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210, CPU#1: syz.2.17/961\n Modules linked in:\n CPU: 1 UID: 0 PID: 961 Comm: syz.2.17 Not tainted 6.19.0-08368-gfafda3b4b06b #22 PREEMPT(full)\n Hardware name: QEMU Ubuntu 25.10 PC v2 (i440FX + PIIX, + 10.1 machine, 1996), BIOS 1.17.0-debian-1.17.0-1build1 04/01/2014\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline]\n RIP: 0010:mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline]\n RIP: 0010:mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210\n Code: 89 c5 e8 46 30 6f fe e9 21 fd ff ff 49 83 ed 80 e8 38 30 6f fe 4c 89 ef be 03 00 00 00 e8 db 49 df fe eb ac e8 24 30 6f fe 90 \u003c0f\u003e 0b 90 e9 1d ff ff ff e8 16 30 6f fe eb 05 e8 0f 30 6f fe e8 9a\n RSP: 0018:ffffc90001663880 EFLAGS: 00010293\n RAX: ffffffff82de1a6c RBX: 0000000000000000 RCX: ffff88800722b500\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff8880158b22d0 R08: 0000000000010425 R09: ffffffffffffffff\n R10: ffffffff82de18ba R11: 0000000000000000 R12: ffff88800641a640\n R13: ffff8880158b1880 R14: ffff88801ec3c900 R15: ffff88800641a650\n FS: 00005555722c3500(0000) GS:ffff8880f909d000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f66346e0f60 CR3: 000000001607c000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit+0x117/0x180 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x3a8/0x3f0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16d/0x240 net/netlink/af_netlink.c:2550\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x3e9/0x4c0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x4aa/0x5b0 net/netlink/af_netlink.c:1894\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg+0xc9/0xf0 net/socket.c:742\n ____sys_sendmsg+0x272/0x3b0 net/socket.c:2592\n ___sys_sendmsg+0x2de/0x320 net/socket.c:2646\n __sys_sendmsg net/socket.c:2678 [inline]\n __do_sys_sendmsg net/socket.c:2683 [inline]\n __se_sys_sendmsg net/socket.c:2681 [inline]\n __x64_sys_sendmsg+0x110/0x1a0 net/socket.c:2681\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x143/0x440 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f66346f826d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007ffc83d8bdc8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6634985fa0 RCX: 00007f66346f826d\n RDX: 00000000040000b0 RSI: 0000200000000740 RDI: 0000000000000007\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6634985fa8\n R13: 00007f6634985fac R14: 0000000000000000 R15: 0000000000001770\n \u003c/TASK\u003e\n\nThe actions that caused that seem to be:\n\n - Set the MPTCP subflows limit to 0\n - Create an MPTCP endpoint with both the \u0027signal\u0027 and \u0027subflow\u0027 flags\n - Create a new MPTCP connection from a different address: an ADD_ADDR\n linked to the MPTCP endpoint will be sent (\u0027signal\u0027 flag), but no\n subflows is initiated (\u0027subflow\u0027 flag)\n - Remove the MPTCP endpoint\n\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23321"
},
{
"cve": "CVE-2026-23335",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()\n\nstruct irdma_create_ah_resp { // 8 bytes, no padding\n __u32 ah_id; // offset 0 - SET (uresp.ah_id = ah-\u003esc_ah.ah_info.ah_idx)\n __u8 rsvd[4]; // offset 4 - NEVER SET \u003c- LEAK\n};\n\nrsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata().\n\nThe reserved members of the structure were not zeroed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23335"
},
{
"cve": "CVE-2026-23340",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs\n\nWhen shrinking the number of real tx queues,\nnetif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush\nqdiscs for queues which will no longer be used.\n\nqdisc_reset_all_tx_gt() currently serializes qdisc_reset() with\nqdisc_lock(). However, for lockless qdiscs, the dequeue path is\nserialized by qdisc_run_begin/end() using qdisc-\u003eseqlock instead, so\nqdisc_reset() can run concurrently with __qdisc_run() and free skbs\nwhile they are still being dequeued, leading to UAF.\n\nThis can easily be reproduced on e.g. virtio-net by imposing heavy\ntraffic while frequently changing the number of queue pairs:\n\n iperf3 -ub0 -c $peer -t 0 \u0026\n while :; do\n ethtool -L eth0 combined 1\n ethtool -L eth0 combined 2\n done\n\nWith KASAN enabled, this leads to reports like:\n\n BUG: KASAN: slab-use-after-free in __qdisc_run+0x133f/0x1760\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n __qdisc_run+0x133f/0x1760\n __dev_queue_xmit+0x248f/0x3550\n ip_finish_output2+0xa42/0x2110\n ip_output+0x1a7/0x410\n ip_send_skb+0x2e6/0x480\n udp_send_skb+0xb0a/0x1590\n udp_sendmsg+0x13c9/0x1fc0\n ...\n \u003c/TASK\u003e\n\n Allocated by task 1270 on cpu 5 at 44.558414s:\n ...\n alloc_skb_with_frags+0x84/0x7c0\n sock_alloc_send_pskb+0x69a/0x830\n __ip_append_data+0x1b86/0x48c0\n ip_make_skb+0x1e8/0x2b0\n udp_sendmsg+0x13a6/0x1fc0\n ...\n\n Freed by task 1306 on cpu 3 at 44.558445s:\n ...\n kmem_cache_free+0x117/0x5e0\n pfifo_fast_reset+0x14d/0x580\n qdisc_reset+0x9e/0x5f0\n netif_set_real_num_tx_queues+0x303/0x840\n virtnet_set_channels+0x1bf/0x260 [virtio_net]\n ethnl_set_channels+0x684/0xae0\n ethnl_default_set_doit+0x31a/0x890\n ...\n\nSerialize qdisc_reset_all_tx_gt() against the lockless dequeue path by\ntaking qdisc-\u003eseqlock for TCQ_F_NOLOCK qdiscs, matching the\nserialization model already used by dev_reset_queue().\n\nAdditionally clear QDISC_STATE_NON_EMPTY after reset so the qdisc state\nreflects an empty queue, avoiding needless re-scheduling.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23340"
},
{
"cve": "CVE-2026-23343",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxdp: produce a warning when calculated tailroom is negative\n\nMany ethernet drivers report xdp Rx queue frag size as being the same as\nDMA write size. However, the only user of this field, namely\nbpf_xdp_frags_increase_tail(), clearly expects a truesize.\n\nSuch difference leads to unspecific memory corruption issues under certain\ncircumstances, e.g. in ixgbevf maximum DMA write size is 3 KB, so when\nrunning xskxceiver\u0027s XDP_ADJUST_TAIL_GROW_MULTI_BUFF, 6K packet fully uses\nall DMA-writable space in 2 buffers. This would be fine, if only\nrxq-\u003efrag_size was properly set to 4K, but value of 3K results in a\nnegative tailroom, because there is a non-zero page offset.\n\nWe are supposed to return -EINVAL and be done with it in such case, but due\nto tailroom being stored as an unsigned int, it is reported to be somewhere\nnear UINT_MAX, resulting in a tail being grown, even if the requested\noffset is too much (it is around 2K in the abovementioned test). This later\nleads to all kinds of unspecific calltraces.\n\n[ 7340.337579] xskxceiver[1440]: segfault at 1da718 ip 00007f4161aeac9d sp 00007f41615a6a00 error 6\n[ 7340.338040] xskxceiver[1441]: segfault at 7f410000000b ip 00000000004042b5 sp 00007f415bffecf0 error 4\n[ 7340.338179] in libc.so.6[61c9d,7f4161aaf000+160000]\n[ 7340.339230] in xskxceiver[42b5,400000+69000]\n[ 7340.340300] likely on CPU 6 (core 0, socket 6)\n[ 7340.340302] Code: ff ff 01 e9 f4 fe ff ff 0f 1f 44 00 00 4c 39 f0 74 73 31 c0 ba 01 00 00 00 f0 0f b1 17 0f 85 ba 00 00 00 49 8b 87 88 00 00 00 \u003c4c\u003e 89 70 08 eb cc 0f 1f 44 00 00 48 8d bd f0 fe ff ff 89 85 ec fe\n[ 7340.340888] likely on CPU 3 (core 0, socket 3)\n[ 7340.345088] Code: 00 00 00 ba 00 00 00 00 be 00 00 00 00 89 c7 e8 31 ca ff ff 89 45 ec 8b 45 ec 85 c0 78 07 b8 00 00 00 00 eb 46 e8 0b c8 ff ff \u003c8b\u003e 00 83 f8 69 74 24 e8 ff c7 ff ff 8b 00 83 f8 0b 74 18 e8 f3 c7\n[ 7340.404334] Oops: general protection fault, probably for non-canonical address 0x6d255010bdffc: 0000 [#1] SMP NOPTI\n[ 7340.405972] CPU: 7 UID: 0 PID: 1439 Comm: xskxceiver Not tainted 6.19.0-rc1+ #21 PREEMPT(lazy)\n[ 7340.408006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014\n[ 7340.409716] RIP: 0010:lookup_swap_cgroup_id+0x44/0x80\n[ 7340.410455] Code: 83 f8 1c 73 39 48 ba ff ff ff ff ff ff ff 03 48 8b 04 c5 20 55 fa bd 48 21 d1 48 89 ca 83 e1 01 48 d1 ea c1 e1 04 48 8d 04 90 \u003c8b\u003e 00 48 83 c4 10 d3 e8 c3 cc cc cc cc 31 c0 e9 98 b7 dd 00 48 89\n[ 7340.412787] RSP: 0018:ffffcc5c04f7f6d0 EFLAGS: 00010202\n[ 7340.413494] RAX: 0006d255010bdffc RBX: ffff891f477895a8 RCX: 0000000000000010\n[ 7340.414431] RDX: 0001c17e3fffffff RSI: 00fa070000000000 RDI: 000382fc7fffffff\n[ 7340.415354] RBP: 00fa070000000000 R08: ffffcc5c04f7f8f8 R09: ffffcc5c04f7f7d0\n[ 7340.416283] R10: ffff891f4c1a7000 R11: ffffcc5c04f7f9c8 R12: ffffcc5c04f7f7d0\n[ 7340.417218] R13: 03ffffffffffffff R14: 00fa06fffffffe00 R15: ffff891f47789500\n[ 7340.418229] FS: 0000000000000000(0000) GS:ffff891ffdfaa000(0000) knlGS:0000000000000000\n[ 7340.419489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 7340.420286] CR2: 00007f415bfffd58 CR3: 0000000103f03002 CR4: 0000000000772ef0\n[ 7340.421237] PKRU: 55555554\n[ 7340.421623] Call Trace:\n[ 7340.421987] \u003cTASK\u003e\n[ 7340.422309] ? softleaf_from_pte+0x77/0xa0\n[ 7340.422855] swap_pte_batch+0xa7/0x290\n[ 7340.423363] zap_nonpresent_ptes.constprop.0.isra.0+0xd1/0x270\n[ 7340.424102] zap_pte_range+0x281/0x580\n[ 7340.424607] zap_pmd_range.isra.0+0xc9/0x240\n[ 7340.425177] unmap_page_range+0x24d/0x420\n[ 7340.425714] unmap_vmas+0xa1/0x180\n[ 7340.426185] exit_mmap+0xe1/0x3b0\n[ 7340.426644] __mmput+0x41/0x150\n[ 7340.427098] exit_mm+0xb1/0x110\n[ 7340.427539] do_exit+0x1b2/0x460\n[ 7340.427992] do_group_exit+0x2d/0xc0\n[ 7340.428477] get_signal+0x79d/0x7e0\n[ 7340.428957] arch_do_signal_or_restart+0x34/0x100\n[ 7340.429571] exit_to_user_mode_loop+0x8e/0x4c0\n[ 7340.430159] do_syscall_64+0x188/\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23343"
},
{
"cve": "CVE-2026-23351",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: split gc into unlink and reclaim phase\n\nYiming Qian reports Use-after-free in the pipapo set type:\n Under a large number of expired elements, commit-time GC can run for a very\n long time in a non-preemptible context, triggering soft lockup warnings and\n RCU stall reports (local denial of service).\n\nWe must split GC in an unlink and a reclaim phase.\n\nWe cannot queue elements for freeing until pointers have been swapped.\nExpired elements are still exposed to both the packet path and userspace\ndumpers via the live copy of the data structure.\n\ncall_rcu() does not protect us: dump operations or element lookups starting\nafter call_rcu has fired can still observe the free\u0027d element, unless the\ncommit phase has made enough progress to swap the clone and live pointers\nbefore any new reader has picked up the old version.\n\nThis a similar approach as done recently for the rbtree backend in commit\n35f83a75529a (\"netfilter: nft_set_rbtree: don\u0027t gc elements on insert\").",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23351"
},
{
"cve": "CVE-2026-23359",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stack-out-of-bounds write in devmap\n\nget_upper_ifindexes() iterates over all upper devices and writes their\nindices into an array without checking bounds.\n\nAlso the callers assume that the max number of upper devices is\nMAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack,\nbut that assumption is not correct and the number of upper devices could\nbe larger than MAX_NEST_DEV (e.g., many macvlans), causing a\nstack-out-of-bounds write.\n\nAdd a max parameter to get_upper_ifindexes() to avoid the issue.\nWhen there are too many upper devices, return -EOVERFLOW and abort the\nredirect.\n\nTo reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with\nan XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS.\nThen send a packet to the device to trigger the XDP redirect path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23359"
},
{
"cve": "CVE-2026-23365",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: kalmia: validate USB endpoints\n\nThe kalmia driver should validate that the device it is probing has the\nproper number and types of USB endpoints it is expecting before it binds\nto it. If a malicious device were to not have the same urbs the driver\nwill crash later on when it blindly accesses these endpoints.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23365"
},
{
"cve": "CVE-2026-23368",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: register phy led_triggers during probe to avoid AB-BA deadlock\n\nThere is an AB-BA deadlock when both LEDS_TRIGGER_NETDEV and\nLED_TRIGGER_PHY are enabled:\n\n[ 1362.049207] [\u003c8054e4b8\u003e] led_trigger_register+0x5c/0x1fc \u003c-- Trying to get lock \"triggers_list_lock\" via down_write(\u0026triggers_list_lock);\n[ 1362.054536] [\u003c80662830\u003e] phy_led_triggers_register+0xd0/0x234\n[ 1362.060329] [\u003c8065e200\u003e] phy_attach_direct+0x33c/0x40c\n[ 1362.065489] [\u003c80651fc4\u003e] phylink_fwnode_phy_connect+0x15c/0x23c\n[ 1362.071480] [\u003c8066ee18\u003e] mtk_open+0x7c/0xba0\n[ 1362.075849] [\u003c806d714c\u003e] __dev_open+0x280/0x2b0\n[ 1362.080384] [\u003c806d7668\u003e] __dev_change_flags+0x244/0x24c\n[ 1362.085598] [\u003c806d7698\u003e] dev_change_flags+0x28/0x78\n[ 1362.090528] [\u003c807150e4\u003e] dev_ioctl+0x4c0/0x654 \u003c-- Hold lock \"rtnl_mutex\" by calling rtnl_lock();\n[ 1362.094985] [\u003c80694360\u003e] sock_ioctl+0x2f4/0x4e0\n[ 1362.099567] [\u003c802e9c4c\u003e] sys_ioctl+0x32c/0xd8c\n[ 1362.104022] [\u003c80014504\u003e] syscall_common+0x34/0x58\n\nHere LED_TRIGGER_PHY is registering LED triggers during phy_attach\nwhile holding RTNL and then taking triggers_list_lock.\n\n[ 1362.191101] [\u003c806c2640\u003e] register_netdevice_notifier+0x60/0x168 \u003c-- Trying to get lock \"rtnl_mutex\" via rtnl_lock();\n[ 1362.197073] [\u003c805504ac\u003e] netdev_trig_activate+0x194/0x1e4\n[ 1362.202490] [\u003c8054e28c\u003e] led_trigger_set+0x1d4/0x360 \u003c-- Hold lock \"triggers_list_lock\" by down_read(\u0026triggers_list_lock);\n[ 1362.207511] [\u003c8054eb38\u003e] led_trigger_write+0xd8/0x14c\n[ 1362.212566] [\u003c80381d98\u003e] sysfs_kf_bin_write+0x80/0xbc\n[ 1362.217688] [\u003c8037fcd8\u003e] kernfs_fop_write_iter+0x17c/0x28c\n[ 1362.223174] [\u003c802cbd70\u003e] vfs_write+0x21c/0x3c4\n[ 1362.227712] [\u003c802cc0c4\u003e] ksys_write+0x78/0x12c\n[ 1362.232164] [\u003c80014504\u003e] syscall_common+0x34/0x58\n\nHere LEDS_TRIGGER_NETDEV is being enabled on an LED. It first takes\ntriggers_list_lock and then RTNL. A classical AB-BA deadlock.\n\nphy_led_triggers_registers() does not require the RTNL, it does not\nmake any calls into the network stack which require protection. There\nis also no requirement the PHY has been attached to a MAC, the\ntriggers only make use of phydev state. This allows the call to\nphy_led_triggers_registers() to be placed elsewhere. PHY probe() and\nrelease() don\u0027t hold RTNL, so solving the AB-BA deadlock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23368"
},
{
"cve": "CVE-2026-23370",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Don\u0027t hex dump plaintext password data\n\nset_new_password() hex dumps the entire buffer, which contains plaintext\npassword data, including current and new passwords. Remove the hex dump\nto avoid leaking credentials.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23370"
},
{
"cve": "CVE-2026-23378",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ife: Fix metalist update behavior\n\nWhenever an ife action replace changes the metalist, instead of\nreplacing the old data on the metalist, the current ife code is appending\nthe new metadata. Aside from being innapropriate behavior, this may lead\nto an unbounded addition of metadata to the metalist which might cause an\nout of bounds error when running the encode op:\n\n[ 138.423369][ C1] ==================================================================\n[ 138.424317][ C1] BUG: KASAN: slab-out-of-bounds in ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.424906][ C1] Write of size 4 at addr ffff8880077f4ffe by task ife_out_out_bou/255\n[ 138.425778][ C1] CPU: 1 UID: 0 PID: 255 Comm: ife_out_out_bou Not tainted 7.0.0-rc1-00169-gfbdfa8da05b6 #624 PREEMPT(full)\n[ 138.425795][ C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n[ 138.425800][ C1] Call Trace:\n[ 138.425804][ C1] \u003cIRQ\u003e\n[ 138.425808][ C1] dump_stack_lvl (lib/dump_stack.c:122)\n[ 138.425828][ C1] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n[ 138.425839][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 138.425844][ C1] ? __virt_addr_valid (./arch/x86/include/asm/preempt.h:95 (discriminator 1) ./include/linux/rcupdate.h:975 (discriminator 1) ./include/linux/mmzone.h:2207 (discriminator 1) arch/x86/mm/physaddr.c:54 (discriminator 1))\n[ 138.425853][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.425859][ C1] kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:597)\n[ 138.425868][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.425878][ C1] kasan_check_range (mm/kasan/generic.c:186 (discriminator 1) mm/kasan/generic.c:200 (discriminator 1))\n[ 138.425884][ C1] __asan_memset (mm/kasan/shadow.c:84 (discriminator 2))\n[ 138.425889][ C1] ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.425893][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:171)\n[ 138.425898][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 138.425903][ C1] ife_encode_meta_u16 (net/sched/act_ife.c:57)\n[ 138.425910][ C1] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114)\n[ 138.425916][ C1] ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 3))\n[ 138.425921][ C1] ? __pfx_ife_encode_meta_u16 (net/sched/act_ife.c:45)\n[ 138.425927][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 138.425931][ C1] tcf_ife_act (net/sched/act_ife.c:847 net/sched/act_ife.c:879)\n\nTo solve this issue, fix the replace behavior by adding the metalist to\nthe ife rcu data structure.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23378"
},
{
"cve": "CVE-2026-23379",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: fix divide by zero in the offload path\n\nOffloading ETS requires computing each class\u0027 WRR weight: this is done by\naveraging over the sums of quanta as \u0027q_sum\u0027 and \u0027q_psum\u0027. Using unsigned\nint, the same integer size as the individual DRR quanta, can overflow and\neven cause division by zero, like it happened in the following splat:\n\n Oops: divide error: 0000 [#1] SMP PTI\n CPU: 13 UID: 0 PID: 487 Comm: tc Tainted: G E 6.19.0-virtme #45 PREEMPT(full)\n Tainted: [E]=UNSIGNED_MODULE\n Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets]\n Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 \u003c41\u003e f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44\n RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246\n RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660\n RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe\n R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000\n FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ets_qdisc_change+0x870/0xf40 [sch_ets]\n qdisc_create+0x12b/0x540\n tc_modify_qdisc+0x6d7/0xbd0\n rtnetlink_rcv_msg+0x168/0x6b0\n netlink_rcv_skb+0x5c/0x110\n netlink_unicast+0x1d6/0x2b0\n netlink_sendmsg+0x22e/0x470\n ____sys_sendmsg+0x38a/0x3c0\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x111/0xf80\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f440b81c77e\n Code: 4d 89 d8 e8 d4 bc 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 \u003cc9\u003e c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa\n RSP: 002b:00007fff951e4c10 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000481820 RCX: 00007f440b81c77e\n RDX: 0000000000000000 RSI: 00007fff951e4cd0 RDI: 0000000000000003\n RBP: 00007fff951e4c20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff951f4fa8\n R13: 00000000699ddede R14: 00007f440bb01000 R15: 0000000000486980\n \u003c/TASK\u003e\n Modules linked in: sch_ets(E) netdevsim(E)\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets]\n Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 \u003c41\u003e f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44\n RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246\n RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660\n RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe\n R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000\n FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0\n Kernel panic - not syncing: Fatal exception\n Kernel Offset: 0x30000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)\n ---[ end Kernel panic - not syncing: Fatal exception ]---\n\nFix this using 64-bit integers for \u0027q_sum\u0027 and \u0027q_psum\u0027.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23379"
},
{
"cve": "CVE-2026-23381",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix nd_tbl NULL dereference when IPv6 is disabled\n\nWhen booting with the \u0027ipv6.disable=1\u0027 parameter, the nd_tbl is never\ninitialized because inet6_init() exits before ndisc_init() is called\nwhich initializes it. Then, if neigh_suppress is enabled and an ICMPv6\nNeighbor Discovery packet reaches the bridge, br_do_suppress_nd() will\ndereference ipv6_stub-\u003end_tbl which is NULL, passing it to\nneigh_lookup(). This causes a kernel NULL pointer dereference.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000268\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n [...]\n RIP: 0010:neigh_lookup+0x16/0xe0\n [...]\n Call Trace:\n \u003cIRQ\u003e\n ? neigh_lookup+0x16/0xe0\n br_do_suppress_nd+0x160/0x290 [bridge]\n br_handle_frame_finish+0x500/0x620 [bridge]\n br_handle_frame+0x353/0x440 [bridge]\n __netif_receive_skb_core.constprop.0+0x298/0x1110\n __netif_receive_skb_one_core+0x3d/0xa0\n process_backlog+0xa0/0x140\n __napi_poll+0x2c/0x170\n net_rx_action+0x2c4/0x3a0\n handle_softirqs+0xd0/0x270\n do_softirq+0x3f/0x60\n\nFix this by replacing IS_ENABLED(IPV6) call with ipv6_mod_enabled() in\nthe callers. This is in essence disabling NS/NA suppression when IPv6 is\ndisabled.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23381"
},
{
"cve": "CVE-2026-23391",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_CT: drop pending enqueued packets on template removal\n\nTemplates refer to objects that can go away while packets are sitting in\nnfqueue refer to:\n\n- helper, this can be an issue on module removal.\n- timeout policy, nfnetlink_cttimeout might remove it.\n\nThe use of templates with zone and event cache filter are safe, since\nthis just copies values.\n\nFlush these enqueued packets in case the template rule gets removed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23391"
},
{
"cve": "CVE-2026-23392",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: release flowtable after rcu grace period on error\n\nCall synchronize_rcu() after unregistering the hooks from error path,\nsince a hook that already refers to this flowtable can be already\nregistered, exposing this flowtable to packet path and nfnetlink_hook\ncontrol plane.\n\nThis error path is rare, it should only happen by reaching the maximum\nnumber hooks or by failing to set up to hardware offload, just call\nsynchronize_rcu().\n\nThere is a check for already used device hooks by different flowtable\nthat could result in EEXIST at this late stage. The hook parser can be\nupdated to perform this check earlier to this error path really becomes\nrarely exercised.\n\nUncovered by KASAN reported as use-after-free from nfnetlink_hook path\nwhen dumping hooks.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23392"
},
{
"cve": "CVE-2026-23397",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfnetlink_osf: validate individual option lengths in fingerprints\n\nnfnl_osf_add_callback() validates opt_num bounds and string\nNUL-termination but does not check individual option length fields.\nA zero-length option causes nf_osf_match_one() to enter the option\nmatching loop even when foptsize sums to zero, which matches packets\nwith no TCP options where ctx-\u003eoptp is NULL:\n\n Oops: general protection fault\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n nf_osf_match (net/netfilter/nfnetlink_osf.c:227)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:293)\n nf_hook_slow (net/netfilter/core.c:623)\n ip_local_deliver (net/ipv4/ip_input.c:262)\n ip_rcv (net/ipv4/ip_input.c:573)\n\nAdditionally, an MSS option (kind=2) with length \u003c 4 causes\nout-of-bounds reads when nf_osf_match_one() unconditionally accesses\noptp[2] and optp[3] for MSS value extraction. While RFC 9293\nsection 3.2 specifies that the MSS option is always exactly 4\nbytes (Kind=2, Length=4), the check uses \"\u003c 4\" rather than\n\"!= 4\" because lengths greater than 4 do not cause memory\nsafety issues -- the buffer is guaranteed to be at least\nfoptsize bytes by the ctx-\u003eoptsize == foptsize check.\n\nReject fingerprints where any option has zero length, or where an MSS\noption has length less than 4, at add time rather than trusting these\nvalues in the packet matching hot path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23397"
},
{
"cve": "CVE-2026-23398",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: fix NULL pointer dereference in icmp_tag_validation()\n\nicmp_tag_validation() unconditionally dereferences the result of\nrcu_dereference(inet_protos[proto]) without checking for NULL.\nThe inet_protos[] array is sparse -- only about 15 of 256 protocol\nnumbers have registered handlers. When ip_no_pmtu_disc is set to 3\n(hardened PMTU mode) and the kernel receives an ICMP Fragmentation\nNeeded error with a quoted inner IP header containing an unregistered\nprotocol number, the NULL dereference causes a kernel panic in\nsoftirq context.\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n RIP: 0010:icmp_unreach (net/ipv4/icmp.c:1085 net/ipv4/icmp.c:1143)\n Call Trace:\n \u003cIRQ\u003e\n icmp_rcv (net/ipv4/icmp.c:1527)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (net/ipv4/ip_input.c:242)\n ip_local_deliver (net/ipv4/ip_input.c:262)\n ip_rcv (net/ipv4/ip_input.c:573)\n __netif_receive_skb_one_core (net/core/dev.c:6164)\n process_backlog (net/core/dev.c:6628)\n handle_softirqs (kernel/softirq.c:561)\n \u003c/IRQ\u003e\n\nAdd a NULL check before accessing icmp_strict_tag_validation. If the\nprotocol has no registered handler, return false since it cannot\nperform strict tag validation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23398"
},
{
"cve": "CVE-2026-23414",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: Purge async_hold in tls_decrypt_async_wait()\n\nThe async_hold queue pins encrypted input skbs while\nthe AEAD engine references their scatterlist data. Once\ntls_decrypt_async_wait() returns, every AEAD operation\nhas completed and the engine no longer references those\nskbs, so they can be freed unconditionally.\n\nA subsequent patch adds batch async decryption to\ntls_sw_read_sock(), introducing a new call site that\nmust drain pending AEAD operations and release held\nskbs. Move __skb_queue_purge(\u0026ctx-\u003easync_hold) into\ntls_decrypt_async_wait() so the purge is centralized\nand every caller -- recvmsg\u0027s drain path, the -EBUSY\nfallback in tls_do_decryption(), and the new read_sock\nbatch path -- releases held skbs on synchronization\nwithout each site managing the purge independently.\n\nThis fixes a leak when tls_strp_msg_hold() fails part-way through,\nafter having added some cloned skbs to the async_hold\nqueue. tls_decrypt_sg() will then call tls_decrypt_async_wait() to\nprocess all pending decrypts, and drop back to synchronous mode, but\ntls_sw_recvmsg() only flushes the async_hold queue when one record has\nbeen processed in \"fully-async\" mode, which may not be the case here.\n\n[pabeni@redhat.com: added leak comment]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23414"
},
{
"cve": "CVE-2026-23422",
"cwe": {
"id": "CWE-392",
"name": "Missing Report of Error Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler\n\nCommit 31a7a0bbeb00 (\"dpaa2-switch: add bounds check for if_id in IRQ\nhandler\") introduces a range check for if_id to avoid an out-of-bounds\naccess. If an out-of-bounds if_id is detected, the interrupt status is\nnot cleared. This may result in an interrupt storm.\n\nClear the interrupt status after detecting an out-of-bounds if_id to avoid\nthe problem.\n\nFound by an experimental AI code review agent at Google.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23422"
},
{
"cve": "CVE-2026-23434",
"cwe": {
"id": "CWE-820",
"name": "Missing Synchronization"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: serialize lock/unlock against other NAND operations\n\nnand_lock() and nand_unlock() call into chip-\u003eops.lock_area/unlock_area\nwithout holding the NAND device lock. On controllers that implement\nSET_FEATURES via multiple low-level PIO commands, these can race with\nconcurrent UBI/UBIFS background erase/write operations that hold the\ndevice lock, resulting in cmd_pending conflicts on the NAND controller.\n\nAdd nand_get_device()/nand_release_device() around the lock/unlock\noperations to serialize them against all other NAND controller access.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23434"
},
{
"cve": "CVE-2026-23438",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: guard flow control update with global_tx_fc in buffer switching\n\nmvpp2_bm_switch_buffers() unconditionally calls\nmvpp2_bm_pool_update_priv_fc() when switching between per-cpu and\nshared buffer pool modes. This function programs CM3 flow control\nregisters via mvpp2_cm3_read()/mvpp2_cm3_write(), which dereference\npriv-\u003ecm3_base without any NULL check.\n\nWhen the CM3 SRAM resource is not present in the device tree (the\nthird reg entry added by commit 60523583b07c (\"dts: marvell: add CM3\nSRAM memory to cp11x ethernet device tree\")), priv-\u003ecm3_base remains\nNULL and priv-\u003eglobal_tx_fc is false. Any operation that triggers\nmvpp2_bm_switch_buffers(), for example an MTU change that crosses\nthe jumbo frame threshold, will crash:\n\n Unable to handle kernel NULL pointer dereference at\n virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n pc : readl+0x0/0x18\n lr : mvpp2_cm3_read.isra.0+0x14/0x20\n Call trace:\n readl+0x0/0x18\n mvpp2_bm_pool_update_fc+0x40/0x12c\n mvpp2_bm_pool_update_priv_fc+0x94/0xd8\n mvpp2_bm_switch_buffers.isra.0+0x80/0x1c0\n mvpp2_change_mtu+0x140/0x380\n __dev_set_mtu+0x1c/0x38\n dev_set_mtu_ext+0x78/0x118\n dev_set_mtu+0x48/0xa8\n dev_ifsioc+0x21c/0x43c\n dev_ioctl+0x2d8/0x42c\n sock_ioctl+0x314/0x378\n\nEvery other flow control call site in the driver already guards\nhardware access with either priv-\u003eglobal_tx_fc or port-\u003etx_fc.\nmvpp2_bm_switch_buffers() is the only place that omits this check.\n\nAdd the missing priv-\u003eglobal_tx_fc guard to both the disable and\nre-enable calls in mvpp2_bm_switch_buffers(), consistent with the\nrest of the driver.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23438"
},
{
"cve": "CVE-2026-23439",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n\n\nWhen CONFIG_IPV6 is disabled, the udp_sock_create6() function returns 0\n(success) without actually creating a socket. Callers such as\nfou_create() then proceed to dereference the uninitialized socket\npointer, resulting in a NULL pointer dereference.\n\nThe captured NULL deref crash:\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n RIP: 0010:fou_nl_add_doit (net/ipv4/fou_core.c:590 net/ipv4/fou_core.c:764)\n [...]\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit.constprop.0 (net/netlink/genetlink.c:1114)\n genl_rcv_msg (net/netlink/genetlink.c:1194 net/netlink/genetlink.c:1209)\n [...]\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sock_sendmsg (net/socket.c:727 (discriminator 1) net/socket.c:742 (discriminator 1))\n __sys_sendto (./include/linux/file.h:62 (discriminator 1) ./include/linux/file.h:83 (discriminator 1) net/socket.c:2183 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1))\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (net/arch/x86/entry/entry_64.S:130)\n\nThis patch makes udp_sock_create6 return -EPFNOSUPPORT instead, so\ncallers correctly take their error paths. There is only one caller of\nthe vulnerable function and only privileged users can trigger it.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23439"
},
{
"cve": "CVE-2026-23446",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: aqc111: Do not perform PM inside suspend callback\n\nsyzbot reports \"task hung in rpm_resume\"\n\nThis is caused by aqc111_suspend calling\nthe PM variant of its write_cmd routine.\n\nThe simplified call trace looks like this:\n\nrpm_suspend()\n usb_suspend_both() - here udev-\u003edev.power.runtime_status == RPM_SUSPENDING\n aqc111_suspend() - called for the usb device interface\n aqc111_write32_cmd()\n usb_autopm_get_interface()\n pm_runtime_resume_and_get()\n rpm_resume() - here we call rpm_resume() on our parent\n rpm_resume() - Here we wait for a status change that will never happen.\n\nAt this point we block another task which holds\nrtnl_lock and locks up the whole networking stack.\n\nFix this by replacing the write_cmd calls with their _nopm variants",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23446"
},
{
"cve": "CVE-2026-23449",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: teql: Fix double-free in teql_master_xmit\n\nWhenever a TEQL devices has a lockless Qdisc as root, qdisc_reset should\nbe called using the seq_lock to avoid racing with the datapath. Failure\nto do so may cause crashes like the following:\n\n[ 238.028993][ T318] BUG: KASAN: double-free in skb_release_data (net/core/skbuff.c:1139)\n[ 238.029328][ T318] Free of addr ffff88810c67ec00 by task poc_teql_uaf_ke/318\n[ 238.029749][ T318]\n[ 238.029900][ T318] CPU: 3 UID: 0 PID: 318 Comm: poc_teql_ke Not tainted 7.0.0-rc3-00149-ge5b31d988a41 #704 PREEMPT(full)\n[ 238.029906][ T318] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n[ 238.029910][ T318] Call Trace:\n[ 238.029913][ T318] \u003cTASK\u003e\n[ 238.029916][ T318] dump_stack_lvl (lib/dump_stack.c:122)\n[ 238.029928][ T318] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n[ 238.029940][ T318] ? skb_release_data (net/core/skbuff.c:1139)\n[ 238.029944][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n...\n[ 238.029957][ T318] ? skb_release_data (net/core/skbuff.c:1139)\n[ 238.029969][ T318] kasan_report_invalid_free (mm/kasan/report.c:221 mm/kasan/report.c:563)\n[ 238.029979][ T318] ? skb_release_data (net/core/skbuff.c:1139)\n[ 238.029989][ T318] check_slab_allocation (mm/kasan/common.c:231)\n[ 238.029995][ T318] kmem_cache_free (mm/slub.c:2637 (discriminator 1) mm/slub.c:6168 (discriminator 1) mm/slub.c:6298 (discriminator 1))\n[ 238.030004][ T318] skb_release_data (net/core/skbuff.c:1139)\n...\n[ 238.030025][ T318] sk_skb_reason_drop (net/core/skbuff.c:1256)\n[ 238.030032][ T318] pfifo_fast_reset (./include/linux/ptr_ring.h:171 ./include/linux/ptr_ring.h:309 ./include/linux/skb_array.h:98 net/sched/sch_generic.c:827)\n[ 238.030039][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n...\n[ 238.030054][ T318] qdisc_reset (net/sched/sch_generic.c:1034)\n[ 238.030062][ T318] teql_destroy (./include/linux/spinlock.h:395 net/sched/sch_teql.c:157)\n[ 238.030071][ T318] __qdisc_destroy (./include/net/pkt_sched.h:328 net/sched/sch_generic.c:1077)\n[ 238.030077][ T318] qdisc_graft (net/sched/sch_api.c:1062 net/sched/sch_api.c:1053 net/sched/sch_api.c:1159)\n[ 238.030089][ T318] ? __pfx_qdisc_graft (net/sched/sch_api.c:1091)\n[ 238.030095][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 238.030102][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 238.030106][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 238.030114][ T318] tc_get_qdisc (net/sched/sch_api.c:1529 net/sched/sch_api.c:1556)\n...\n[ 238.072958][ T318] Allocated by task 303 on cpu 5 at 238.026275s:\n[ 238.073392][ T318] kasan_save_stack (mm/kasan/common.c:58)\n[ 238.073884][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5))\n[ 238.074230][ T318] __kasan_slab_alloc (mm/kasan/common.c:369)\n[ 238.074578][ T318] kmem_cache_alloc_node_noprof (./include/linux/kasan.h:253 mm/slub.c:4542 mm/slub.c:4869 mm/slub.c:4921)\n[ 238.076091][ T318] kmalloc_reserve (net/core/skbuff.c:616 (discriminator 107))\n[ 238.076450][ T318] __alloc_skb (net/core/skbuff.c:713)\n[ 238.076834][ T318] alloc_skb_with_frags (./include/linux/skbuff.h:1383 net/core/skbuff.c:6763)\n[ 238.077178][ T318] sock_alloc_send_pskb (net/core/sock.c:2997)\n[ 238.077520][ T318] packet_sendmsg (net/packet/af_packet.c:2926 net/packet/af_packet.c:3019 net/packet/af_packet.c:3108)\n[ 238.081469][ T318]\n[ 238.081870][ T318] Freed by task 299 on cpu 1 at 238.028496s:\n[ 238.082761][ T318] kasan_save_stack (mm/kasan/common.c:58)\n[ 238.083481][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5))\n[ 238.085348][ T318] kasan_save_free_info (mm/kasan/generic.c:587 (discriminator 1))\n[ 238.085900][ T318] __kasan_slab_free (mm/\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23449"
},
{
"cve": "CVE-2026-23450",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock()\n\nSyzkaller reported a panic in smc_tcp_syn_recv_sock() [1].\n\nsmc_tcp_syn_recv_sock() is called in the TCP receive path\n(softirq) via icsk_af_ops-\u003esyn_recv_sock on the clcsock (TCP\nlistening socket). It reads sk_user_data to get the smc_sock\npointer. However, when the SMC listen socket is being closed\nconcurrently, smc_close_active() sets clcsock-\u003esk_user_data\nto NULL under sk_callback_lock, and then the smc_sock itself\ncan be freed via sock_put() in smc_release().\n\nThis leads to two issues:\n\n1) NULL pointer dereference: sk_user_data is NULL when\n accessed.\n2) Use-after-free: sk_user_data is read as non-NULL, but the\n smc_sock is freed before its fields (e.g., queued_smc_hs,\n ori_af_ops) are accessed.\n\nThe race window looks like this (the syzkaller crash [1]\ntriggers via the SYN cookie path: tcp_get_cookie_sock() -\u003e\nsmc_tcp_syn_recv_sock(), but the normal tcp_check_req() path\nhas the same race):\n\n CPU A (softirq) CPU B (process ctx)\n\n tcp_v4_rcv()\n TCP_NEW_SYN_RECV:\n sk = req-\u003ersk_listener\n sock_hold(sk)\n /* No lock on listener */\n smc_close_active():\n write_lock_bh(cb_lock)\n sk_user_data = NULL\n write_unlock_bh(cb_lock)\n ...\n smc_clcsock_release()\n sock_put(smc-\u003esk) x2\n -\u003e smc_sock freed!\n tcp_check_req()\n smc_tcp_syn_recv_sock():\n smc = user_data(sk)\n -\u003e NULL or dangling\n smc-\u003equeued_smc_hs\n -\u003e crash!\n\nNote that the clcsock and smc_sock are two independent objects\nwith separate refcounts. TCP stack holds a reference on the\nclcsock, which keeps it alive, but this does NOT prevent the\nsmc_sock from being freed.\n\nFix this by using RCU and refcount_inc_not_zero() to safely\naccess smc_sock. Since smc_tcp_syn_recv_sock() is called in\nthe TCP three-way handshake path, taking read_lock_bh on\nsk_callback_lock is too heavy and would not survive a SYN\nflood attack. Using rcu_read_lock() is much more lightweight.\n\n- Set SOCK_RCU_FREE on the SMC listen socket so that\n smc_sock freeing is deferred until after the RCU grace\n period. This guarantees the memory is still valid when\n accessed inside rcu_read_lock().\n- Use rcu_read_lock() to protect reading sk_user_data.\n- Use refcount_inc_not_zero(\u0026smc-\u003esk.sk_refcnt) to pin the\n smc_sock. If the refcount has already reached zero (close\n path completed), it returns false and we bail out safely.\n\nNote: smc_hs_congested() has a similar lockless read of\nsk_user_data without rcu_read_lock(), but it only checks for\nNULL and accesses the global smc_hs_wq, never dereferencing\nany smc_sock field, so it is not affected.\n\nReproducer was verified with mdelay injection and smc_run,\nthe issue no longer occurs with this patch applied.\n\n[1] https://syzkaller.appspot.com/bug?extid=827ae2bfb3a3529333e9",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23450"
},
{
"cve": "CVE-2026-23452",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: runtime: Fix a race condition related to device removal\n\nThe following code in pm_runtime_work() may dereference the dev-\u003eparent\npointer after the parent device has been freed:\n\n\t/* Maybe the parent is now able to suspend. */\n\tif (parent \u0026\u0026 !parent-\u003epower.ignore_children) {\n\t\tspin_unlock(\u0026dev-\u003epower.lock);\n\n\t\tspin_lock(\u0026parent-\u003epower.lock);\n\t\trpm_idle(parent, RPM_ASYNC);\n\t\tspin_unlock(\u0026parent-\u003epower.lock);\n\n\t\tspin_lock(\u0026dev-\u003epower.lock);\n\t}\n\nFix this by inserting a flush_work() call in pm_runtime_remove().\n\nWithout this patch blktest block/001 triggers the following complaint\nsporadically:\n\nBUG: KASAN: slab-use-after-free in lock_acquire+0x70/0x160\nRead of size 1 at addr ffff88812bef7198 by task kworker/u553:1/3081\nWorkqueue: pm pm_runtime_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x61/0x80\n print_address_description.constprop.0+0x8b/0x310\n print_report+0xfd/0x1d7\n kasan_report+0xd8/0x1d0\n __kasan_check_byte+0x42/0x60\n lock_acquire.part.0+0x38/0x230\n lock_acquire+0x70/0x160\n _raw_spin_lock+0x36/0x50\n rpm_suspend+0xc6a/0xfe0\n rpm_idle+0x578/0x770\n pm_runtime_work+0xee/0x120\n process_one_work+0xde3/0x1410\n worker_thread+0x5eb/0xfe0\n kthread+0x37b/0x480\n ret_from_fork+0x6cb/0x920\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nAllocated by task 4314:\n kasan_save_stack+0x2a/0x50\n kasan_save_track+0x18/0x40\n kasan_save_alloc_info+0x3d/0x50\n __kasan_kmalloc+0xa0/0xb0\n __kmalloc_noprof+0x311/0x990\n scsi_alloc_target+0x122/0xb60 [scsi_mod]\n __scsi_scan_target+0x101/0x460 [scsi_mod]\n scsi_scan_channel+0x179/0x1c0 [scsi_mod]\n scsi_scan_host_selected+0x259/0x2d0 [scsi_mod]\n store_scan+0x2d2/0x390 [scsi_mod]\n dev_attr_store+0x43/0x80\n sysfs_kf_write+0xde/0x140\n kernfs_fop_write_iter+0x3ef/0x670\n vfs_write+0x506/0x1470\n ksys_write+0xfd/0x230\n __x64_sys_write+0x76/0xc0\n x64_sys_call+0x213/0x1810\n do_syscall_64+0xee/0xfc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nFreed by task 4314:\n kasan_save_stack+0x2a/0x50\n kasan_save_track+0x18/0x40\n kasan_save_free_info+0x3f/0x50\n __kasan_slab_free+0x67/0x80\n kfree+0x225/0x6c0\n scsi_target_dev_release+0x3d/0x60 [scsi_mod]\n device_release+0xa3/0x220\n kobject_cleanup+0x105/0x3a0\n kobject_put+0x72/0xd0\n put_device+0x17/0x20\n scsi_device_dev_release+0xacf/0x12c0 [scsi_mod]\n device_release+0xa3/0x220\n kobject_cleanup+0x105/0x3a0\n kobject_put+0x72/0xd0\n put_device+0x17/0x20\n scsi_device_put+0x7f/0xc0 [scsi_mod]\n sdev_store_delete+0xa5/0x120 [scsi_mod]\n dev_attr_store+0x43/0x80\n sysfs_kf_write+0xde/0x140\n kernfs_fop_write_iter+0x3ef/0x670\n vfs_write+0x506/0x1470\n ksys_write+0xfd/0x230\n __x64_sys_write+0x76/0xc0\n x64_sys_call+0x213/0x1810",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23452"
},
{
"cve": "CVE-2026-23454",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown\n\nA potential race condition exists in mana_hwc_destroy_channel() where\nhwc-\u003ecaller_ctx is freed before the HWC\u0027s Completion Queue (CQ) and\nEvent Queue (EQ) are destroyed. This allows an in-flight CQ interrupt\nhandler to dereference freed memory, leading to a use-after-free or\nNULL pointer dereference in mana_hwc_handle_resp().\n\nmana_smc_teardown_hwc() signals the hardware to stop but does not\nsynchronize against IRQ handlers already executing on other CPUs. The\nIRQ synchronization only happens in mana_hwc_destroy_cq() via\nmana_gd_destroy_eq() -\u003e mana_gd_deregister_irq(). Since this runs\nafter kfree(hwc-\u003ecaller_ctx), a concurrent mana_hwc_rx_event_handler()\ncan dereference freed caller_ctx (and rxq-\u003emsg_buf) in\nmana_hwc_handle_resp().\n\nFix this by reordering teardown to reverse-of-creation order: destroy\nthe TX/RX work queues and CQ/EQ before freeing hwc-\u003ecaller_ctx. This\nensures all in-flight interrupt handlers complete before the memory they\naccess is freed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23454"
},
{
"cve": "CVE-2026-23455",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_h323: check for zero length in DecodeQ931()\n\nIn DecodeQ931(), the UserUserIE code path reads a 16-bit length from\nthe packet, then decrements it by 1 to skip the protocol discriminator\nbyte before passing it to DecodeH323_UserInformation(). If the encoded\nlength is 0, the decrement wraps to -1, which is then passed as a\nlarge value to the decoder, leading to an out-of-bounds read.\n\nAdd a check to ensure len is positive after the decrement.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23455"
},
{
"cve": "CVE-2026-23456",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case\n\nIn decode_int(), the CONS case calls get_bits(bs, 2) to read a length\nvalue, then calls get_uint(bs, len) without checking that len bytes\nremain in the buffer. The existing boundary check only validates the\n2 bits for get_bits(), not the subsequent 1-4 bytes that get_uint()\nreads. This allows a malformed H.323/RAS packet to cause a 1-4 byte\nslab-out-of-bounds read.\n\nAdd a boundary check for len bytes after get_bits() and before\nget_uint().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23456"
},
{
"cve": "CVE-2026-23457",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp()\n\nsip_help_tcp() parses the SIP Content-Length header with\nsimple_strtoul(), which returns unsigned long, but stores the result in\nunsigned int clen. On 64-bit systems, values exceeding UINT_MAX are\nsilently truncated before computing the SIP message boundary.\n\nFor example, Content-Length 4294967328 (2^32 + 32) is truncated to 32,\ncausing the parser to miscalculate where the current message ends. The\nloop then treats trailing data in the TCP segment as a second SIP\nmessage and processes it through the SDP parser.\n\nFix this by changing clen to unsigned long to match the return type of\nsimple_strtoul(), and reject Content-Length values that exceed the\nremaining TCP payload length.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23457"
},
{
"cve": "CVE-2026-23458",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct()\n\nctnetlink_dump_exp_ct() stores a conntrack pointer in cb-\u003edata for the\nnetlink dump callback ctnetlink_exp_ct_dump_table(), but drops the\nconntrack reference immediately after netlink_dump_start(). When the\ndump spans multiple rounds, the second recvmsg() triggers the dump\ncallback which dereferences the now-freed conntrack via nfct_help(ct),\nleading to a use-after-free on ct-\u003eext.\n\nThe bug is that the netlink_dump_control has no .start or .done\ncallbacks to manage the conntrack reference across dump rounds. Other\ndump functions in the same file (e.g. ctnetlink_get_conntrack) properly\nuse .start/.done callbacks for this purpose.\n\nFix this by adding .start and .done callbacks that hold and release the\nconntrack reference for the duration of the dump, and move the\nnfct_help() call after the cb-\u003eargs[0] early-return check in the dump\ncallback to avoid dereferencing ct-\u003eext unnecessarily.\n\n BUG: KASAN: slab-use-after-free in ctnetlink_exp_ct_dump_table+0x4f/0x2e0\n Read of size 8 at addr ffff88810597ebf0 by task ctnetlink_poc/133\n\n CPU: 1 UID: 0 PID: 133 Comm: ctnetlink_poc Not tainted 7.0.0-rc2+ #3 PREEMPTLAZY\n Call Trace:\n \u003cTASK\u003e\n ctnetlink_exp_ct_dump_table+0x4f/0x2e0\n netlink_dump+0x333/0x880\n netlink_recvmsg+0x3e2/0x4b0\n ? aa_sk_perm+0x184/0x450\n sock_recvmsg+0xde/0xf0\n\n Allocated by task 133:\n kmem_cache_alloc_noprof+0x134/0x440\n __nf_conntrack_alloc+0xa8/0x2b0\n ctnetlink_create_conntrack+0xa1/0x900\n ctnetlink_new_conntrack+0x3cf/0x7d0\n nfnetlink_rcv_msg+0x48e/0x510\n netlink_rcv_skb+0xc9/0x1f0\n nfnetlink_rcv+0xdb/0x220\n netlink_unicast+0x3ec/0x590\n netlink_sendmsg+0x397/0x690\n __sys_sendmsg+0xf4/0x180\n\n Freed by task 0:\n slab_free_after_rcu_debug+0xad/0x1e0\n rcu_core+0x5c3/0x9c0",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23458"
},
{
"cve": "CVE-2026-23463",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: fix race condition in qman_destroy_fq\n\nWhen QMAN_FQ_FLAG_DYNAMIC_FQID is set, there\u0027s a race condition between\nfq_table[fq-\u003eidx] state and freeing/allocating from the pool and\nWARN_ON(fq_table[fq-\u003eidx]) in qman_create_fq() gets triggered.\n\nIndeed, we can have:\n Thread A Thread B\n qman_destroy_fq() qman_create_fq()\n qman_release_fqid()\n qman_shutdown_fq()\n gen_pool_free()\n -- At this point, the fqid is available again --\n qman_alloc_fqid()\n -- so, we can get the just-freed fqid in thread B --\n fq-\u003efqid = fqid;\n fq-\u003eidx = fqid * 2;\n WARN_ON(fq_table[fq-\u003eidx]);\n fq_table[fq-\u003eidx] = fq;\n fq_table[fq-\u003eidx] = NULL;\n\nAnd adding some logs between qman_release_fqid() and\nfq_table[fq-\u003eidx] = NULL makes the WARN_ON() trigger a lot more.\n\nTo prevent that, ensure that fq_table[fq-\u003eidx] is set to NULL before\ngen_pool_free() is called by using smp_wmb().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23463"
},
{
"cve": "CVE-2026-23474",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: Avoid boot crash in RedBoot partition table parser\n\nGiven CONFIG_FORTIFY_SOURCE=y and a recent compiler,\ncommit 439a1bcac648 (\"fortify: Use __builtin_dynamic_object_size() when\navailable\") produces the warning below and an oops.\n\n Searching for RedBoot partition table in 50000000.flash at offset 0x7e0000\n ------------[ cut here ]------------\n WARNING: lib/string_helpers.c:1035 at 0xc029e04c, CPU#0: swapper/0/1\n memcmp: detected buffer overflow: 15 byte read of buffer size 14\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.19.0 #1 NONE\n\nAs Kees said, \"\u0027names\u0027 is pointing to the final \u0027namelen\u0027 many bytes\nof the allocation ... \u0027namelen\u0027 could be basically any length at all.\nThis fortify warning looks legit to me -- this code used to be reading\nbeyond the end of the allocation.\"\n\nSince the size of the dynamic allocation is calculated with strlen()\nwe can use strcmp() instead of memcmp() and remain within bounds.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23474"
},
{
"cve": "CVE-2026-23475",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix statistics allocation\n\nThe controller per-cpu statistics is not allocated until after the\ncontroller has been registered with driver core, which leaves a window\nwhere accessing the sysfs attributes can trigger a NULL-pointer\ndereference.\n\nFix this by moving the statistics allocation to controller allocation\nwhile tying its lifetime to that of the controller (rather than using\nimplicit devres).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-23475"
},
{
"cve": "CVE-2026-27135",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API `nghttp2_session_terminate_session` or `nghttp2_session_terminate_session2` is called by the application. They might be called internally by the library when it detects the situation that is subject to connection error. Due to the missing internal state validation, the library keeps reading the rest of the data after one of those APIs is called. Then receiving a malformed frame that causes FRAME_SIZE_ERROR causes assertion failure. nghttp2 v1.68.1 adds missing state validation to avoid assertion failure. No known workarounds are available.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-27135"
},
{
"cve": "CVE-2026-31389",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix use-after-free on controller registration failure\n\nMake sure to deregister from driver core also in the unlikely event that\nper-cpu statistics allocation fails during controller registration to\navoid use-after-free (of driver resources) and unclocked register\naccesses.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31389"
},
{
"cve": "CVE-2026-31391",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: atmel-sha204a - Fix OOM -\u003etfm_count leak\n\nIf memory allocation fails, decrement -\u003etfm_count to avoid blocking\nfuture reads.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31391"
},
{
"cve": "CVE-2026-31396",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use-after-free access to PTP clock\n\nPTP clock is registered on every opening of the interface and destroyed on\nevery closing. However it may be accessed via get_ts_info ethtool call\nwhich is possible while the interface is just present in the kernel.\n\nBUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\nRead of size 4 at addr ffff8880194345cc by task syz.0.6/948\n\nCPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:316 [inline]\n print_report+0x17f/0x496 mm/kasan/report.c:420\n kasan_report+0xd9/0x180 mm/kasan/report.c:524\n ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\n gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349\n macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371\n __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558\n ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline]\n __dev_ethtool net/ethtool/ioctl.c:3017 [inline]\n dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095\n dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510\n sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215\n sock_ioctl+0x577/0x6d0 net/socket.c:1320\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n \u003c/TASK\u003e\n\nAllocated by task 457:\n kmalloc include/linux/slab.h:563 [inline]\n kzalloc include/linux/slab.h:699 [inline]\n ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235\n gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375\n macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920\n __dev_open+0x2ce/0x500 net/core/dev.c:1501\n __dev_change_flags+0x56a/0x740 net/core/dev.c:8651\n dev_change_flags+0x92/0x170 net/core/dev.c:8722\n do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833\n __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608\n rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655\n rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150\n netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x14b/0x180 net/socket.c:730\n __sys_sendto+0x320/0x3b0 net/socket.c:2152\n __do_sys_sendto net/socket.c:2164 [inline]\n __se_sys_sendto net/socket.c:2160 [inline]\n __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nFreed by task 938:\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1729 [inline]\n slab_free_freelist_hook mm/slub.c:1755 [inline]\n slab_free mm/slub.c:3687 [inline]\n __kmem_cache_free+0xbc/0x320 mm/slub.c:3700\n device_release+0xa0/0x240 drivers/base/core.c:2507\n kobject_cleanup lib/kobject.c:681 [inline]\n kobject_release lib/kobject.c:712 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1cd/0x350 lib/kobject.c:729\n put_device+0x1b/0x30 drivers/base/core.c:3805\n ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391\n gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404\n macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966\n __dev_close_many+0x1b9/0x310 net/core/dev.c:1585\n __dev_close net/core/dev.c:1597 [inline]\n __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649\n dev_change_fl\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31396"
},
{
"cve": "CVE-2026-31402",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix heap overflow in NFSv4.0 LOCK replay cache\n\nThe NFSv4.0 replay cache uses a fixed 112-byte inline buffer\n(rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses.\nThis size was calculated based on OPEN responses and does not account\nfor LOCK denied responses, which include the conflicting lock owner as\na variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT).\n\nWhen a LOCK operation is denied due to a conflict with an existing lock\nthat has a large owner, nfsd4_encode_operation() copies the full encoded\nresponse into the undersized replay buffer via read_bytes_from_xdr_buf()\nwith no bounds check. This results in a slab-out-of-bounds write of up\nto 944 bytes past the end of the buffer, corrupting adjacent heap memory.\n\nThis can be triggered remotely by an unauthenticated attacker with two\ncooperating NFSv4.0 clients: one sets a lock with a large owner string,\nthen the other requests a conflicting lock to provoke the denial.\n\nWe could fix this by increasing NFSD4_REPLAY_ISIZE to allow for a full\nopaque, but that would increase the size of every stateowner, when most\nlockowners are not that large.\n\nInstead, fix this by checking the encoded response length against\nNFSD4_REPLAY_ISIZE before copying into the replay buffer. If the\nresponse is too large, set rp_buflen to 0 to skip caching the replay\npayload. The status is still cached, and the client already received the\ncorrect response on the original request.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31402"
},
{
"cve": "CVE-2026-31403",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd\n\nThe /proc/fs/nfs/exports proc entry is created at module init\nand persists for the module\u0027s lifetime. exports_proc_open()\ncaptures the caller\u0027s current network namespace and stores\nits svc_export_cache in seq-\u003eprivate, but takes no reference\non the namespace. If the namespace is subsequently torn down\n(e.g. container destruction after the opener does setns() to a\ndifferent namespace), nfsd_net_exit() calls nfsd_export_shutdown()\nwhich frees the cache. Subsequent reads on the still-open fd\ndereference the freed cache_detail, walking a freed hash table.\n\nHold a reference on the struct net for the lifetime of the open\nfile descriptor. This prevents nfsd_net_exit() from running --\nand thus prevents nfsd_export_shutdown() from freeing the cache\n-- while any exports fd is open. cache_detail already stores\nits net pointer (cd-\u003enet, set by cache_create_net()), so\nexports_release() can retrieve it without additional per-file\nstorage.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31403"
},
{
"cve": "CVE-2026-31411",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: fix crash due to unvalidated vcc pointer in sigd_send()\n\nReproducer available at [1].\n\nThe ATM send path (sendmsg -\u003e vcc_sendmsg -\u003e sigd_send) reads the vcc\npointer from msg-\u003evcc and uses it directly without any validation. This\npointer comes from userspace via sendmsg() and can be arbitrarily forged:\n\n int fd = socket(AF_ATMSVC, SOCK_DGRAM, 0);\n ioctl(fd, ATMSIGD_CTRL); // become ATM signaling daemon\n struct msghdr msg = { .msg_iov = \u0026iov, ... };\n *(unsigned long *)(buf + 4) = 0xdeadbeef; // fake vcc pointer\n sendmsg(fd, \u0026msg, 0); // kernel dereferences 0xdeadbeef\n\nIn normal operation, the kernel sends the vcc pointer to the signaling\ndaemon via sigd_enq() when processing operations like connect(), bind(),\nor listen(). The daemon is expected to return the same pointer when\nresponding. However, a malicious daemon can send arbitrary pointer values.\n\nFix this by introducing find_get_vcc() which validates the pointer by\nsearching through vcc_hash (similar to how sigd_close() iterates over\nall VCCs), and acquires a reference via sock_hold() if found.\n\nSince struct atm_vcc embeds struct sock as its first member, they share\nthe same lifetime. Therefore using sock_hold/sock_put is sufficient to\nkeep the vcc alive while it is being used.\n\nNote that there may be a race with sigd_close() which could mark the vcc\nwith various flags (e.g., ATM_VF_RELEASED) after find_get_vcc() returns.\nHowever, sock_hold() guarantees the memory remains valid, so this race\nonly affects the logical state, not memory safety.\n\n[1]: https://gist.github.com/mrpre/1ba5949c45529c511152e2f4c755b0f3",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31411"
},
{
"cve": "CVE-2026-31414",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31415",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid overflows in ip6_datagram_send_ctl()\n\nYiming Qian reported :\n\u003cquote\u003e\n I believe I found a locally triggerable kernel bug in the IPv6 sendmsg\n ancillary-data path that can panic the kernel via `skb_under_panic()`\n (local DoS).\n\n The core issue is a mismatch between:\n\n - a 16-bit length accumulator (`struct ipv6_txoptions::opt_flen`, type\n `__u16`) and\n - a pointer to the *last* provided destination-options header (`opt-\u003edst1opt`)\n\n when multiple `IPV6_DSTOPTS` control messages (cmsgs) are provided.\n\n - `include/net/ipv6.h`:\n - `struct ipv6_txoptions::opt_flen` is `__u16` (wrap possible).\n (lines 291-307, especially 298)\n - `net/ipv6/datagram.c:ip6_datagram_send_ctl()`:\n - Accepts repeated `IPV6_DSTOPTS` and accumulates into `opt_flen`\n without rejecting duplicates. (lines 909-933)\n - `net/ipv6/ip6_output.c:__ip6_append_data()`:\n - Uses `opt-\u003eopt_flen + opt-\u003eopt_nflen` to compute header\n sizes/headroom decisions. (lines 1448-1466, especially 1463-1465)\n - `net/ipv6/ip6_output.c:__ip6_make_skb()`:\n - Calls `ipv6_push_frag_opts()` if `opt-\u003eopt_flen` is non-zero.\n (lines 1930-1934)\n - `net/ipv6/exthdrs.c:ipv6_push_frag_opts()` / `ipv6_push_exthdr()`:\n - Push size comes from `ipv6_optlen(opt-\u003edst1opt)` (based on the\n pointed-to header). (lines 1179-1185 and 1206-1211)\n\n 1. `opt_flen` is a 16-bit accumulator:\n\n - `include/net/ipv6.h:298` defines `__u16 opt_flen; /* after fragment hdr */`.\n\n 2. `ip6_datagram_send_ctl()` accepts *repeated* `IPV6_DSTOPTS` cmsgs\n and increments `opt_flen` each time:\n\n - In `net/ipv6/datagram.c:909-933`, for `IPV6_DSTOPTS`:\n - It computes `len = ((hdr-\u003ehdrlen + 1) \u003c\u003c 3);`\n - It checks `CAP_NET_RAW` using `ns_capable(net-\u003euser_ns,\n CAP_NET_RAW)`. (line 922)\n - Then it does:\n - `opt-\u003eopt_flen += len;` (line 927)\n - `opt-\u003edst1opt = hdr;` (line 928)\n\n There is no duplicate rejection here (unlike the legacy\n `IPV6_2292DSTOPTS` path which rejects duplicates at\n `net/ipv6/datagram.c:901-904`).\n\n If enough large `IPV6_DSTOPTS` cmsgs are provided, `opt_flen` wraps\n while `dst1opt` still points to a large (2048-byte)\n destination-options header.\n\n In the attached PoC (`poc.c`):\n\n - 32 cmsgs with `hdrlen=255` =\u003e `len = (255+1)*8 = 2048`\n - 1 cmsg with `hdrlen=0` =\u003e `len = 8`\n - Total increment: `32*2048 + 8 = 65544`, so `(__u16)opt_flen == 8`\n - The last cmsg is 2048 bytes, so `dst1opt` points to a 2048-byte header.\n\n 3. The transmit path sizes headers using the wrapped `opt_flen`:\n\n- In `net/ipv6/ip6_output.c:1463-1465`:\n - `headersize = sizeof(struct ipv6hdr) + (opt ? opt-\u003eopt_flen +\n opt-\u003eopt_nflen : 0) + ...;`\n\n With wrapped `opt_flen`, `headersize`/headroom decisions underestimate\n what will be pushed later.\n\n 4. When building the final skb, the actual push length comes from\n `dst1opt` and is not limited by wrapped `opt_flen`:\n\n - In `net/ipv6/ip6_output.c:1930-1934`:\n - `if (opt-\u003eopt_flen) proto = ipv6_push_frag_opts(skb, opt, proto);`\n - In `net/ipv6/exthdrs.c:1206-1211`, `ipv6_push_frag_opts()` pushes\n `dst1opt` via `ipv6_push_exthdr()`.\n - In `net/ipv6/exthdrs.c:1179-1184`, `ipv6_push_exthdr()` does:\n - `skb_push(skb, ipv6_optlen(opt));`\n - `memcpy(h, opt, ipv6_optlen(opt));`\n\n With insufficient headroom, `skb_push()` underflows and triggers\n `skb_under_panic()` -\u003e `BUG()`:\n\n - `net/core/skbuff.c:2669-2675` (`skb_push()` calls `skb_under_panic()`)\n - `net/core/skbuff.c:207-214` (`skb_panic()` ends in `BUG()`)\n\n - The `IPV6_DSTOPTS` cmsg path requires `CAP_NET_RAW` in the target\n netns user namespace (`ns_capable(net-\u003euser_ns, CAP_NET_RAW)`).\n - Root (or any task with `CAP_NET_RAW`) can trigger this without user\n namespaces.\n - An unprivileged `uid=1000` user can trigger this if unprivileged\n user namespaces are enabled and it can create a userns+netns to obtain\n namespaced `CAP_NET_RAW` (the attached PoC does this).\n\n - Local denial of service: kernel BUG/panic (system crash).\n -\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31415"
},
{
"cve": "CVE-2026-31416",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_log: account for netlink header size\n\nThis is a followup to an old bug fix: NLMSG_DONE needs to account\nfor the netlink header size, not just the attribute size.\n\nThis can result in a WARN splat + drop of the netlink message,\nbut other than this there are no ill effects.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31416"
},
{
"cve": "CVE-2026-31417",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/x25: Fix overflow when accumulating packets\n\nAdd a check to ensure that `x25_sock.fraglen` does not overflow.\n\nThe `fraglen` also needs to be resetted when purging `fragment_queue` in\n`x25_clear_queues()`.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31417"
},
{
"cve": "CVE-2026-31418",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: drop logically empty buckets in mtype_del\n\nmtype_del() counts empty slots below n-\u003epos in k, but it only drops the\nbucket when both n-\u003epos and k are zero. This misses buckets whose live\nentries have all been removed while n-\u003epos still points past deleted slots.\n\nTreat a bucket as empty when all positions below n-\u003epos are unused and\nrelease it directly instead of shrinking it further.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31418"
},
{
"cve": "CVE-2026-31421",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_fw: fix NULL pointer dereference on shared blocks\n\nThe old-method path in fw_classify() calls tcf_block_q() and\ndereferences q-\u003ehandle. Shared blocks leave block-\u003eq NULL, causing a\nNULL deref when an empty cls_fw filter is attached to a shared block\nand a packet with a nonzero major skb mark is classified.\n\nReject the configuration in fw_change() when the old method (no\nTCA_OPTIONS) is used on a shared block, since fw_classify()\u0027s\nold-method path needs block-\u003eq which is NULL for shared blocks.\n\nThe fixed null-ptr-deref calling stack:\n KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]\n RIP: 0010:fw_classify (net/sched/cls_fw.c:81)\n Call Trace:\n tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1764 net/sched/cls_api.c:1860)\n tc_run (net/core/dev.c:4401)\n __dev_queue_xmit (net/core/dev.c:4535 net/core/dev.c:4790)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31421"
},
{
"cve": "CVE-2026-31422",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_flow: fix NULL pointer dereference on shared blocks\n\nflow_change() calls tcf_block_q() and dereferences q-\u003ehandle to derive\na default baseclass. Shared blocks leave block-\u003eq NULL, causing a NULL\nderef when a flow filter without a fully qualified baseclass is created\non a shared block.\n\nCheck tcf_block_shared() before accessing block-\u003eq and return -EINVAL\nfor shared blocks. This avoids the null-deref shown below:\n\n=======================================================================\nKASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]\nRIP: 0010:flow_change (net/sched/cls_flow.c:508)\nCall Trace:\n tc_new_tfilter (net/sched/cls_api.c:2432)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6980)\n [...]\n=======================================================================",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31422"
},
{
"cve": "CVE-2026-31423",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_hfsc: fix divide-by-zero in rtsc_min()\n\nm2sm() converts a u32 slope to a u64 scaled value. For large inputs\n(e.g. m1=4000000000), the result can reach 2^32. rtsc_min() stores\nthe difference of two such u64 values in a u32 variable `dsm` and\nuses it as a divisor. When the difference is exactly 2^32 the\ntruncation yields zero, causing a divide-by-zero oops in the\nconcave-curve intersection path:\n\n Oops: divide error: 0000\n RIP: 0010:rtsc_min (net/sched/sch_hfsc.c:601)\n Call Trace:\n init_ed (net/sched/sch_hfsc.c:629)\n hfsc_enqueue (net/sched/sch_hfsc.c:1569)\n [...]\n\nWiden `dsm` to u64 and replace do_div() with div64_u64() so the full\ndifference is preserved.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31423"
},
{
"cve": "CVE-2026-31424",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP\n\nWeiming Shi says:\n\nxt_match and xt_target structs registered with NFPROTO_UNSPEC can be\nloaded by any protocol family through nft_compat. When such a\nmatch/target sets .hooks to restrict which hooks it may run on, the\nbitmask uses NF_INET_* constants. This is only correct for families\nwhose hook layout matches NF_INET_*: IPv4, IPv6, INET, and bridge\nall share the same five hooks (PRE_ROUTING ... POST_ROUTING).\n\nARP only has three hooks (IN=0, OUT=1, FORWARD=2) with different\nsemantics. Because NF_ARP_OUT == 1 == NF_INET_LOCAL_IN, the .hooks\nvalidation silently passes for the wrong reasons, allowing matches to\nrun on ARP chains where the hook assumptions (e.g. state-\u003ein being\nset on input hooks) do not hold. This leads to NULL pointer\ndereferences; xt_devgroup is one concrete example:\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000044: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000220-0x0000000000000227]\n RIP: 0010:devgroup_mt+0xff/0x350\n Call Trace:\n \u003cTASK\u003e\n nft_match_eval (net/netfilter/nft_compat.c:407)\n nft_do_chain (net/netfilter/nf_tables_core.c:285)\n nft_do_chain_arp (net/netfilter/nft_chain_filter.c:61)\n nf_hook_slow (net/netfilter/core.c:623)\n arp_xmit (net/ipv4/arp.c:666)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception in interrupt\n\nFix it by restricting arptables to NFPROTO_ARP extensions only.\nNote that arptables-legacy only supports:\n\n- arpt_CLASSIFY\n- arpt_mangle\n- arpt_MARK\n\nthat provide explicit NFPROTO_ARP match/target declarations.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31424"
},
{
"cve": "CVE-2026-31427",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp\n\nprocess_sdp() declares union nf_inet_addr rtp_addr on the stack and\npasses it to the nf_nat_sip sdp_session hook after walking the SDP\nmedia descriptions. However rtp_addr is only initialized inside the\nmedia loop when a recognized media type with a non-zero port is found.\n\nIf the SDP body contains no m= lines, only inactive media sections\n(m=audio 0 ...) or only unrecognized media types, rtp_addr is never\nassigned. Despite that, the function still calls hooks-\u003esdp_session()\nwith \u0026rtp_addr, causing nf_nat_sdp_session() to format the stale stack\nvalue as an IP address and rewrite the SDP session owner and connection\nlines with it.\n\nWith CONFIG_INIT_STACK_ALL_ZERO (default on most distributions) this\nresults in the session-level o= and c= addresses being rewritten to\n0.0.0.0 for inactive SDP sessions. Without stack auto-init the\nrewritten address is whatever happened to be on the stack.\n\nFix this by pre-initializing rtp_addr from the session-level connection\naddress (caddr) when available, and tracking via a have_rtp_addr flag\nwhether any valid address was established. Skip the sdp_session hook\nentirely when no valid address exists.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31427"
},
{
"cve": "CVE-2026-31428",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD\n\n__build_packet_message() manually constructs the NFULA_PAYLOAD netlink\nattribute using skb_put() and skb_copy_bits(), bypassing the standard\nnla_reserve()/nla_put() helpers. While nla_total_size(data_len) bytes\nare allocated (including NLA alignment padding), only data_len bytes\nof actual packet data are copied. The trailing nla_padlen(data_len)\nbytes (1-3 when data_len is not 4-byte aligned) are never initialized,\nleaking stale heap contents to userspace via the NFLOG netlink socket.\n\nReplace the manual attribute construction with nla_reserve(), which\nhandles the tailroom check, header setup, and padding zeroing via\n__nla_reserve(). The subsequent skb_copy_bits() fills in the payload\ndata on top of the properly initialized attribute.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31428"
},
{
"cve": "CVE-2026-31431",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31431"
},
{
"cve": "CVE-2026-31441",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix memory leak when a wq is reset\n\nidxd_wq_disable_cleanup() which is called from the reset path for a\nworkqueue, sets the wq type to NONE, which for other parts of the\ndriver mean that the wq is empty (all its resources were released).\n\nOnly set the wq type to NONE after its resources are released.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31441"
},
{
"cve": "CVE-2026-31446",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix use-after-free in update_super_work when racing with umount\n\nCommit b98535d09179 (\"ext4: fix bug_on in start_this_handle during umount\nfilesystem\") moved ext4_unregister_sysfs() before flushing s_sb_upd_work\nto prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups\nreads during unmount. However, this introduced a use-after-free because\nupdate_super_work calls ext4_notify_error_sysfs() -\u003e sysfs_notify() which\naccesses the kobject\u0027s kernfs_node after it has been freed by kobject_del()\nin ext4_unregister_sysfs():\n\n update_super_work ext4_put_super\n ----------------- --------------\n ext4_unregister_sysfs(sb)\n kobject_del(\u0026sbi-\u003es_kobj)\n __kobject_del()\n sysfs_remove_dir()\n kobj-\u003esd = NULL\n sysfs_put(sd)\n kernfs_put() // RCU free\n ext4_notify_error_sysfs(sbi)\n sysfs_notify(\u0026sbi-\u003es_kobj)\n kn = kobj-\u003esd // stale pointer\n kernfs_get(kn) // UAF on freed kernfs_node\n ext4_journal_destroy()\n flush_work(\u0026sbi-\u003es_sb_upd_work)\n\nInstead of reordering the teardown sequence, fix this by making\next4_notify_error_sysfs() detect that sysfs has already been torn down\nby checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call\nin that case. A dedicated mutex (s_error_notify_mutex) serializes\next4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs()\nto prevent TOCTOU races where the kobject could be deleted between the\nstate_in_sysfs check and the sysfs_notify() call.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31446"
},
{
"cve": "CVE-2026-31447",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: reject mount if bigalloc with s_first_data_block != 0\n\nbigalloc with s_first_data_block != 0 is not supported, reject mounting\nit.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31447"
},
{
"cve": "CVE-2026-31448",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid infinite loops caused by residual data\n\nOn the mkdir/mknod path, when mapping logical blocks to physical blocks,\nif inserting a new extent into the extent tree fails (in this example,\nbecause the file system disabled the huge file feature when marking the\ninode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to\nreclaim the physical block without deleting the corresponding data in\nthe extent tree. This causes subsequent mkdir operations to reference\nthe previously reclaimed physical block number again, even though this\nphysical block is already being used by the xattr block. Therefore, a\nsituation arises where both the directory and xattr are using the same\nbuffer head block in memory simultaneously.\n\nThe above causes ext4_xattr_block_set() to enter an infinite loop about\n\"inserted\" and cannot release the inode lock, ultimately leading to the\n143s blocking problem mentioned in [1].\n\nIf the metadata is corrupted, then trying to remove some extent space\ncan do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE\nwas passed, remove space wrongly update quota information.\nJan Kara suggests distinguishing between two cases:\n\n1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully\nconsistent and we must maintain its consistency including all the\naccounting. However these errors can happen only early before we\u0027ve\ninserted the extent into the extent tree. So current code works correctly\nfor this case.\n\n2) Some other error - this means metadata is corrupted. We should strive to\ndo as few modifications as possible to limit damage. So I\u0027d just skip\nfreeing of allocated blocks.\n\n[1]\nINFO: task syz.0.17:5995 blocked for more than 143 seconds.\nCall Trace:\n inode_lock_nested include/linux/fs.h:1073 [inline]\n __start_dirop fs/namei.c:2923 [inline]\n start_dirop fs/namei.c:2934 [inline]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31448"
},
{
"cve": "CVE-2026-31450",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: publish jinode after initialization\n\next4_inode_attach_jinode() publishes ei-\u003ejinode to concurrent users.\nIt used to set ei-\u003ejinode before jbd2_journal_init_jbd_inode(),\nallowing a reader to observe a non-NULL jinode with i_vfs_inode\nstill unset.\n\nThe fast commit flush path can then pass this jinode to\njbd2_wait_inode_data(), which dereferences i_vfs_inode-\u003ei_mapping and\nmay crash.\n\nBelow is the crash I observe:\n```\nBUG: unable to handle page fault for address: 000000010beb47f4\nPGD 110e51067 P4D 110e51067 PUD 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 1 UID: 0 PID: 4850 Comm: fc_fsync_bench_ Not tainted 6.18.0-00764-g795a690c06a5 #1 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.17.0-2-2 04/01/2014\nRIP: 0010:xas_find_marked+0x3d/0x2e0\nCode: e0 03 48 83 f8 02 0f 84 f0 01 00 00 48 8b 47 08 48 89 c3 48 39 c6 0f 82 fd 01 00 00 48 85 c9 74 3d 48 83 f9 03 77 63 4c 8b 0f \u003c49\u003e 8b 71 08 48 c7 47 18 00 00 00 00 48 89 f1 83 e1 03 48 83 f9 02\nRSP: 0018:ffffbbee806e7bf0 EFLAGS: 00010246\nRAX: 000000000010beb4 RBX: 000000000010beb4 RCX: 0000000000000003\nRDX: 0000000000000001 RSI: 0000002000300000 RDI: ffffbbee806e7c10\nRBP: 0000000000000001 R08: 0000002000300000 R09: 000000010beb47ec\nR10: ffff9ea494590090 R11: 0000000000000000 R12: 0000002000300000\nR13: ffffbbee806e7c90 R14: ffff9ea494513788 R15: ffffbbee806e7c88\nFS: 00007fc2f9e3e6c0(0000) GS:ffff9ea6b1444000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000010beb47f4 CR3: 0000000119ac5000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\nfilemap_get_folios_tag+0x87/0x2a0\n__filemap_fdatawait_range+0x5f/0xd0\n? srso_alias_return_thunk+0x5/0xfbef5\n? __schedule+0x3e7/0x10c0\n? srso_alias_return_thunk+0x5/0xfbef5\n? srso_alias_return_thunk+0x5/0xfbef5\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\n? cap_safe_nice+0x37/0x70\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\nfilemap_fdatawait_range_keep_errors+0x12/0x40\next4_fc_commit+0x697/0x8b0\n? ext4_file_write_iter+0x64b/0x950\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\n? vfs_write+0x356/0x480\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\next4_sync_file+0xf7/0x370\ndo_fsync+0x3b/0x80\n? syscall_trace_enter+0x108/0x1d0\n__x64_sys_fdatasync+0x16/0x20\ndo_syscall_64+0x62/0x2c0\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n...\n```\n\nFix this by initializing the jbd2_inode first.\nUse smp_wmb() and WRITE_ONCE() to publish ei-\u003ejinode after\ninitialization. Readers use READ_ONCE() to fetch the pointer.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31450"
},
{
"cve": "CVE-2026-31452",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31466",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix folio isn\u0027t locked in softleaf_to_folio()\n\nOn arm64 server, we found folio that get from migration entry isn\u0027t locked\nin softleaf_to_folio(). This issue triggers when mTHP splitting and\nzap_nonpresent_ptes() races, and the root cause is lack of memory barrier\nin softleaf_to_folio(). The race is as follows:\n\n\tCPU0 CPU1\n\ndeferred_split_scan() zap_nonpresent_ptes()\n lock folio\n split_folio()\n unmap_folio()\n change ptes to migration entries\n __split_folio_to_order() softleaf_to_folio()\n set flags(including PG_locked) for tail pages folio = pfn_folio(softleaf_to_pfn(entry))\n smp_wmb() VM_WARN_ON_ONCE(!folio_test_locked(folio))\n prep_compound_page() for tail pages\n\nIn __split_folio_to_order(), smp_wmb() guarantees page flags of tail pages\nare visible before the tail page becomes non-compound. smp_wmb() should\nbe paired with smp_rmb() in softleaf_to_folio(), which is missed. As a\nresult, if zap_nonpresent_ptes() accesses migration entry that stores tail\npfn, softleaf_to_folio() may see the updated compound_head of tail page\nbefore page-\u003eflags.\n\nThis issue will trigger VM_WARN_ON_ONCE() in pfn_swap_entry_folio()\nbecause of the race between folio split and zap_nonpresent_ptes()\nleading to a folio incorrectly undergoing modification without a folio\nlock being held.\n\nThis is a BUG_ON() before commit 93976a20345b (\"mm: eliminate further\nswapops predicates\"), which in merged in v6.19-rc1.\n\nTo fix it, add missing smp_rmb() if the softleaf entry is migration entry\nin softleaf_to_folio() and softleaf_to_page().\n\n[tujinjiang@huawei.com: update function name and comments]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31466"
},
{
"cve": "CVE-2026-31469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31485",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-lpspi: fix teardown order issue (UAF)\n\nThere is a teardown order issue in the driver. The SPI controller is\nregistered using devm_spi_register_controller(), which delays\nunregistration of the SPI controller until after the fsl_lpspi_remove()\nfunction returns.\n\nAs the fsl_lpspi_remove() function synchronously tears down the DMA\nchannels, a running SPI transfer triggers the following NULL pointer\ndereference due to use after free:\n\n| fsl_lpspi 42550000.spi: I/O Error in DMA RX\n| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[...]\n| Call trace:\n| fsl_lpspi_dma_transfer+0x260/0x340 [spi_fsl_lpspi]\n| fsl_lpspi_transfer_one+0x198/0x448 [spi_fsl_lpspi]\n| spi_transfer_one_message+0x49c/0x7c8\n| __spi_pump_transfer_message+0x120/0x420\n| __spi_sync+0x2c4/0x520\n| spi_sync+0x34/0x60\n| spidev_message+0x20c/0x378 [spidev]\n| spidev_ioctl+0x398/0x750 [spidev]\n[...]\n\nSwitch from devm_spi_register_controller() to spi_register_controller() in\nfsl_lpspi_probe() and add the corresponding spi_unregister_controller() in\nfsl_lpspi_remove().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31485"
},
{
"cve": "CVE-2026-31494",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: use the current queue number for stats\n\nThere\u0027s a potential mismatch between the memory reserved for statistics\nand the amount of memory written.\n\ngem_get_sset_count() correctly computes the number of stats based on the\nactive queues, whereas gem_get_ethtool_stats() indiscriminately copies\ndata using the maximum number of queues, and in the case the number of\nactive queues is less than MACB_MAX_QUEUES, this results in a OOB write\nas observed in the KASAN splat.\n\n==================================================================\nBUG: KASAN: vmalloc-out-of-bounds in gem_get_ethtool_stats+0x54/0x78\n [macb]\nWrite of size 760 at addr ffff80008080b000 by task ethtool/1027\n\nCPU: [...]\nTainted: [E]=UNSIGNED_MODULE\nHardware name: raspberrypi rpi/rpi, BIOS 2025.10 10/01/2025\nCall trace:\n show_stack+0x20/0x38 (C)\n dump_stack_lvl+0x80/0xf8\n print_report+0x384/0x5e0\n kasan_report+0xa0/0xf0\n kasan_check_range+0xe8/0x190\n __asan_memcpy+0x54/0x98\n gem_get_ethtool_stats+0x54/0x78 [macb\n 926c13f3af83b0c6fe64badb21ec87d5e93fcf65]\n dev_ethtool+0x1220/0x38c0\n dev_ioctl+0x4ac/0xca8\n sock_do_ioctl+0x170/0x1d8\n sock_ioctl+0x484/0x5d8\n __arm64_sys_ioctl+0x12c/0x1b8\n invoke_syscall+0xd4/0x258\n el0_svc_common.constprop.0+0xb4/0x240\n do_el0_svc+0x48/0x68\n el0_svc+0x40/0xf8\n el0t_64_sync_handler+0xa0/0xe8\n el0t_64_sync+0x1b0/0x1b8\n\nThe buggy address belongs to a 1-page vmalloc region starting at\n 0xffff80008080b000 allocated at dev_ethtool+0x11f0/0x38c0\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000\n index:0xffff00000a333000 pfn:0xa333\nflags: 0x7fffc000000000(node=0|zone=0|lastcpupid=0x1ffff)\nraw: 007fffc000000000 0000000000000000 dead000000000122 0000000000000000\nraw: ffff00000a333000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff80008080b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff80008080b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effff80008080b180: 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffff80008080b200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffff80008080b280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n==================================================================\n\nFix it by making sure the copied size only considers the active number of\nqueues.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31494"
},
{
"cve": "CVE-2026-31495",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31496",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: skip expectations in other netns via proc\n\nSkip expectations that do not reside in this netns.\n\nSimilar to e77e6ff502ea (\"netfilter: conntrack: do not dump other netns\u0027s\nconntrack entries via proc\").",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31496"
},
{
"cve": "CVE-2026-31503",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Fix wildcard bind conflict check when using hash2\n\nWhen binding a udp_sock to a local address and port, UDP uses\ntwo hashes (udptable-\u003ehash and udptable-\u003ehash2) for collision\ndetection. The current code switches to \"hash2\" when\nhslot-\u003ecount \u003e 10.\n\n\"hash2\" is keyed by local address and local port.\n\"hash\" is keyed by local port only.\n\nThe issue can be shown in the following bind sequence (pseudo code):\n\nbind(fd1, \"[fd00::1]:8888\")\nbind(fd2, \"[fd00::2]:8888\")\nbind(fd3, \"[fd00::3]:8888\")\nbind(fd4, \"[fd00::4]:8888\")\nbind(fd5, \"[fd00::5]:8888\")\nbind(fd6, \"[fd00::6]:8888\")\nbind(fd7, \"[fd00::7]:8888\")\nbind(fd8, \"[fd00::8]:8888\")\nbind(fd9, \"[fd00::9]:8888\")\nbind(fd10, \"[fd00::10]:8888\")\n\n/* Correctly return -EADDRINUSE because \"hash\" is used\n * instead of \"hash2\". udp_lib_lport_inuse() detects the\n * conflict.\n */\nbind(fail_fd, \"[::]:8888\")\n\n/* After one more socket is bound to \"[fd00::11]:8888\",\n * hslot-\u003ecount exceeds 10 and \"hash2\" is used instead.\n */\nbind(fd11, \"[fd00::11]:8888\")\nbind(fail_fd, \"[::]:8888\") /* succeeds unexpectedly */\n\nThe same issue applies to the IPv4 wildcard address \"0.0.0.0\"\nand the IPv4-mapped wildcard address \"::ffff:0.0.0.0\". For\nexample, if there are existing sockets bound to\n\"192.168.1.[1-11]:8888\", then binding \"0.0.0.0:8888\" or\n\"[::ffff:0.0.0.0]:8888\" can also miss the conflict when\nhslot-\u003ecount \u003e 10.\n\nTCP inet_csk_get_port() already has the correct check in\ninet_use_bhash2_on_bind(). Rename it to\ninet_use_hash2_on_bind() and move it to inet_hashtables.h\nso udp.c can reuse it in this fix.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31503"
},
{
"cve": "CVE-2026-31504",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix fanout UAF in packet_release() via NETDEV_UP race\n\n`packet_release()` has a race window where `NETDEV_UP` can re-register a\nsocket into a fanout group\u0027s `arr[]` array. The re-registration is not\ncleaned up by `fanout_release()`, leaving a dangling pointer in the fanout\narray.\n`packet_release()` does NOT zero `po-\u003enum` in its `bind_lock` section.\nAfter releasing `bind_lock`, `po-\u003enum` is still non-zero and `po-\u003eifindex`\nstill matches the bound device. A concurrent `packet_notifier(NETDEV_UP)`\nthat already found the socket in `sklist` can re-register the hook.\nFor fanout sockets, this re-registration calls `__fanout_link(sk, po)`\nwhich adds the socket back into `f-\u003earr[]` and increments `f-\u003enum_members`,\nbut does NOT increment `f-\u003esk_ref`.\n\nThe fix sets `po-\u003enum` to zero in `packet_release` while `bind_lock` is\nheld to prevent NETDEV_UP from linking, preventing the race window.\n\nThis bug was found following an additional audit with Claude Code based\non CVE-2025-38617.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31504"
},
{
"cve": "CVE-2026-31507",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer\n\nsmc_rx_splice() allocates one smc_spd_priv per pipe_buffer and stores\nthe pointer in pipe_buffer.private. The pipe_buf_operations for these\nbuffers used .get = generic_pipe_buf_get, which only increments the page\nreference count when tee(2) duplicates a pipe buffer. The smc_spd_priv\npointer itself was not handled, so after tee() both the original and the\ncloned pipe_buffer share the same smc_spd_priv *.\n\nWhen both pipes are subsequently released, smc_rx_pipe_buf_release() is\ncalled twice against the same object:\n\n 1st call: kfree(priv) sock_put(sk) smc_rx_update_cons() [correct]\n 2nd call: kfree(priv) sock_put(sk) smc_rx_update_cons() [UAF]\n\nKASAN reports a slab-use-after-free in smc_rx_pipe_buf_release(), which\nthen escalates to a NULL-pointer dereference and kernel panic via\nsmc_rx_update_consumer() when it chases the freed priv-\u003esmc pointer:\n\n BUG: KASAN: slab-use-after-free in smc_rx_pipe_buf_release+0x78/0x2a0\n Read of size 8 at addr ffff888004a45740 by task smc_splice_tee_/74\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x53/0x70\n print_report+0xce/0x650\n kasan_report+0xc6/0x100\n smc_rx_pipe_buf_release+0x78/0x2a0\n free_pipe_info+0xd4/0x130\n pipe_release+0x142/0x160\n __fput+0x1c6/0x490\n __x64_sys_close+0x4f/0x90\n do_syscall_64+0xa6/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n RIP: 0010:smc_rx_update_consumer+0x8d/0x350\n Call Trace:\n \u003cTASK\u003e\n smc_rx_pipe_buf_release+0x121/0x2a0\n free_pipe_info+0xd4/0x130\n pipe_release+0x142/0x160\n __fput+0x1c6/0x490\n __x64_sys_close+0x4f/0x90\n do_syscall_64+0xa6/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nBeyond the memory-safety problem, duplicating an SMC splice buffer is\nsemantically questionable: smc_rx_update_cons() would advance the\nconsumer cursor twice for the same data, corrupting receive-window\naccounting. A refcount on smc_spd_priv could fix the double-free, but\nthe cursor-accounting issue would still need to be addressed separately.\n\nThe .get callback is invoked by both tee(2) and splice_pipe_to_pipe()\nfor partial transfers; both will now return -EFAULT. Users who need\nto duplicate SMC socket data must use a copy-based read path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31507"
},
{
"cve": "CVE-2026-31508",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Avoid releasing netdev before teardown completes\n\nThe patch cited in the Fixes tag below changed the teardown code for\nOVS ports to no longer unconditionally take the RTNL. After this change,\nthe netdev_destroy() callback can proceed immediately to the call_rcu()\ninvocation if the IFF_OVS_DATAPATH flag is already cleared on the\nnetdev.\n\nThe ovs_netdev_detach_dev() function clears the flag before completing\nthe unregistration, and if it gets preempted after clearing the flag (as\ncan happen on an -rt kernel), netdev_destroy() can complete and the\ndevice can be freed before the unregistration completes. This leads to a\nsplat like:\n\n[ 998.393867] Oops: general protection fault, probably for non-canonical address 0xff00000001000239: 0000 [#1] SMP PTI\n[ 998.393877] CPU: 42 UID: 0 PID: 55177 Comm: ip Kdump: loaded Not tainted 6.12.0-211.1.1.el10_2.x86_64+rt #1 PREEMPT_RT\n[ 998.393886] Hardware name: Dell Inc. PowerEdge R740/0JMK61, BIOS 2.24.0 03/27/2025\n[ 998.393889] RIP: 0010:dev_set_promiscuity+0x8d/0xa0\n[ 998.393901] Code: 00 00 75 d8 48 8b 53 08 48 83 ba b0 02 00 00 00 75 ca 48 83 c4 08 5b c3 cc cc cc cc 48 83 bf 48 09 00 00 00 75 91 48 8b 47 08 \u003c48\u003e 83 b8 b0 02 00 00 00 74 97 eb 81 0f 1f 80 00 00 00 00 90 90 90\n[ 998.393906] RSP: 0018:ffffce5864a5f6a0 EFLAGS: 00010246\n[ 998.393912] RAX: ff00000000ffff89 RBX: ffff894d0adf5a05 RCX: 0000000000000000\n[ 998.393917] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff894d0adf5a05\n[ 998.393921] RBP: ffff894d19252000 R08: ffff894d19252000 R09: 0000000000000000\n[ 998.393924] R10: ffff894d19252000 R11: ffff894d192521b8 R12: 0000000000000006\n[ 998.393927] R13: ffffce5864a5f738 R14: 00000000ffffffe2 R15: 0000000000000000\n[ 998.393931] FS: 00007fad61971800(0000) GS:ffff894cc0140000(0000) knlGS:0000000000000000\n[ 998.393936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 998.393940] CR2: 000055df0a2a6e40 CR3: 000000011c7fe003 CR4: 00000000007726f0\n[ 998.393944] PKRU: 55555554\n[ 998.393946] Call Trace:\n[ 998.393949] \u003cTASK\u003e\n[ 998.393952] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 998.393961] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 998.393975] ? dp_device_event+0x41/0x80 [openvswitch]\n[ 998.394009] ? __die_body.cold+0x8/0x12\n[ 998.394016] ? die_addr+0x3c/0x60\n[ 998.394027] ? exc_general_protection+0x16d/0x390\n[ 998.394042] ? asm_exc_general_protection+0x26/0x30\n[ 998.394058] ? dev_set_promiscuity+0x8d/0xa0\n[ 998.394066] ? ovs_netdev_detach_dev+0x3a/0x80 [openvswitch]\n[ 998.394092] dp_device_event+0x41/0x80 [openvswitch]\n[ 998.394102] notifier_call_chain+0x5a/0xd0\n[ 998.394106] unregister_netdevice_many_notify+0x51b/0xa60\n[ 998.394110] rtnl_dellink+0x169/0x3e0\n[ 998.394121] ? rt_mutex_slowlock.constprop.0+0x95/0xd0\n[ 998.394125] rtnetlink_rcv_msg+0x142/0x3f0\n[ 998.394128] ? avc_has_perm_noaudit+0x69/0xf0\n[ 998.394130] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n[ 998.394132] netlink_rcv_skb+0x50/0x100\n[ 998.394138] netlink_unicast+0x292/0x3f0\n[ 998.394141] netlink_sendmsg+0x21b/0x470\n[ 998.394145] ____sys_sendmsg+0x39d/0x3d0\n[ 998.394149] ___sys_sendmsg+0x9a/0xe0\n[ 998.394156] __sys_sendmsg+0x7a/0xd0\n[ 998.394160] do_syscall_64+0x7f/0x170\n[ 998.394162] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 998.394165] RIP: 0033:0x7fad61bf4724\n[ 998.394188] Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d c5 e9 0c 00 00 74 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\n[ 998.394189] RSP: 002b:00007ffd7e2f7cb8 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 998.394191] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fad61bf4724\n[ 998.394193] RDX: 0000000000000000 RSI: 00007ffd7e2f7d20 RDI: 0000000000000003\n[ 998.394194] RBP: 00007ffd7e2f7d90 R08: 0000000000000010 R09: 000000000000003f\n[ 998.394195] R10: 000055df11558010 R11: 0000000000000202 R12: 00007ffd7e2\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31508"
},
{
"cve": "CVE-2026-31515",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_key: validate families in pfkey_send_migrate()\n\nsyzbot was able to trigger a crash in skb_put() [1]\n\nIssue is that pfkey_send_migrate() does not check old/new families,\nand that set_ipsecrequest() @family argument was truncated,\nthus possibly overfilling the skb.\n\nValidate families early, do not wait set_ipsecrequest().\n\n[1]\n\nskbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:\u003cNULL\u003e\n kernel BUG at net/core/skbuff.c:214 !\nCall Trace:\n \u003cTASK\u003e\n skb_over_panic net/core/skbuff.c:219 [inline]\n skb_put+0x159/0x210 net/core/skbuff.c:2655\n skb_put_zero include/linux/skbuff.h:2788 [inline]\n set_ipsecrequest net/key/af_key.c:3532 [inline]\n pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636\n km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848\n xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705\n xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31515"
},
{
"cve": "CVE-2026-31518",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nesp: fix skb leak with espintcp and async crypto\n\nWhen the TX queue for espintcp is full, esp_output_tail_tcp will\nreturn an error and not free the skb, because with synchronous crypto,\nthe common xfrm output code will drop the packet for us.\n\nWith async crypto (esp_output_done), we need to drop the skb when\nesp_output_tail_tcp returns an error.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31518"
},
{
"cve": "CVE-2026-31521",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: Fix kernel panic when a symbol st_shndx is out of bounds\n\nThe module loader doesn\u0027t check for bounds of the ELF section index in\nsimplify_symbols():\n\n for (i = 1; i \u003c symsec-\u003esh_size / sizeof(Elf_Sym); i++) {\n\t\tconst char *name = info-\u003estrtab + sym[i].st_name;\n\n\t\tswitch (sym[i].st_shndx) {\n\t\tcase SHN_COMMON:\n\n\t\t[...]\n\n\t\tdefault:\n\t\t\t/* Divert to percpu allocation if a percpu var. */\n\t\t\tif (sym[i].st_shndx == info-\u003eindex.pcpu)\n\t\t\t\tsecbase = (unsigned long)mod_percpu(mod);\n\t\t\telse\n /** HERE --\u003e **/\t\tsecbase = info-\u003esechdrs[sym[i].st_shndx].sh_addr;\n\t\t\tsym[i].st_value += secbase;\n\t\t\tbreak;\n\t\t}\n\t}\n\nA symbol with an out-of-bounds st_shndx value, for example 0xffff\n(known as SHN_XINDEX or SHN_HIRESERVE), may cause a kernel panic:\n\n BUG: unable to handle page fault for address: ...\n RIP: 0010:simplify_symbols+0x2b2/0x480\n ...\n Kernel panic - not syncing: Fatal exception\n\nThis can happen when module ELF is legitimately using SHN_XINDEX or\nwhen it is corrupted.\n\nAdd a bounds check in simplify_symbols() to validate that st_shndx is\nwithin the valid range before using it.\n\nThis issue was discovered due to a bug in llvm-objcopy, see relevant\ndiscussion for details [1].\n\n[1] https://lore.kernel.org/linux-modules/20251224005752.201911-1-ihor.solodrai@linux.dev/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31521"
},
{
"cve": "CVE-2026-31533",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: fix use-after-free in -EBUSY error path of tls_do_encryption\n\nThe -EBUSY handling in tls_do_encryption(), introduced by commit\n859054147318 (\"net: tls: handle backlogging of crypto requests\"), has\na use-after-free due to double cleanup of encrypt_pending and the\nscatterlist entry.\n\nWhen crypto_aead_encrypt() returns -EBUSY, the request is enqueued to\nthe cryptd backlog and the async callback tls_encrypt_done() will be\ninvoked upon completion. That callback unconditionally restores the\nscatterlist entry (sge-\u003eoffset, sge-\u003elength) and decrements\nctx-\u003eencrypt_pending. However, if tls_encrypt_async_wait() returns an\nerror, the synchronous error path in tls_do_encryption() performs the\nsame cleanup again, double-decrementing encrypt_pending and\ndouble-restoring the scatterlist.\n\nThe double-decrement corrupts the encrypt_pending sentinel (initialized\nto 1), making tls_encrypt_async_wait() permanently skip the wait for\npending async callbacks. A subsequent sendmsg can then free the\ntls_rec via bpf_exec_tx_verdict() while a cryptd callback is still\npending, resulting in a use-after-free when the callback fires on the\nfreed record.\n\nFix this by skipping the synchronous cleanup when the -EBUSY async\nwait returns an error, since the callback has already handled\nencrypt_pending and sge restoration.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31533"
},
{
"cve": "CVE-2026-31546",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix NULL deref in bond_debug_rlb_hash_show\n\nrlb_clear_slave intentionally keeps RLB hash-table entries on\nthe rx_hashtbl_used_head list with slave set to NULL when no\nreplacement slave is available. However, bond_debug_rlb_hash_show\nvisites client_info-\u003eslave without checking if it\u0027s NULL.\n\nOther used-list iterators in bond_alb.c already handle this NULL-slave\nstate safely:\n\n- rlb_update_client returns early on !client_info-\u003eslave\n- rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance\ncompare slave values before visiting\n- lb_req_update_subnet_clients continues if slave is NULL\n\nThe following NULL deref crash can be trigger in\nbond_debug_rlb_hash_show:\n\n[ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41)\n[ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286\n[ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204\n[ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078\n[ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000\n[ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0\n[ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8\n[ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000\n[ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0\n[ 1.295897] Call Trace:\n[ 1.296134] seq_read_iter (fs/seq_file.c:231)\n[ 1.296341] seq_read (fs/seq_file.c:164)\n[ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1))\n[ 1.296658] vfs_read (fs/read_write.c:572)\n[ 1.296981] ksys_read (fs/read_write.c:717)\n[ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n[ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nAdd a NULL check and print \"(none)\" for entries with no assigned slave.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31546"
},
{
"cve": "CVE-2026-31555",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31563",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: Use dev_consume_skb_any() to free TX SKBs\n\nThe napi_consume_skb() function is not intended to be called in an IRQ\ndisabled context. However, after commit 6bc8a5098bf4 (\"net: macb: Fix\ntx_ptr_lock locking\"), the freeing of TX SKBs is performed with IRQs\ndisabled. To resolve the following call trace, use dev_consume_skb_any()\nfor freeing TX SKBs:\n WARNING: kernel/softirq.c:430 at __local_bh_enable_ip+0x174/0x188, CPU#0: ksoftirqd/0/15\n Modules linked in:\n CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 7.0.0-rc4-next-20260319-yocto-standard-dirty #37 PREEMPT\n Hardware name: ZynqMP ZCU102 Rev1.1 (DT)\n pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __local_bh_enable_ip+0x174/0x188\n lr : local_bh_enable+0x24/0x38\n sp : ffff800082b3bb10\n x29: ffff800082b3bb10 x28: ffff0008031f3c00 x27: 000000000011ede0\n x26: ffff000800a7ff00 x25: ffff800083937ce8 x24: 0000000000017a80\n x23: ffff000803243a78 x22: 0000000000000040 x21: 0000000000000000\n x20: ffff000800394c80 x19: 0000000000000200 x18: 0000000000000001\n x17: 0000000000000001 x16: ffff000803240000 x15: 0000000000000000\n x14: ffffffffffffffff x13: 0000000000000028 x12: ffff000800395650\n x11: ffff8000821d1528 x10: ffff800081c2bc08 x9 : ffff800081c1e258\n x8 : 0000000100000301 x7 : ffff8000810426ec x6 : 0000000000000000\n x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000\n x2 : 0000000000000008 x1 : 0000000000000200 x0 : ffff8000810428dc\n Call trace:\n __local_bh_enable_ip+0x174/0x188 (P)\n local_bh_enable+0x24/0x38\n skb_attempt_defer_free+0x190/0x1d8\n napi_consume_skb+0x58/0x108\n macb_tx_poll+0x1a4/0x558\n __napi_poll+0x50/0x198\n net_rx_action+0x1f4/0x3d8\n handle_softirqs+0x16c/0x560\n run_ksoftirqd+0x44/0x80\n smpboot_thread_fn+0x1d8/0x338\n kthread+0x120/0x150\n ret_from_fork+0x10/0x20\n irq event stamp: 29751\n hardirqs last enabled at (29750): [\u003cffff8000813be184\u003e] _raw_spin_unlock_irqrestore+0x44/0x88\n hardirqs last disabled at (29751): [\u003cffff8000813bdf60\u003e] _raw_spin_lock_irqsave+0x38/0x98\n softirqs last enabled at (29150): [\u003cffff8000800f1aec\u003e] handle_softirqs+0x504/0x560\n softirqs last disabled at (29153): [\u003cffff8000800f2fec\u003e] run_ksoftirqd+0x44/0x80",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31563"
},
{
"cve": "CVE-2026-31565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix deadlock during netdev reset with active connections\n\nResolve deadlock that occurs when user executes netdev reset while RDMA\napplications (e.g., rping) are active. The netdev reset causes ice\ndriver to remove irdma auxiliary driver, triggering device_delete and\nsubsequent client removal. During client removal, uverbs_client waits\nfor QP reference count to reach zero while cma_client holds the final\nreference, creating circular dependency and indefinite wait in iWARP\nmode. Skip QP reference count wait during device reset to prevent\ndeadlock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31565"
},
{
"cve": "CVE-2026-31628",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU: Fix FPDSS on Zen1\n\nZen1\u0027s hardware divider can leave, under certain circumstances, partial\nresults from previous operations. Those results can be leaked by\nanother, attacker thread.\n\nFix that with a chicken bit.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31628"
},
{
"cve": "CVE-2026-31634",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: fix reference count leak in rxrpc_server_keyring()\n\nThis patch fixes a reference count leak in rxrpc_server_keyring()\nby checking if rx-\u003esecurities is already set.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31634"
},
{
"cve": "CVE-2026-31649",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix integer underflow in chain mode\n\nThe jumbo_frm() chain-mode implementation unconditionally computes\n\n len = nopaged_len - bmax;\n\nwhere nopaged_len = skb_headlen(skb) (linear bytes only) and bmax is\nBUF_SIZE_8KiB or BUF_SIZE_2KiB. However, the caller stmmac_xmit()\ndecides to invoke jumbo_frm() based on skb-\u003elen (total length including\npage fragments):\n\n is_jumbo = stmmac_is_jumbo_frm(priv, skb-\u003elen, enh_desc);\n\nWhen a packet has a small linear portion (nopaged_len \u003c= bmax) but a\nlarge total length due to page fragments (skb-\u003elen \u003e bmax), the\nsubtraction wraps as an unsigned integer, producing a huge len value\n(~0xFFFFxxxx). This causes the while (len != 0) loop to execute\nhundreds of thousands of iterations, passing skb-\u003edata + bmax * i\npointers far beyond the skb buffer to dma_map_single(). On IOMMU-less\nSoCs (the typical deployment for stmmac), this maps arbitrary kernel\nmemory to the DMA engine, constituting a kernel memory disclosure and\npotential memory corruption from hardware.\n\nFix this by introducing a buf_len local variable clamped to\nmin(nopaged_len, bmax). Computing len = nopaged_len - buf_len is then\nalways safe: it is zero when the linear portion fits within a single\ndescriptor, causing the while (len != 0) loop to be skipped naturally,\nand the fragment loop in stmmac_xmit() handles page fragments afterward.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31649"
},
{
"cve": "CVE-2026-31651",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: vub300: fix NULL-deref on disconnect\n\nMake sure to deregister the controller before dropping the reference to\nthe driver data on disconnect to avoid NULL-pointer dereferences or\nuse-after-free.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31651"
},
{
"cve": "CVE-2026-31658",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit()\n\nWhen dma_map_single() fails in tse_start_xmit(), the function returns\nNETDEV_TX_OK without freeing the skb. Since NETDEV_TX_OK tells the\nstack the packet was consumed, the skb is never freed, leaking memory\non every DMA mapping failure.\n\nAdd dev_kfree_skb_any() before returning to properly free the skb.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31658"
},
{
"cve": "CVE-2026-31664",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31669",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix slab-use-after-free in __inet_lookup_established\n\nThe ehash table lookups are lockless and rely on\nSLAB_TYPESAFE_BY_RCU to guarantee socket memory stability\nduring RCU read-side critical sections. Both tcp_prot and\ntcpv6_prot have their slab caches created with this flag\nvia proto_register().\n\nHowever, MPTCP\u0027s mptcp_subflow_init() copies tcpv6_prot into\ntcpv6_prot_override during inet_init() (fs_initcall, level 5),\nbefore inet6_init() (module_init/device_initcall, level 6) has\ncalled proto_register(\u0026tcpv6_prot). At that point,\ntcpv6_prot.slab is still NULL, so tcpv6_prot_override.slab\nremains NULL permanently.\n\nThis causes MPTCP v6 subflow child sockets to be allocated via\nkmalloc (falling into kmalloc-4k) instead of the TCPv6 slab\ncache. The kmalloc-4k cache lacks SLAB_TYPESAFE_BY_RCU, so\nwhen these sockets are freed without SOCK_RCU_FREE (which is\ncleared for child sockets by design), the memory can be\nimmediately reused. Concurrent ehash lookups under\nrcu_read_lock can then access freed memory, triggering a\nslab-use-after-free in __inet_lookup_established.\n\nFix this by splitting the IPv6-specific initialization out of\nmptcp_subflow_init() into a new mptcp_subflow_v6_init(), called\nfrom mptcp_proto_v6_init() before protocol registration. This\nensures tcpv6_prot_override.slab correctly inherits the\nSLAB_TYPESAFE_BY_RCU slab cache.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31669"
},
{
"cve": "CVE-2026-31670",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rfkill: prevent unlimited numbers of rfkill events from being created\n\nUserspace can create an unlimited number of rfkill events if the system\nis so configured, while not consuming them from the rfkill file\ndescriptor, causing a potential out of memory situation. Prevent this\nfrom bounding the number of pending rfkill events at a \"large\" number\n(i.e. 1000) to prevent abuses like this.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31670"
},
{
"cve": "CVE-2026-31671",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm_user: fix info leak in build_report()\n\nstruct xfrm_user_report is a __u8 proto field followed by a struct\nxfrm_selector which means there is three \"empty\" bytes of padding, but\nthe padding is never zeroed before copying to userspace. Fix that up by\nzeroing the structure before setting individual member variables.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31671"
},
{
"cve": "CVE-2026-31674",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31680",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31682",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: linearize skb before parsing ND options\n\nbr_nd_send() parses neighbour discovery options from ns-\u003eopt[] and\nassumes that these options are in the linear part of request.\n\nIts callers only guarantee that the ICMPv6 header and target address\nare available, so the option area can still be non-linear. Parsing\nns-\u003eopt[] in that case can access data past the linear buffer.\n\nLinearize request before option parsing and derive ns from the linear\nnetwork header.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31682"
},
{
"cve": "CVE-2026-31737",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ftgmac100: fix ring allocation unwind on open failure\n\nftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and\nrx_scratch in stages. On intermediate failures it returned -ENOMEM\ndirectly, leaking resources allocated earlier in the function.\n\nRework the failure path to use staged local unwind labels and free\nallocated resources in reverse order before returning -ENOMEM. This\nmatches common netdev allocation cleanup style.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31737"
},
{
"cve": "CVE-2026-31752",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31761",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: gyro: mpu3050: Move iio_device_register() to correct location\n\niio_device_register() should be at the end of the probe function to\nprevent race conditions.\n\nPlace iio_device_register() at the end of the probe function and place\niio_device_unregister() accordingly.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31761"
},
{
"cve": "CVE-2026-31768",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ti-adc161s626: use DMA-safe memory for spi_read()\n\nAdd a DMA-safe buffer and use it for spi_read() instead of a stack\nmemory. All SPI buffers must be DMA-safe.\n\nSince we only need up to 3 bytes, we just use a u8[] instead of __be16\nand __be32 and change the conversion functions appropriately.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-31768"
},
{
"cve": "CVE-2026-40355",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-40355"
},
{
"cve": "CVE-2026-41989",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-41989"
},
{
"cve": "CVE-2026-43011",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/x25: Fix potential double free of skb\n\nWhen alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at\nline 48 and returns 1 (error).\nThis error propagates back through the call chain:\n\nx25_queue_rx_frame returns 1\n |\n v\nx25_state3_machine receives the return value 1 and takes the else\nbranch at line 278, setting queued=0 and returning 0\n |\n v\nx25_process_rx_frame returns queued=0\n |\n v\nx25_backlog_rcv at line 452 sees queued=0 and calls kfree_skb(skb)\nagain\n\nThis would free the same skb twice. Looking at x25_backlog_rcv:\n\nnet/x25/x25_in.c:x25_backlog_rcv() {\n ...\n queued = x25_process_rx_frame(sk, skb);\n ...\n if (!queued)\n kfree_skb(skb);\n}",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43011"
},
{
"cve": "CVE-2026-43024",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43025",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: ignore explicit helper on new expectations\n\nUse the existing master conntrack helper, anything else is not really\nsupported and it just makes validation more complicated, so just ignore\nwhat helper userspace suggests for this expectation.\n\nThis was uncovered when validating CTA_EXPECT_CLASS via different helper\nprovided by userspace than the existing master conntrack helper:\n\n BUG: KASAN: slab-out-of-bounds in nf_ct_expect_related_report+0x2479/0x27c0\n Read of size 4 at addr ffff8880043fe408 by task poc/102\n Call Trace:\n nf_ct_expect_related_report+0x2479/0x27c0\n ctnetlink_create_expect+0x22b/0x3b0\n ctnetlink_new_expect+0x4bd/0x5c0\n nfnetlink_rcv_msg+0x67a/0x950\n netlink_rcv_skb+0x120/0x350\n\nAllowing to read kernel memory bytes off the expectation boundary.\n\nCTA_EXPECT_HELP_NAME is still used to offer the helper name to userspace\nvia netlink dump.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43025"
},
{
"cve": "CVE-2026-43026",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent\n\nctnetlink_alloc_expect() allocates expectations from a non-zeroing\nslab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not\npresent in the netlink message, saved_addr and saved_proto are\nnever initialized. Stale data from a previous slab occupant can\nthen be dumped to userspace by ctnetlink_exp_dump_expect(), which\nchecks these fields to decide whether to emit CTA_EXPECT_NAT.\n\nThe safe sibling nf_ct_expect_init(), used by the packet path,\nexplicitly zeroes these fields.\n\nZero saved_addr, saved_proto and dir in the else branch, guarded\nby IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when\nNAT is enabled.\n\nConfirmed by priming the expect slab with NAT-bearing expectations,\nfreeing them, creating a new expectation without CTA_EXPECT_NAT,\nand observing that the ctnetlink dump emits a spurious\nCTA_EXPECT_NAT containing stale data from the prior allocation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43026"
},
{
"cve": "CVE-2026-43027",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_helper: pass helper to expect cleanup\n\nnf_conntrack_helper_unregister() calls nf_ct_expect_iterate_destroy()\nto remove expectations belonging to the helper being unregistered.\nHowever, it passes NULL instead of the helper pointer as the data\nargument, so expect_iter_me() never matches any expectation and all\nof them survive the cleanup.\n\nAfter unregister returns, nfnl_cthelper_del() frees the helper\nobject immediately. Subsequent expectation dumps or packet-driven\ninit_conntrack() calls then dereference the freed exp-\u003ehelper,\ncausing a use-after-free.\n\nPass the actual helper pointer so expectations referencing it are\nproperly destroyed before the helper object is freed.\n\n BUG: KASAN: slab-use-after-free in string+0x38f/0x430\n Read of size 1 at addr ffff888003b14d20 by task poc/103\n Call Trace:\n string+0x38f/0x430\n vsnprintf+0x3cc/0x1170\n seq_printf+0x17a/0x240\n exp_seq_show+0x2e5/0x560\n seq_read_iter+0x419/0x1280\n proc_reg_read+0x1ac/0x270\n vfs_read+0x179/0x930\n ksys_read+0xef/0x1c0\n Freed by task 103:\n The buggy address is located 32 bytes inside of\n freed 192-byte region [ffff888003b14d00, ffff888003b14dc0)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43027"
},
{
"cve": "CVE-2026-43028",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43030",
"cwe": {
"id": "CWE-372",
"name": "Incomplete Internal State Distinction"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix regsafe() for pointers to packet\n\nIn case rold-\u003ereg-\u003erange == BEYOND_PKT_END \u0026\u0026 rcur-\u003ereg-\u003erange == N\nregsafe() may return true which may lead to current state with\nvalid packet range not being explored. Fix the bug.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43030"
},
{
"cve": "CVE-2026-43033",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption\n\nWhen decrypting data that is not in-place (src != dst), there is\nno need to save the high-order sequence bits in dst as it could\nsimply be re-copied from the source.\n\nHowever, the data to be hashed need to be rearranged accordingly.\n\n\nThanks,",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43033"
},
{
"cve": "CVE-2026-43035",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43038",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: icmp: clear skb2-\u003ecb[] in ip6_err_gen_icmpv6_unreach()\n\nSashiko AI-review observed:\n\n In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet\n where its cb contains an IPv4 inet_skb_parm. When skb is cloned into skb2\n and passed to icmp6_send(), it uses IP6CB(skb2).\n\n IP6CB interprets the IPv4 inet_skb_parm as an inet6_skb_parm. The cipso\n offset in inet_skb_parm.opt directly overlaps with dsthao in inet6_skb_parm\n at offset 18.\n\n If an attacker sends a forged ICMPv4 error with a CIPSO IP option, dsthao\n would be a non-zero offset. Inside icmp6_send(), mip6_addr_swap() is called\n and uses ipv6_find_tlv(skb, opt-\u003edsthao, IPV6_TLV_HAO).\n\n This would scan the inner, attacker-controlled IPv6 packet starting at that\n offset, potentially returning a fake TLV without checking if the remaining\n packet length can hold the full 18-byte struct ipv6_destopt_hao.\n\n Could mip6_addr_swap() then perform a 16-byte swap that extends past the end\n of the packet data into skb_shared_info?\n\n Should the cb array also be cleared in ip6_err_gen_icmpv6_unreach() and\n ip6ip6_err() to prevent this?\n\nThis patch implements the first suggestion.\n\nI am not sure if ip6ip6_err() needs to be changed.\nA separate patch would be better anyway.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43038"
},
{
"cve": "CVE-2026-43040",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak\n\nWhen processing Router Advertisements with user options the kernel\nbuilds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct\nhas three padding fields that are never zeroed and can leak kernel data\n\nThe fix is simple, just zeroes the padding fields.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43040"
},
{
"cve": "CVE-2026-43057",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: correctly handle tunneled traffic on IPV6_CSUM GSO fallback\n\nNETIF_F_IPV6_CSUM only advertises support for checksum offload of\npackets without IPv6 extension headers. Packets with extension\nheaders must fall back onto software checksumming. Since TSO\ndepends on checksum offload, those must revert to GSO.\n\nThe below commit introduces that fallback. It always checks\nnetwork header length. For tunneled packets, the inner header length\nmust be checked instead. Extend the check accordingly.\n\nA special case is tunneled packets without inner IP protocol. Such as\nRFC 6951 SCTP in UDP. Those are not standard IPv6 followed by\ntransport header either, so also must revert to the software GSO path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43057"
},
{
"cve": "CVE-2026-43284",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: esp: avoid in-place decrypt on shared skb frags\n\nMSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP\nmarks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(),\nso later paths that may modify packet data can first make a private\ncopy. The IPv4/IPv6 datagram append paths did not set this flag when\nsplicing pages into UDP skbs.\n\nThat leaves an ESP-in-UDP packet made from shared pipe pages looking\nlike an ordinary uncloned nonlinear skb. ESP input then takes the no-COW\nfast path for uncloned skbs without a frag_list and decrypts in place\nover data that is not owned privately by the skb.\n\nMark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching\nTCP. Also make ESP input fall back to skb_cow_data() when the flag is\npresent, so ESP does not decrypt externally backed frags in place.\nPrivate nonlinear skb frags still use the existing fast path.\n\nThis intentionally does not change ESP output. In esp_output_head(),\nthe path that appends the ESP trailer to existing skb tailroom without\ncalling skb_cow_data() is not reachable for nonlinear skbs:\nskb_tailroom() returns zero when skb-\u003edata_len is nonzero, while ESP\ntailen is positive. Thus ESP output will either use the separate\ndestination-frag path or fall back to skb_cow_data().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-43284"
},
{
"cve": "CVE-2026-46174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Prevent improper isolation of shared resources in Zen2\u0027s op cache\n\nMake sure resources are not improperly shared in the op cache and\ncause instruction corruption this way.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-46174"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: preserve shared-frag marker during coalescing\n\nskb_try_coalesce() can attach paged frags from @from to @to. If @from\nhas SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same\nexternally-owned or page-cache-backed frags, but the shared-frag marker\nis currently lost.\n\nThat breaks the invariant relied on by later in-place writers. In\nparticular, ESP input checks skb_has_shared_frag() before deciding\nwhether an uncloned nonlinear skb can skip skb_cow_data(). If TCP\nreceive coalescing has moved shared frags into an unmarked skb, ESP can\nsee skb_has_shared_frag() as false and decrypt in place over page-cache\nbacked frags.\n\nPropagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged\nfrags. The tailroom copy path does not need the marker because it copies\nbytes into @to\u0027s linear data rather than transferring frag descriptors.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-46300"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2026-46333"
}
]
}
SSA-082556
Vulnerability from csaf_siemens - Published: 2025-06-10 00:00 - Updated: 2026-07-14 00:00sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the "keylen" parameter or the IV length, via the "ivlen" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means "let the host resolve the name" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there. The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a function call that duplicates en easy handle called [curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html). If a transfer has cookies enabled when the handle is duplicated, the cookie-enable state is also cloned - but without cloning the actual cookies. If the source handle did not read any cookies from a specific file on disk, the cloned version of the handle would instead store the file name as `none` (using the four ASCII letters, no quotes). Subsequent use of the cloned handle that does not explicitly set a source to load cookies from would then inadvertently load cookies from a file named `none` - if such a file exists and is readable in the current directory of the program using libcurl. And if using the correct file format of course.
CWE-73 - External Control of File Name or Path| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the created ct will not be confirmed, like in OVS and TC conntrack in the following patches. This patch allows exp not to be removed by setting IPS_CONFIRMED in the status of the tmpl.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events After the blamed commit, we started doing this dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the system. static inline struct dsa_port *dsa_user_to_port(const struct net_device *dev) { struct dsa_user_priv *p = netdev_priv(dev); return p->dp; } Which is obviously bogus, because not all net_devices have a netdev_priv() of type struct dsa_user_priv. But struct dsa_user_priv is fairly small, and p->dp means dereferencing 8 bytes starting with offset 16. Most drivers allocate that much private memory anyway, making our access not fault, and we discard the bogus data quickly afterwards, so this wasn't caught. But the dummy interface is somewhat special in that it calls alloc_netdev() with a priv size of 0. So every netdev_priv() dereference is invalid, and we get this when we emit a NETDEV_PRECHANGEUPPER event with a VLAN as its new upper: $ ip link add dummy1 type dummy $ ip link add link dummy1 name dummy1.100 type vlan id 100 [ 43.309174] ================================================================== [ 43.316456] BUG: KASAN: slab-out-of-bounds in dsa_user_prechangeupper+0x30/0xe8 [ 43.323835] Read of size 8 at addr ffff3f86481d2990 by task ip/374 [ 43.330058] [ 43.342436] Call trace: [ 43.366542] dsa_user_prechangeupper+0x30/0xe8 [ 43.371024] dsa_user_netdevice_event+0xb38/0xee8 [ 43.375768] notifier_call_chain+0xa4/0x210 [ 43.379985] raw_notifier_call_chain+0x24/0x38 [ 43.384464] __netdev_upper_dev_link+0x3ec/0x5d8 [ 43.389120] netdev_upper_dev_link+0x70/0xa8 [ 43.393424] register_vlan_dev+0x1bc/0x310 [ 43.397554] vlan_newlink+0x210/0x248 [ 43.401247] rtnl_newlink+0x9fc/0xe30 [ 43.404942] rtnetlink_rcv_msg+0x378/0x580 Avoid the kernel oops by dereferencing after the type check, as customary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.
CWE-150 - Improper Neutralization of Escape, Meta, or Control Sequences| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking into the crafted fuzzed image, I found it's formed with several overlapped big pclusters as below: Ext: logical offset | length : physical offset | length 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384 1: 16384.. 32768 | 16384 : 155648.. 172032 | 16384 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384 ... Here, extent 0/1 are physically overlapped although it's entirely _impossible_ for normal filesystem images generated by mkfs. First, managed folios containing compressed data will be marked as up-to-date and then unlocked immediately (unlike in-place folios) when compressed I/Os are complete. If physical blocks are not submitted in the incremental order, there should be separate BIOs to avoid dependency issues. However, the current code mis-arranges z_erofs_fill_bio_vec() and BIO submission which causes unexpected BIO waits. Second, managed folios will be connected to their own pclusters for efficient inter-queries. However, this is somewhat hard to implement easily if overlapped big pclusters exist. Again, these only appear in fuzzed images so let's simply fall back to temporary short-lived pages for correctness. Additionally, it justifies that referenced managed folios cannot be truncated for now and reverts part of commit 2080ca1ed3e4 ("erofs: tidy up `struct z_erofs_bvec`") for simplicity although it shouldn't be any difference.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called from request_lock() as lkb->lkb_resource is not assigned yet, only after validate_lock_args() by calling attach_lkb(). Another issue is that a resource name could be a non printable bytearray and we cannot assume to be ASCII coded. The log functionality is probably never being hit when DLM is used in normal way and no debug logging is enabled. The null pointer dereference can only occur on a new created lkb that does not have the resource assigned yet, it probably never hits the null pointer dereference but we should be sure that other changes might not change this behaviour and we actually can hit the mentioned null pointer dereference. In this patch we just drop the printout of the resource name, the lkb id is enough to make a possible connection to a resource name if this exists.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is unique among DSA drivers in that it calls dev_get_drvdata() at "arbitrary runtime" (not probe, not shutdown, not remove): phy_state_machine() -> ... -> dsa_user_phy_read() -> ds->ops->phy_read() -> lan9303_phy_read() -> chip->ops->phy_read() -> lan9303_mdio_phy_read() -> dev_get_drvdata() But we never stop the phy_state_machine(), so it may continue to run after dsa_switch_shutdown(). Our common pattern in all DSA drivers is to set drvdata to NULL to suppress the remove() method that may come afterwards. But in this case it will result in an NPD. The second problem is that the way in which we set dp->conduit->dsa_ptr = NULL; is concurrent with receive packet processing. dsa_switch_rcv() checks once whether dev->dsa_ptr is NULL, but afterwards, rather than continuing to use that non-NULL value, dev->dsa_ptr is dereferenced again and again without NULL checks: dsa_conduit_find_user() and many other places. In between dereferences, there is no locking to ensure that what was valid once continues to be valid. Both problems have the common aspect that closing the conduit interface solves them. In the first case, dev_close(conduit) triggers the NETDEV_GOING_DOWN event in dsa_user_netdevice_event() which closes user ports as well. dsa_port_disable_rt() calls phylink_stop(), which synchronously stops the phylink state machine, and ds->ops->phy_read() will thus no longer call into the driver after this point. In the second case, dev_close(conduit) should do this, as per Documentation/networking/driver.rst: | Quiescence | ---------- | | After the ndo_stop routine has been called, the hardware must | not receive or transmit any data. All in flight packets must | be aborted. If necessary, poll or wait for completion of | any reset commands. So it should be sufficient to ensure that later, when we zeroize conduit->dsa_ptr, there will be no concurrent dsa_switch_rcv() call on this conduit. The addition of the netif_device_detach() function is to ensure that ioctls, rtnetlinks and ethtool requests on the user ports no longer propagate down to the driver - we're no longer prepared to handle them. The race condition actually did not exist when commit 0650bf52b31f ("net: dsa: be compatible with masters which unregister on shutdown") first introduced dsa_switch_shutdown(). It was created later, when we stopped unregistering the user interfaces from a bad spot, and we just replaced that sequence with a racy zeroization of conduit->dsa_ptr (one which doesn't ensure that the interfaces aren't up).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add rough attr alloc_size check
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is enabled. However, net_device_ops::ndo_set_vf_mac() may be called before VF is enabled to configure the MAC address of VF. If this is the case, enetc_pf_set_vf_mac() will access vf_state, resulting in access to a null pointer. The simplified error log is as follows. root@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89 [ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 [ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy [ 173.641973] lr : do_setlink+0x4a8/0xec8 [ 173.732292] Call trace: [ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80 [ 173.738847] __rtnl_newlink+0x530/0x89c [ 173.742692] rtnl_newlink+0x50/0x7c [ 173.746189] rtnetlink_rcv_msg+0x128/0x390 [ 173.750298] netlink_rcv_skb+0x60/0x130 [ 173.754145] rtnetlink_rcv+0x18/0x24 [ 173.757731] netlink_unicast+0x318/0x380 [ 173.761665] netlink_sendmsg+0x17c/0x3c8
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd->lock, however bfq_limit_depth() is deferencing bfqq from bic without the lock, this can lead to UAF if the io_context is shared by multiple tasks. For example, test bfq with io_uring can trigger following UAF in v6.6: ================================================================== BUG: KASAN: slab-use-after-free in bfqq_group+0x15/0x50 Call Trace: <TASK> dump_stack_lvl+0x47/0x80 print_address_description.constprop.0+0x66/0x300 print_report+0x3e/0x70 kasan_report+0xb4/0xf0 bfqq_group+0x15/0x50 bfqq_request_over_limit+0x130/0x9a0 bfq_limit_depth+0x1b5/0x480 __blk_mq_alloc_requests+0x2b5/0xa00 blk_mq_get_new_requests+0x11d/0x1d0 blk_mq_submit_bio+0x286/0xb00 submit_bio_noacct_nocheck+0x331/0x400 __block_write_full_folio+0x3d0/0x640 writepage_cb+0x3b/0xc0 write_cache_pages+0x254/0x6c0 write_cache_pages+0x254/0x6c0 do_writepages+0x192/0x310 filemap_fdatawrite_wbc+0x95/0xc0 __filemap_fdatawrite_range+0x99/0xd0 filemap_write_and_wait_range.part.0+0x4d/0xa0 blkdev_read_iter+0xef/0x1e0 io_read+0x1b6/0x8a0 io_issue_sqe+0x87/0x300 io_wq_submit_work+0xeb/0x390 io_worker_handle_work+0x24d/0x550 io_wq_worker+0x27f/0x6c0 ret_from_fork_asm+0x1b/0x30 </TASK> Allocated by task 808602: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 __kasan_slab_alloc+0x83/0x90 kmem_cache_alloc_node+0x1b1/0x6d0 bfq_get_queue+0x138/0xfa0 bfq_get_bfqq_handle_split+0xe3/0x2c0 bfq_init_rq+0x196/0xbb0 bfq_insert_request.isra.0+0xb5/0x480 bfq_insert_requests+0x156/0x180 blk_mq_insert_request+0x15d/0x440 blk_mq_submit_bio+0x8a4/0xb00 submit_bio_noacct_nocheck+0x331/0x400 __blkdev_direct_IO_async+0x2dd/0x330 blkdev_write_iter+0x39a/0x450 io_write+0x22a/0x840 io_issue_sqe+0x87/0x300 io_wq_submit_work+0xeb/0x390 io_worker_handle_work+0x24d/0x550 io_wq_worker+0x27f/0x6c0 ret_from_fork+0x2d/0x50 ret_from_fork_asm+0x1b/0x30 Freed by task 808589: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 kasan_save_free_info+0x27/0x40 __kasan_slab_free+0x126/0x1b0 kmem_cache_free+0x10c/0x750 bfq_put_queue+0x2dd/0x770 __bfq_insert_request.isra.0+0x155/0x7a0 bfq_insert_request.isra.0+0x122/0x480 bfq_insert_requests+0x156/0x180 blk_mq_dispatch_plug_list+0x528/0x7e0 blk_mq_flush_plug_list.part.0+0xe5/0x590 __blk_flush_plug+0x3b/0x90 blk_finish_plug+0x40/0x60 do_writepages+0x19d/0x310 filemap_fdatawrite_wbc+0x95/0xc0 __filemap_fdatawrite_range+0x99/0xd0 filemap_write_and_wait_range.part.0+0x4d/0xa0 blkdev_read_iter+0xef/0x1e0 io_read+0x1b6/0x8a0 io_issue_sqe+0x87/0x300 io_wq_submit_work+0xeb/0x390 io_worker_handle_work+0x24d/0x550 io_wq_worker+0x27f/0x6c0 ret_from_fork+0x2d/0x50 ret_from_fork_asm+0x1b/0x30 Fix the problem by protecting bic_to_bfqq() with bfqd->lock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data") moved the assignment of tx_skbuff_dma[]'s members to be later in stmmac_tso_xmit(). The buf (dma cookie) and len stored in this structure are passed to dma_unmap_single() by stmmac_tx_clean(). The DMA API requires that the dma cookie passed to dma_unmap_single() is the same as the value returned from dma_map_single(). However, by moving the assignment later, this is not the case when priv->dma_cap.addr64 > 32 as "des" is offset by proto_hdr_len. This causes problems such as: dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed and with DMA_API_DEBUG enabled: DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes] Fix this by maintaining "des" as the original DMA cookie, and use tso_des to pass the offset DMA cookie to stmmac_tso_allocator(). Full details of the crashes can be found at: https://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/ https://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem >encode_fh() method that may fail for various reasons. The legacy users of exportfs_encode_fh(), namely, nfsd and name_to_handle_at(2) syscall are ready to cope with the possibility of failure to encode a file handle. There are a few other users of exportfs_encode_{fh,fid}() that currently have a WARN_ON() assertion when ->encode_fh() fails. Relax those assertions because they are wrong. The second linked bug report states commit 16aac5ad1fa9 ("ovl: support encoding non-decodable file handles") in v6.6 as the regressing commit, but this is not accurate. The aforementioned commit only increases the chances of the assertion and allows triggering the assertion with the reproducer using overlayfs, inotify and drop_caches. Triggering this assertion was always possible with other filesystems and other reasons of ->encode_fh() failures and more particularly, it was also possible with the exact same reproducer using overlayfs that is mounted with options index=on,nfs_export=on also on kernels < v6.6. Therefore, I am not listing the aforementioned commit as a Fixes commit. Backport hint: this patch will have a trivial conflict applying to v6.6.y, and other trivial conflicts applying to stable kernels < v6.6.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered. watchdog: BUG: soft lockup - CPU#2 stuck for 23s! [VM Thread:1503066] CPU: 2 PID: 1503066 Comm: VM Thread Kdump: loaded Tainted: G Hardware name: Huawei Cloud OpenStack Nova, BIOS RIP: 0010:console_unlock+0x343/0x540 RSP: 0000:ffffb751447db9a0 EFLAGS: 00000247 ORIG_RAX: ffffffffffffff13 RAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000ffffffff RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000247 RBP: ffffffffafc71f90 R08: 0000000000000000 R09: 0000000000000040 R10: 0000000000000080 R11: 0000000000000000 R12: ffffffffafc74bd0 R13: ffffffffaf60a220 R14: 0000000000000247 R15: 0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f2fe6ad91f0 CR3: 00000004b2076003 CR4: 0000000000360ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: vprintk_emit+0x193/0x280 printk+0x52/0x6e dump_task+0x114/0x130 mem_cgroup_scan_tasks+0x76/0x100 dump_header+0x1fe/0x210 oom_kill_process+0xd1/0x100 out_of_memory+0x125/0x570 mem_cgroup_out_of_memory+0xb5/0xd0 try_charge+0x720/0x770 mem_cgroup_try_charge+0x86/0x180 mem_cgroup_try_charge_delay+0x1c/0x40 do_anonymous_page+0xb5/0x390 handle_mm_fault+0xc4/0x1f0 This is because thousands of processes are in the OOM cgroup, it takes a long time to traverse all of them. As a result, this lead to soft lockup in the OOM process. To fix this issue, call 'cond_resched' in the 'mem_cgroup_scan_tasks' function per 1000 iterations. For global OOM, call 'touch_softlockup_watchdog' per 1000 iterations to avoid this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: don't allow 1 packet limit The current implementation does not work correctly with a limit of 1. iproute2 actually checks for this and this patch adds the check in kernel as well. This fixes the following syzkaller reported crash: UBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6 index 65535 is out of range for type 'struct sfq_head[128]' CPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x125/0x19f lib/dump_stack.c:120 ubsan_epilogue lib/ubsan.c:148 [inline] __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347 sfq_link net/sched/sch_sfq.c:210 [inline] sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238 sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500 sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525 qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026 tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319 qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026 dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296 netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline] dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362 __dev_close_many+0x214/0x350 net/core/dev.c:1468 dev_close_many+0x207/0x510 net/core/dev.c:1506 unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738 unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695 unregister_netdevice include/linux/netdevice.h:2893 [inline] __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689 tun_detach drivers/net/tun.c:705 [inline] tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640 __fput+0x203/0x840 fs/file_table.c:280 task_work_run+0x129/0x1b0 kernel/task_work.c:185 exit_task_work include/linux/task_work.h:33 [inline] do_exit+0x5ce/0x2200 kernel/exit.c:931 do_group_exit+0x144/0x310 kernel/exit.c:1046 __do_sys_exit_group kernel/exit.c:1057 [inline] __se_sys_exit_group kernel/exit.c:1055 [inline] __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055 do_syscall_64+0x6c/0xd0 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7fe5e7b52479 Code: Unable to access opcode bytes at RIP 0x7fe5e7b5244f. RSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479 RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 RBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0 R13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270 The crash can be also be reproduced with the following (with a tc recompiled to allow for sfq limits of 1): tc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s ../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1 ifconfig dummy0 up ping -I dummy0 -f -c2 -W0.1 8.8.8.8 sleep 1 Scenario that triggers the crash: * the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1 * TBF dequeues: it peeks from SFQ which moves the packet to the gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so it schedules itself for later. * the second packet is sent and TBF tries to queues it to SFQ. qdisc qlen is now 2 and because the SFQ limit is 1 the packet is dropped by SFQ. At this point qlen is 1, and all of the SFQ slots are empty, however q->tail is not NULL. At this point, assuming no more packets are queued, when sch_dequeue runs again it will decrement the qlen for the current empty slot causing an underflow and the subsequent out of bounds access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc() in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: [ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0) [ 10.848132][ T1] ------------[ cut here ]------------ [ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330 [ 10.862827][ T1] Modules linked in: [ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375 [ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024 [ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330 [ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 <0f> 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1 [ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246 [ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000 [ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0 The above transcript shows that ACPI pointed a 16 MiB buffer for the log events because RSI maps to the 'order' parameter of __alloc_pages_noprof(). Address the bug by moving from devm_kmalloc() to devm_add_action() and kvmalloc() and devm_add_action().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.
CWE-401 - Missing Release of Memory after Effective Lifetime| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue.
CWE-476 - NULL Pointer Dereference| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'no_proxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash which leads to Denial of Service for an application. The OpenSSL HTTP client API functions can be used directly by applications but they are also used by the OCSP client functions and CMP (Certificate Management Protocol) client implementation in OpenSSL. However the URLs used by these implementations are unlikely to be controlled by an attacker. In this vulnerable code the out of bounds read can only trigger a crash. Furthermore the vulnerability requires an attacker-controlled URL to be passed from an application to the OpenSSL function and the user has to have a 'no_proxy' environment variable set. For the aforementioned reasons the issue was assessed as Low severity. The vulnerable code was introduced in the following patch releases: 3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the HTTP client implementation is outside the OpenSSL FIPS module boundary.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.
CWE-125 - Out-of-bounds Read| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised.
CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.
CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.
CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.
CWE-122 - Heap-based Buffer Overflow| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.
CWE-252 - Unchecked Return Value| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.
CWE-125 - Out-of-bounds Read| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fec: handle page_pool_dev_alloc_pages error The fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did not handle the case when it returned NULL. There was a WARN_ON(!new_page) but it would still proceed to use the NULL pointer and then crash. This case does seem somewhat rare but when the system is under memory pressure it can happen. One case where I can duplicate this with some frequency is when writing over a smbd share to a SATA HDD attached to an imx6q. Setting /proc/sys/vm/min_free_kbytes to higher values also seems to solve the problem for my test case. But it still seems wrong that the fec driver ignores the memory allocation error and can crash. This commit handles the allocation error by dropping the current packet.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp # ip li set dev eth0 xdp off # ethtool -k eth0 | grep gro rx-gro-hw: off [requested on] After: # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp # ip li set dev eth0 xdp off # ethtool -k eth0 | grep gro rx-gro-hw: on The fact that HW-GRO doesn't get re-enabled automatically is just a minor annoyance. The real issue is that the features will randomly come back during another reconfiguration which just happens to invoke netdev_update_features(). The driver doesn't handle reconfiguring two things at a time very robustly. Starting with commit 98ba1d931f61 ("bnxt_en: Fix RSS logic in __bnxt_reserve_rings()") we only reconfigure the RSS hash table if the "effective" number of Rx rings has changed. If HW-GRO is enabled "effective" number of rings is 2x what user sees. So if we are in the bad state, with HW-GRO re-enablement "pending" after XDP off, and we lower the rings by / 2 - the HW-GRO rings doing 2x and the ethtool -L doing / 2 may cancel each other out, and the: if (old_rx_rings != bp->hw_resc.resv_rx_rings && condition in __bnxt_reserve_rings() will be false. The RSS map won't get updated, and we'll crash with: BUG: kernel NULL pointer dereference, address: 0000000000000168 RIP: 0010:__bnxt_hwrm_vnic_set_rss+0x13a/0x1a0 bnxt_hwrm_vnic_rss_cfg_p5+0x47/0x180 __bnxt_setup_vnic_p5+0x58/0x110 bnxt_init_nic+0xb72/0xf50 __bnxt_open_nic+0x40d/0xab0 bnxt_open_nic+0x2b/0x60 ethtool_set_channels+0x18c/0x1d0 As we try to access a freed ring. The issue is present since XDP support was added, really, but prior to commit 98ba1d931f61 ("bnxt_en: Fix RSS logic in __bnxt_reserve_rings()") it wasn't causing major issues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic != lock) WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120 CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771 RIP: 0010:__mutex_lock+0xc8a/0x1120 Call Trace: <TASK> ethtool_check_max_channel+0x1ea/0x880 ethnl_set_channels+0x3c3/0xb10 ethnl_default_set_doit+0x306/0x650 genl_family_rcv_msg_doit+0x1e3/0x2c0 genl_rcv_msg+0x432/0x6f0 netlink_rcv_skb+0x13d/0x3b0 genl_rcv+0x28/0x40 netlink_unicast+0x42e/0x720 netlink_sendmsg+0x765/0xc20 __sys_sendto+0x3ac/0x420 __x64_sys_sendto+0xe0/0x1c0 do_syscall_64+0x95/0x180 entry_SYSCALL_64_after_hwframe+0x76/0x7e This is because unregister_netdevice_many_notify might run before the rtnl lock section of ethnl operations, eg. set_channels in the above example. In this example the rss lock would be destroyed by the device unregistration path before being used again, but in general running ethnl operations while dismantle has started is not a good idea. Fix this by denying any operation on devices being unregistered. A check was already there in ethnl_ops_begin, but not wide enough. Note that the same issue cannot be seen on the ioctl version (__dev_ethtool) because the device reference is retrieved from within the rtnl lock section there. Once dismantle started, the net device is unlisted and no reference will be found.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected behaviour: In case we reach scheduler's limit, pfifo_tail_enqueue() will drop a packet in scheduler's queue and decrease scheduler's qlen by one. Then, pfifo_tail_enqueue() enqueue new packet and increase scheduler's qlen by one. Finally, pfifo_tail_enqueue() return `NET_XMIT_CN` status code. Weird behaviour: In case we set `sch->limit == 0` and trigger pfifo_tail_enqueue() on a scheduler that has no packet, the 'drop a packet' step will do nothing. This means the scheduler's qlen still has value equal 0. Then, we continue to enqueue new packet and increase scheduler's qlen by one. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by one and return `NET_XMIT_CN` status code. The problem is: Let's say we have two qdiscs: Qdisc_A and Qdisc_B. - Qdisc_A's type must have '->graft()' function to create parent/child relationship. Let's say Qdisc_A's type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`. - Qdisc_B's type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`. - Qdisc_B is configured to have `sch->limit == 0`. - Qdisc_A is configured to route the enqueued's packet to Qdisc_B. Enqueue packet through Qdisc_A will lead to: - hfsc_enqueue(Qdisc_A) -> pfifo_tail_enqueue(Qdisc_B) - Qdisc_B->q.qlen += 1 - pfifo_tail_enqueue() return `NET_XMIT_CN` - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` => hfsc_enqueue() don't increase qlen of Qdisc_A. The whole process lead to a situation where Qdisc_A->q.qlen == 0 and Qdisc_B->q.qlen == 1. Replace 'hfsc' with other type (for example: 'drr') still lead to the same problem. This violate the design where parent's qlen should equal to the sum of its childrens'qlen. Bug impact: This issue can be used for user->kernel privilege escalation when it is reachable.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime After commit ec6bb299c7c3 ("md/md-bitmap: add 'sync_size' into struct md_bitmap_stats"), following panic is reported: Oops: general protection fault, probably for non-canonical address RIP: 0010:bitmap_get_stats+0x2b/0xa0 Call Trace: <TASK> md_seq_show+0x2d2/0x5b0 seq_read_iter+0x2b9/0x470 seq_read+0x12f/0x180 proc_reg_read+0x57/0xb0 vfs_read+0xf6/0x380 ksys_read+0x6c/0xf0 do_syscall_64+0x82/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e Root cause is that bitmap_get_stats() can be called at anytime if mddev is still there, even if bitmap is destroyed, or not fully initialized. Deferenceing bitmap in this case can crash the kernel. Meanwhile, the above commit start to deferencing bitmap->storage, make the problem easier to trigger. Fix the problem by protecting bitmap_get_stats() with bitmap_info.mutex.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index() where shifting the constant "1" (of type int) by bitmap->mapped.pgshift (an unsigned long value) could result in undefined behavior. The constant "1" defaults to a 32-bit "int", and when "pgshift" exceeds 31 (e.g., pgshift = 63) the shift operation overflows, as the result cannot be represented in a 32-bit type. To resolve this, the constant is updated to "1UL", promoting it to an unsigned long type to match the operand's type.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues because this kfunc can sleep. Change `irqs_disabled()` to `!preemptible()`.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix class @block_class's subsystem refcount leakage blkcg_fill_root_iostats() iterates over @block_class's devices by class_dev_iter_(init|next)(), but does not end iterating with class_dev_iter_exit(), so causes the class's subsystem refcount leakage. Fix by ending the iterating with class_dev_iter_exit().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect(). Prevents socket unbinding during a transport reassignment, which fixes a use-after-free: 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2) 2. transport->release() calls vsock_remove_bound() without checking if sk was bound and moved to bound list (refcnt=1) 3. vsock_bind() assumes sk is in unbound list and before __vsock_insert_bound(vsock_bound_sockets()) calls __vsock_remove_bound() which does: list_del_init(&vsk->bound_table); // nop sock_put(&vsk->sk); // refcnt=0 BUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730 Read of size 4 at addr ffff88816b46a74c by task a.out/2057 dump_stack_lvl+0x68/0x90 print_report+0x174/0x4f6 kasan_report+0xb9/0x190 __vsock_bind+0x62e/0x730 vsock_bind+0x97/0xe0 __sys_bind+0x154/0x1f0 __x64_sys_bind+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Allocated by task 2057: kasan_save_stack+0x1e/0x40 kasan_save_track+0x10/0x30 __kasan_slab_alloc+0x85/0x90 kmem_cache_alloc_noprof+0x131/0x450 sk_prot_alloc+0x5b/0x220 sk_alloc+0x2c/0x870 __vsock_create.constprop.0+0x2e/0xb60 vsock_create+0xe4/0x420 __sock_create+0x241/0x650 __sys_socket+0xf2/0x1a0 __x64_sys_socket+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e Freed by task 2057: kasan_save_stack+0x1e/0x40 kasan_save_track+0x10/0x30 kasan_save_free_info+0x37/0x60 __kasan_slab_free+0x4b/0x70 kmem_cache_free+0x1a1/0x590 __sk_destruct+0x388/0x5a0 __vsock_bind+0x5e1/0x730 vsock_bind+0x97/0xe0 __sys_bind+0x154/0x1f0 __x64_sys_bind+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e refcount_t: addition on 0; use-after-free. WARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150 RIP: 0010:refcount_warn_saturate+0xce/0x150 __vsock_bind+0x66d/0x730 vsock_bind+0x97/0xe0 __sys_bind+0x154/0x1f0 __x64_sys_bind+0x6e/0xb0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e refcount_t: underflow; use-after-free. WARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150 RIP: 0010:refcount_warn_saturate+0xee/0x150 vsock_remove_bound+0x187/0x1e0 __vsock_release+0x383/0x4a0 vsock_release+0x90/0x120 __sock_release+0xa3/0x250 sock_close+0x14/0x20 __fput+0x359/0xa80 task_work_run+0x107/0x1d0 do_exit+0x847/0x2560 do_group_exit+0xb8/0x250 __x64_sys_exit_group+0x3a/0x50 x64_sys_call+0xfec/0x14f0 do_syscall_64+0x93/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv4: use RCU protection in __ip_rt_update_pmtu() __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context The following bug report happened with a PREEMPT_RT kernel: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 get_random_u32+0x4f/0x110 clocksource_verify_choose_cpus+0xab/0x1a0 clocksource_verify_percpu.part.0+0x6b/0x330 clocksource_watchdog_kthread+0x193/0x1a0 It is due to the fact that clocksource_verify_choose_cpus() is invoked with preemption disabled. This function invokes get_random_u32() to obtain random numbers for choosing CPUs. The batched_entropy_32 local lock and/or the base_crng.lock spinlock in driver/char/random.c will be acquired during the call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot be acquired in atomic context. Fix this problem by using migrate_disable() to allow smp_processor_id() to be reliably used without introducing atomic context. preempt_disable() is then called after clocksource_verify_choose_cpus() but before the clocksource measurement is being run to avoid introducing unexpected latency.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4_shutdown_callback If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped. This patch modifies nfsd4_run_cb_work to skip the RPC call if nfs4_client is in courtesy state.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously. However, acl_access will still retain a pointer pointing to the released posix_acl, which will trigger a WARNING in nfs3svc_release_getacl like this: ------------[ cut here ]------------ refcount_t: underflow; use-after-free. WARNING: CPU: 26 PID: 3199 at lib/refcount.c:28 refcount_warn_saturate+0xb5/0x170 Modules linked in: CPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted 6.12.0-rc6-00079-g04ae226af01f-dirty #8 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014 RIP: 0010:refcount_warn_saturate+0xb5/0x170 Code: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75 e4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff <0f> 0b eb cd 0f b6 1d 8a3 RSP: 0018:ffffc90008637cd8 EFLAGS: 00010282 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380 RBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56 R10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001 R13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0 FS: 0000000000000000(0000) GS:ffff88871ed00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? refcount_warn_saturate+0xb5/0x170 ? __warn+0xa5/0x140 ? refcount_warn_saturate+0xb5/0x170 ? report_bug+0x1b1/0x1e0 ? handle_bug+0x53/0xa0 ? exc_invalid_op+0x17/0x40 ? asm_exc_invalid_op+0x1a/0x20 ? tick_nohz_tick_stopped+0x1e/0x40 ? refcount_warn_saturate+0xb5/0x170 ? refcount_warn_saturate+0xb5/0x170 nfs3svc_release_getacl+0xc9/0xe0 svc_process_common+0x5db/0xb60 ? __pfx_svc_process_common+0x10/0x10 ? __rcu_read_unlock+0x69/0xa0 ? __pfx_nfsd_dispatch+0x10/0x10 ? svc_xprt_received+0xa1/0x120 ? xdr_init_decode+0x11d/0x190 svc_process+0x2a7/0x330 svc_handle_xprt+0x69d/0x940 svc_recv+0x180/0x2d0 nfsd+0x168/0x200 ? __pfx_nfsd+0x10/0x10 kthread+0x1a2/0x1e0 ? kthread+0xf4/0x1e0 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x34/0x60 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> Kernel panic - not syncing: kernel: panic_on_warn set ... Clear acl_access/acl_default after posix_acl_release is called to prevent UAF from being triggered.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() Add check for the return value of nfp_app_ctrl_msg_alloc() in nfp_bpf_cmsg_alloc() to prevent null pointer dereference.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: drop_monitor: fix incorrect initialization order Syzkaller reports the following bug: BUG: spinlock bad magic on CPU#1, syz-executor.0/7995 lock: 0xffff88805303f3e0, .magic: 00000000, .owner: <none>/-1, .owner_cpu: 0 CPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x119/0x179 lib/dump_stack.c:118 debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline] do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline] _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159 reset_per_cpu_data+0xe6/0x240 [drop_monitor] net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739 genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800 netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497 genl_rcv+0x29/0x40 net/netlink/genetlink.c:811 netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348 netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916 sock_sendmsg_nosec net/socket.c:651 [inline] __sock_sendmsg+0x157/0x190 net/socket.c:663 ____sys_sendmsg+0x712/0x870 net/socket.c:2378 ___sys_sendmsg+0xf8/0x170 net/socket.c:2432 __sys_sendmsg+0xea/0x1b0 net/socket.c:2461 do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x62/0xc7 RIP: 0033:0x7f3f9815aee9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9 RDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007 RBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768 If drop_monitor is built as a kernel module, syzkaller may have time to send a netlink NET_DM_CMD_START message during the module loading. This will call the net_dm_monitor_start() function that uses a spinlock that has not yet been initialized. To fix this, let's place resource initialization above the registration of a generic netlink family. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with Syzkaller.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6_tunnel_net_exit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the pair of netns The xfrm_state found on spi_byaddr was not deleted at the time we delete the netns, because we still have a reference on it. This lingering reference comes from a secpath (which holds a ref on the xfrm_state), which is still attached to an skb. This skb is not leaked, it ends up on sk_receive_queue and then gets defer-free'd by skb_attempt_defer_free. The problem happens when we defer freeing an skb (push it on one CPU's defer_list), and don't flush that list before the netns is deleted. In that case, we still have a reference on the xfrm_state that we don't expect at this point. We already drop the skb's dst in the TCP receive path when it's no longer needed, so let's also drop the secpath. At this point, tcp_filter has already called into the LSM hooks that may require the secpath, so it should not be needed anymore. However, in some of those places, the MPTCP extension has just been attached to the skb, so we cannot simply drop all extensions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Brad Spengler reported the list_del() corruption splat in gtp_net_exit_batch_rtnl(). [0] Commit eb28fd76c0a0 ("gtp: Destroy device along with udp socket's netns dismantle.") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl() to destroy devices in each netns as done in geneve and ip tunnels. However, this could trigger ->dellink() twice for the same device during ->exit_batch_rtnl(). Say we have two netns A & B and gtp device B that resides in netns B but whose UDP socket is in netns A. 1. cleanup_net() processes netns A and then B. 2. gtp_net_exit_batch_rtnl() finds the device B while iterating netns A's gn->gtp_dev_list and calls ->dellink(). [ device B is not yet unlinked from netns B as unregister_netdevice_many() has not been called. ] 3. gtp_net_exit_batch_rtnl() finds the device B while iterating netns B's for_each_netdev() and calls ->dellink(). gtp_dellink() cleans up the device's hash table, unlinks the dev from gn->gtp_dev_list, and calls unregister_netdevice_queue(). Basically, calling gtp_dellink() multiple times is fine unless CONFIG_DEBUG_LIST is enabled. Let's remove for_each_netdev() in gtp_net_exit_batch_rtnl() and delegate the destruction to default_device_exit_batch() as done in bareudp. [0]: list_del corruption, ffff8880aaa62c00->next (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04) kernel BUG at lib/list_debug.c:58! Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1 Tainted: [T]=RANDSTRUCT Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014 Workqueue: netns cleanup_net RIP: 0010:[<ffffffff84947381>] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58 Code: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc <0f> 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60 RSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283 RAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054 RDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000 RBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32 R10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4 R13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08 RBX: kasan shadow of 0x0 RCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554 RDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58 RSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71 RBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object] RSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ] R09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ] R10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ] R15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object] FS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0 Stack: 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00 ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d Call Trace: <TASK> [<ffffffff8a0c360d>] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28 [<ffffffff8a0c360d>] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28 [<ffffffff8a0c360d>] list_del include/linux/list.h:262 [inl ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on the null pointer plus an offset. Applications and libraries that use the lzma_stream_decoder_mt function are affected. The bug has been fixed in XZ Utils 5.8.1, and the fix has been committed to the v5.4, v5.6, v5.8, and master branches in the xz Git repository. No new release packages will be made from the old stable branches, but a standalone patch is available that applies to all affected releases.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY DSA has 2 kinds of drivers: 1. Those who call dsa_switch_suspend() and dsa_switch_resume() from their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz 2. Those who don't: all others. The above methods should be optional. For type 1, dsa_switch_suspend() calls dsa_user_suspend() -> phylink_stop(), and dsa_switch_resume() calls dsa_user_resume() -> phylink_start(). These seem good candidates for setting mac_managed_pm = true because that is essentially its definition [1], but that does not seem to be the biggest problem for now, and is not what this change focuses on. Talking strictly about the 2nd category of DSA drivers here (which do not have MAC managed PM, meaning that for their attached PHYs, mdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full), I have noticed that the following warning from mdio_bus_phy_resume() is triggered: WARN_ON(phydev->state != PHY_HALTED && phydev->state != PHY_READY && phydev->state != PHY_UP); because the PHY state machine is running. It's running as a result of a previous dsa_user_open() -> ... -> phylink_start() -> phy_start() having been initiated by the user. The previous mdio_bus_phy_suspend() was supposed to have called phy_stop_machine(), but it didn't. So this is why the PHY is in state PHY_NOLINK by the time mdio_bus_phy_resume() runs. mdio_bus_phy_suspend() did not call phy_stop_machine() because for phylink, the phydev->adjust_link function pointer is NULL. This seems a technicality introduced by commit fddd91016d16 ("phylib: fix PAL state machine restart on resume"). That commit was written before phylink existed, and was intended to avoid crashing with consumer drivers which don't use the PHY state machine - phylink always does, when using a PHY. But phylink itself has historically not been developed with suspend/resume in mind, and apparently not tested too much in that scenario, allowing this bug to exist unnoticed for so long. Plus, prior to the WARN_ON(), it would have likely been invisible. This issue is not in fact restricted to type 2 DSA drivers (according to the above ad-hoc classification), but can be extrapolated to any MAC driver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where the issue was reported. Assuming mac_managed_pm is set correctly, a quick search indicates the following other drivers might be affected: $ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm drivers/net/ethernet/atheros/ag71xx.c drivers/net/ethernet/microchip/sparx5/sparx5_main.c drivers/net/ethernet/microchip/lan966x/lan966x_main.c drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c drivers/net/ethernet/freescale/fs_enet/fs_enet-main.c drivers/net/ethernet/freescale/dpaa/dpaa_eth.c drivers/net/ethernet/freescale/ucc_geth.c drivers/net/ethernet/freescale/enetc/enetc_pf_common.c drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c drivers/net/ethernet/marvell/mvneta.c drivers/net/ethernet/marvell/prestera/prestera_main.c drivers/net/ethernet/mediatek/mtk_eth_soc.c drivers/net/ethernet/altera/altera_tse_main.c drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c drivers/net/ethernet/meta/fbnic/fbnic_phylink.c drivers/net/ethernet/tehuti/tn40_phy.c drivers/net/ethernet/mscc/ocelot_net.c Make the existing conditions dependent on the PHY device having a phydev->phy_link_change() implementation equal to the default phy_link_change() provided by phylib. Otherwise, we implicitly know that the phydev has the phylink-provided phylink_phy_change() callback, and when phylink is used, the PHY state machine always needs to be stopped/ started on the suspend/resume path. The code is structured as such that if phydev->phy_link_change() is absent, it is a matter of time until the kernel will crash - no need to further complicate the test. Thus, for the situation where the PM is not managed b ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: block: fix resource leak in blk_register_queue() error path When registering a queue fails after blk_mq_sysfs_register() is successful but the function later encounters an error, we need to clean up the blk_mq_sysfs resources. Add the missing blk_mq_sysfs_unregister() call in the error path to properly clean up these resources and prevent a memory leak.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that victim is not busy, but before it has set MNT_SYNC_UMOUNT; in that case __legitimize_mnt() doesn't see that it's safe to quietly undo mnt_count increment and leaves dropping the reference to caller, where it'll be a full-blown mntput(). Check under mount_lock is needed; leaving the current one done before taking that makes no sense - it's nowhere near common enough to bother with.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQ_PREFLUSH When a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush() generates a flush_bio with REQ_OP_WRITE | REQ_PREFLUSH | REQ_SYNC, which causes the flush_bio to be throttled by wbt_wait()
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseq_cs is non-zero The rseq_cs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault on return to user-space if the value stored in the rseq_cs field doesn't point to a valid struct rseq_cs. The correct solution to this would be to fail the rseq registration when the rseq_cs field is non-zero. However, some older versions of glibc will reuse the rseq area of previous threads without clearing the rseq_cs field and will also terminate the process if the rseq registration fails in a secondary thread. This wasn't caught in testing because in this case the leftover rseq_cs does point to a valid struct rseq_cs. What we can do is clear the rseq_cs field on registration when it's non-zero which will prevent segfaults on registration and won't break the glibc versions that reuse rseq areas on thread creation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblock_phys_alloc_range() At least with CONFIG_PHYSICAL_START=0x100000, if there is < 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because memblock_phys_alloc_range() returns 0 on failure, which leads memblock_phys_free() to throw the first 4 MiB of physical memory to the wolves. At a minimum it should fail gracefully with a meaningful diagnostic, but in fact everything seems to work fine without the weird reserve allocation
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_release, leading to slab-use-after-free error.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 [1]: lock root [2]: qdisc_tree_flush_backlog() [3]: unlock root | | [5]: lock root | [6]: rehash | [7]: qdisc_tree_reduce_backlog() | [4]: qdisc_put() This can be abused to underflow a parent's qlen. Calling qdisc_purge_queue() instead of qdisc_tree_flush_backlog() should fix the race, because all packets will be purged from the qdisc before releasing the lock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIF_IO_BITMAP inconsistencies io_bitmap_exit() is invoked from exit_thread() when a task exists or when a fork fails. In the latter case the exit_thread() cleans up resources which were allocated during fork(). io_bitmap_exit() invokes task_update_io_bitmap(), which in turn ends up in tss_update_io_bitmap(). tss_update_io_bitmap() operates on the current task. If current has TIF_IO_BITMAP set, but no bitmap installed, tss_update_io_bitmap() crashes with a NULL pointer dereference. There are two issues, which lead to that problem: 1) io_bitmap_exit() should not invoke task_update_io_bitmap() when the task, which is cleaned up, is not the current task. That's a clear indicator for a cleanup after a failed fork(). 2) A task should not have TIF_IO_BITMAP set and neither a bitmap installed nor IOPL emulation level 3 activated. This happens when a kernel thread is created in the context of a user space thread, which has TIF_IO_BITMAP set as the thread flags are copied and the IO bitmap pointer is cleared. Other than in the failed fork() case this has no impact because kernel threads including IO workers never return to user space and therefore never invoke tss_update_io_bitmap(). Cure this by adding the missing cleanups and checks: 1) Prevent io_bitmap_exit() to invoke task_update_io_bitmap() if the to be cleaned up task is not the current task. 2) Clear TIF_IO_BITMAP in copy_thread() unconditionally. For user space forks it is set later, when the IO bitmap is inherited in io_bitmap_share(). For paranoia sake, add a warning into tss_update_io_bitmap() to catch the case, when that code is invoked with inconsistent state
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed to the ioctl and it accepts any mdio address. Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define, but it is possible to pass higher value than that via ioctl. While read/write operation should generally fail in this case, mdiobus provides stats array, where wrong address may allow out-of-bounds read/write. Fix that by adding address verification before read/write operation. While this excludes this access from any statistics, it improves security of read/write operation
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 ("net: gso: fix udp gso fraglist segmentation after pull from frag_list") detected invalid geometry in frag_list skbs and redirects them from skb_segment_list to more robust skb_segment. But some packets with modified geometry can also hit bugs in that code
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc->field_len[] maximum value is U8_MAX multiplied by NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case. - NFT_PIPAPO_BUCKETS(f->bb) is 2^8, worst case. - sizeof(unsigned long), from sizeof(*f->lt), lt in struct nft_pipapo_field. Then, use check_mul_overflow() to multiply by bucket size and then use check_add_overflow() to the alignment for avx2 (if needed). Finally, add lt_size_check_overflow() helper and use it to consolidate this. While at it, replace leftover allocation using the GFP_KERNEL to GFP_KERNEL_ACCOUNT for consistency, in pipapo_resize().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdr_first_de() return value The hdr_first_de() function returns a pointer to a struct NTFS_DE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help manage potential errors consistently. Additionally, error handling for the return value already exists at other points where this function is called. Found by Linux Verification Center (linuxtesting.org) with SVACE
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address: 0000000000000000 ip6_rcv_core (net/ipv6/ip6_input.c:190:20) ipv6_rcv (net/ipv6/ip6_input.c:306:8) process_backlog (net/core/dev.c:6186:4) napi_poll (net/core/dev.c:6906:9) net_rx_action (net/core/dev.c:7028:13) do_softirq (kernel/softirq.c:462:3) netif_rx (net/core/dev.c:5326:3) dev_loopback_xmit (net/core/dev.c:4015:2) ip_mc_finish_output (net/ipv4/ip_output.c:363:8) NF_HOOK (./include/linux/netfilter.h:314:9) ip_mc_output (net/ipv4/ip_output.c:400:5) dst_output (./include/net/dst.h:459:9) ip_local_out (net/ipv4/ip_output.c:130:9) ip_send_skb (net/ipv4/ip_output.c:1496:8) udp_send_skb (net/ipv4/udp.c:1040:8) udp_sendmsg (net/ipv4/udp.c:1328:10) The output interface has a 4->6 program attached at ingress. We try to loop the multicast skb back to the sending socket. Ingress BPF runs as part of netif_rx(), pushes a valid v6 hdr and changes skb->protocol to v6. We enter ip6_rcv_core which tries to use skb_dst(). But the dst is still an IPv4 one left after IPv4 mcast output. Clear the dst in all BPF helpers which change the protocol. Try to preserve metadata dsts, those may carry non-routing metadata.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the "store_modes" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in drivers/video/fbdev/core/fbcon.c:122:28 index -1 is out of range for type 'fb_info *[32]' ... fbcon_info_from_console+0x192/0x1a0 drivers/video/fbdev/core/fbcon.c:122 fbcon_new_modelist+0xbf/0x2d0 drivers/video/fbdev/core/fbcon.c:3048 fb_new_modelist+0x328/0x440 drivers/video/fbdev/core/fbmem.c:673 store_modes+0x1c9/0x3e0 drivers/video/fbdev/core/fbsysfs.c:113 dev_attr_store+0x55/0x80 drivers/base/core.c:2439 static struct fb_info *fbcon_registered_fb[FB_MAX]; ... static signed char con2fb_map[MAX_NR_CONSOLES]; ... static struct fb_info *fbcon_info_from_console(int console) ... return fbcon_registered_fb[con2fb_map[console]]; If con2fb_map contains a -1 things go wrong here. Instead, return NULL, as callers of fbcon_info_from_console() are trying to compare against existing "info" pointers, so error handling should kick in correctly
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. Similar to: b541ba7d1f5a ("netfilter: conntrack: clamp maximum hashtable size to INT_MAX")
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, [0] [0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/ idr_for_each() is protected by rwsem, but this is not enough. If it is not protected by RCU read-critical region, when idr_for_each() calls radix_tree_node_free() through call_rcu() to free the radix_tree_node structure, the node will be freed immediately, and when reading the next node in radix_tree_for_each_slot(), the already freed memory may be read. Therefore, we need to add code to make sure that idr_for_each() is protected within the RCU read-critical region when we call it in shm_destroy_orphaned().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in fb_set_var() fails to allocate memory for fb_videomode, later it may lead to a null-ptr dereference in fb_videomode_to_var(), as the fb_info is registered while not having the mode in modelist that is expected to be there, i.e. the one that is described in fb_info->var. ================================================================ general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901 Call Trace: display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929 fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071 resize_screen drivers/tty/vt/vt.c:1176 [inline] vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263 fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720 fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776 do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128 fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x67/0xd1 ================================================================ The reason is that fb_info->var is being modified in fb_set_var(), and then fb_videomode_to_var() is called. If it fails to add the mode to fb_info->modelist, fb_set_var() returns error, but does not restore the old value of fb_info->var. Restore fb_info->var on failure the same way it is done earlier in the function. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode() in do_register_framebuffer() fails to allocate memory for fb_videomode, it will later lead to a null-ptr dereference in fb_videomode_to_var(), as the fb_info is registered while not having the mode in modelist that is expected to be there, i.e. the one that is described in fb_info->var. ================================================================ general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 RIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901 Call Trace: display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929 fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071 resize_screen drivers/tty/vt/vt.c:1176 [inline] vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263 fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720 fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776 do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128 fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl fs/ioctl.c:739 [inline] __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739 do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x67/0xd1 ================================================================ Even though fbcon_init() checks beforehand if fb_match_mode() in var_to_display() fails, it can not prevent the panic because fbcon_init() does not return error code. Considering this and the comment in the code about fb_match_mode() returning NULL - "This should not happen" - it is better to prevent registering the fb_info if its mode was not set successfully. Also move fb_add_videomode() closer to the beginning of do_register_framebuffer() to avoid having to do the cleanup on fail. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: inline: fix len overflow in ext4_prepare_inline_data When running the following code on an ext4 filesystem with inline_data feature enabled, it will lead to the bug below. fd = open("file1", O_RDWR | O_CREAT | O_TRUNC, 0666); ftruncate(fd, 30); pwrite(fd, "a", 1, (1UL << 40) + 5UL); That happens because write_begin will succeed as when ext4_generic_write_inline_data calls ext4_prepare_inline_data, pos + len will be truncated, leading to ext4_prepare_inline_data parameter to be 6 instead of 0x10000000006. Then, later when write_end is called, we hit: BUG_ON(pos + len > EXT4_I(inode)->i_inline_size); at ext4_write_inline_data. Fix it by using a loff_t type for the len parameter in ext4_prepare_inline_data instead of an unsigned int. [ 44.545164] ------------[ cut here ]------------ [ 44.545530] kernel BUG at fs/ext4/inline.c:240! [ 44.545834] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 44.546172] CPU: 3 UID: 0 PID: 343 Comm: test Not tainted 6.15.0-rc2-00003-g9080916f4863 #45 PREEMPT(full) 112853fcebfdb93254270a7959841d2c6aa2c8bb [ 44.546523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 44.546523] RIP: 0010:ext4_write_inline_data+0xfe/0x100 [ 44.546523] Code: 3c 0e 48 83 c7 48 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 e4 fa 43 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 0b <0f> 0b 0f 1f 44 00 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 49 [ 44.546523] RSP: 0018:ffffb342008b79a8 EFLAGS: 00010216 [ 44.546523] RAX: 0000000000000001 RBX: ffff9329c579c000 RCX: 0000010000000006 [ 44.546523] RDX: 000000000000003c RSI: ffffb342008b79f0 RDI: ffff9329c158e738 [ 44.546523] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 44.546523] R10: 00007ffffffff000 R11: ffffffff9bd0d910 R12: 0000006210000000 [ 44.546523] R13: fffffc7e4015e700 R14: 0000010000000005 R15: ffff9329c158e738 [ 44.546523] FS: 00007f4299934740(0000) GS:ffff932a60179000(0000) knlGS:0000000000000000 [ 44.546523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.546523] CR2: 00007f4299a1ec90 CR3: 0000000002886002 CR4: 0000000000770eb0 [ 44.546523] PKRU: 55555554 [ 44.546523] Call Trace: [ 44.546523] <TASK> [ 44.546523] ext4_write_inline_data_end+0x126/0x2d0 [ 44.546523] generic_perform_write+0x17e/0x270 [ 44.546523] ext4_buffered_write_iter+0xc8/0x170 [ 44.546523] vfs_write+0x2be/0x3e0 [ 44.546523] __x64_sys_pwrite64+0x6d/0xc0 [ 44.546523] do_syscall_64+0x6a/0xf0 [ 44.546523] ? __wake_up+0x89/0xb0 [ 44.546523] ? xas_find+0x72/0x1c0 [ 44.546523] ? next_uptodate_folio+0x317/0x330 [ 44.546523] ? set_pte_range+0x1a6/0x270 [ 44.546523] ? filemap_map_pages+0x6ee/0x840 [ 44.546523] ? ext4_setattr+0x2fa/0x750 [ 44.546523] ? do_pte_missing+0x128/0xf70 [ 44.546523] ? security_inode_post_setattr+0x3e/0xd0 [ 44.546523] ? ___pte_offset_map+0x19/0x100 [ 44.546523] ? handle_mm_fault+0x721/0xa10 [ 44.546523] ? do_user_addr_fault+0x197/0x730 [ 44.546523] ? do_syscall_64+0x76/0xf0 [ 44.546523] ? arch_exit_to_user_mode_prepare+0x1e/0x60 [ 44.546523] ? irqentry_exit_to_user_mode+0x79/0x90 [ 44.546523] entry_SYSCALL_64_after_hwframe+0x55/0x5d [ 44.546523] RIP: 0033:0x7f42999c6687 [ 44.546523] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff [ 44.546523] RSP: 002b:00007ffeae4a7930 EFLAGS: 00000202 ORIG_RAX: 0000000000000012 [ 44.546523] RAX: ffffffffffffffda RBX: 00007f4299934740 RCX: 00007f42999c6687 [ 44.546523] RDX: 0000000000000001 RSI: 000055ea6149200f RDI: 0000000000000003 [ 44.546523] RBP: 00007ffeae4a79a0 R08: 0000000000000000 R09: 0000000000000000 [ 44.546523] R10: 0000010000000005 R11: 0000000000000202 R12: 0000 ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: Initialize ssc before laundromat_work to prevent NULL dereference In nfs4_state_start_net(), laundromat_work may access nfsd_ssc through nfs4_laundromat -> nfsd4_ssc_expire_umount. If nfsd_ssc isn't initialized, this can cause NULL pointer dereference. Normally the delayed start of laundromat_work allows sufficient time for nfsd_ssc initialization to complete. However, when the kernel waits too long for userspace responses (e.g. in nfs4_state_start_net -> nfsd4_end_grace -> nfsd4_record_grace_done -> nfsd4_cld_grace_done -> cld_pipe_upcall -> __cld_pipe_upcall -> wait_for_completion path), the delayed work may start before nfsd_ssc initialization finishes. Fix this by moving nfsd_ssc initialization before starting laundromat_work.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unix_stream_read_generic(). The following sequences reproduce the issue: $ python3 from socket import * s1, s2 = socketpair(AF_UNIX, SOCK_STREAM) s1.send(b'x', MSG_OOB) s2.recv(1, MSG_OOB) # leave a consumed OOB skb s1.send(b'y', MSG_OOB) s2.recv(1, MSG_OOB) # leave a consumed OOB skb s1.send(b'z', MSG_OOB) s2.recv(1) # recv 'z' illegally s2.recv(1, MSG_OOB) # access 'z' skb (use-after-free) Even though a user reads OOB data, the skb holding the data stays on the recv queue to mark the OOB boundary and break the next recv(). After the last send() in the scenario above, the sk2's recv queue has 2 leading consumed OOB skbs and 1 real OOB skb. Then, the following happens during the next recv() without MSG_OOB 1. unix_stream_read_generic() peeks the first consumed OOB skb 2. manage_oob() returns the next consumed OOB skb 3. unix_stream_read_generic() fetches the next not-yet-consumed OOB skb 4. unix_stream_read_generic() reads and frees the OOB skb , and the last recv(MSG_OOB) triggers KASAN splat. The 3. above occurs because of the SO_PEEK_OFF code, which does not expect unix_skb_len(skb) to be 0, but this is true for such consumed OOB skbs. while (skip >= unix_skb_len(skb)) { skip -= unix_skb_len(skb); skb = skb_peek_next(skb, &sk->sk_receive_queue); ... } In addition to this use-after-free, there is another issue that ioctl(SIOCATMARK) does not function properly with consecutive consumed OOB skbs. So, nothing good comes out of such a situation. Instead of complicating manage_oob(), ioctl() handling, and the next ECONNRESET fix by introducing a loop for consecutive consumed OOB skbs, let's not leave such consecutive OOB unnecessarily. Now, while receiving an OOB skb in unix_stream_recv_urg(), if its previous skb is a consumed OOB skb, it is freed. [0]: BUG: KASAN: slab-use-after-free in unix_stream_read_actor (net/unix/af_unix.c:3027) Read of size 4 at addr ffff888106ef2904 by task python3/315 CPU: 2 UID: 0 PID: 315 Comm: python3 Not tainted 6.16.0-rc1-00407-gec315832f6f9 #8 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-4.fc42 04/01/2014 Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:122) print_report (mm/kasan/report.c:409 mm/kasan/report.c:521) kasan_report (mm/kasan/report.c:636) unix_stream_read_actor (net/unix/af_unix.c:3027) unix_stream_read_generic (net/unix/af_unix.c:2708 net/unix/af_unix.c:2847) unix_stream_recvmsg (net/unix/af_unix.c:3048) sock_recvmsg (net/socket.c:1063 (discriminator 20) net/socket.c:1085 (discriminator 20)) __sys_recvfrom (net/socket.c:2278) __x64_sys_recvfrom (net/socket.c:2291 (discriminator 1) net/socket.c:2287 (discriminator 1) net/socket.c:2287 (discriminator 1)) do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) RIP: 0033:0x7f8911fcea06 Code: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 <48> 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08 RSP: 002b:00007fffdb0dccb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002d RAX: ffffffffffffffda RBX: 00007fffdb0dcdc8 RCX: 00007f8911fcea06 RDX: 0000000000000001 RSI: 00007f8911a5e060 RDI: 0000000000000006 RBP: 00007fffdb0dccd0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000202 R12: 00007f89119a7d20 R13: ffffffffc4653600 R14: 0000000000000000 R15: 0000000000000000 </TASK> Allocated by task 315: kasan_save_stack (mm/kasan/common.c:48) kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1)) __kasan_slab_alloc (mm/kasan/common.c:348) kmem_cache_alloc_ ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid __bpf_prog_ret0_warn when jit fails syzkaller reported an issue: WARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 __bpf_prog_ret0_warn+0xa/0x20 kernel/bpf/core.c:2357 Modules linked in: CPU: 3 UID: 0 PID: 217 Comm: kworker/u32:6 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 RIP: 0010:__bpf_prog_ret0_warn+0xa/0x20 kernel/bpf/core.c:2357 Call Trace: <TASK> bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline] __bpf_prog_run include/linux/filter.h:718 [inline] bpf_prog_run include/linux/filter.h:725 [inline] cls_bpf_classify+0x74a/0x1110 net/sched/cls_bpf.c:105 ... When creating bpf program, 'fp->jit_requested' depends on bpf_jit_enable. This issue is triggered because of CONFIG_BPF_JIT_ALWAYS_ON is not set and bpf_jit_enable is set to 1, causing the arch to attempt JIT the prog, but jit failed due to FAULT_INJECTION. As a result, incorrectly treats the program as valid, when the program runs it calls `__bpf_prog_ret0_warn` and triggers the WARN_ON_ONCE(1).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN() in get_bpf_raw_tp_regs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpf_trace.c:1861 get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861 Modules linked in: CPU: 3 UID: 0 PID: 5971 Comm: syz-executor205 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861 RSP: 0018:ffffc90003636fa8 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff81c6bc4c RDX: ffff888032efc880 RSI: ffffffff81c6bc83 RDI: 0000000000000005 RBP: ffff88806a730860 R08: 0000000000000005 R09: 0000000000000003 R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000004 R13: 0000000000000001 R14: ffffc90003637008 R15: 0000000000000900 FS: 0000000000000000(0000) GS:ffff8880d6cdf000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f7baee09130 CR3: 0000000029f5a000 CR4: 0000000000352ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1934 [inline] bpf_get_stack_raw_tp+0x24/0x160 kernel/trace/bpf_trace.c:1931 bpf_prog_ec3b2eefa702d8d3+0x43/0x47 bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline] __bpf_prog_run include/linux/filter.h:718 [inline] bpf_prog_run include/linux/filter.h:725 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2363 [inline] bpf_trace_run3+0x23f/0x5a0 kernel/trace/bpf_trace.c:2405 __bpf_trace_mmap_lock_acquire_returned+0xfc/0x140 include/trace/events/mmap_lock.h:47 __traceiter_mmap_lock_acquire_returned+0x79/0xc0 include/trace/events/mmap_lock.h:47 __do_trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:47 [inline] trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:47 [inline] __mmap_lock_do_trace_acquire_returned+0x138/0x1f0 mm/mmap_lock.c:35 __mmap_lock_trace_acquire_returned include/linux/mmap_lock.h:36 [inline] mmap_read_trylock include/linux/mmap_lock.h:204 [inline] stack_map_get_build_id_offset+0x535/0x6f0 kernel/bpf/stackmap.c:157 __bpf_get_stack+0x307/0xa10 kernel/bpf/stackmap.c:483 ____bpf_get_stack kernel/bpf/stackmap.c:499 [inline] bpf_get_stack+0x32/0x40 kernel/bpf/stackmap.c:496 ____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1941 [inline] bpf_get_stack_raw_tp+0x124/0x160 kernel/trace/bpf_trace.c:1931 bpf_prog_ec3b2eefa702d8d3+0x43/0x47 Tracepoint like trace_mmap_lock_acquire_returned may cause nested call as the corner case show above, which will be resolved with more general method in the future. As a result, WARN_ON_ONCE will be triggered. As Alexei suggested, remove the WARN_ON_ONCE first.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() In fb_find_mode_cvt(), iff mode->refresh somehow happens to be 0x80000000, cvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fb_cvt_hperiod(), where it's used as a divider -- division by 0 will result in kernel oops. Add a sanity check for cvt.f_refresh to avoid such overflow... Found by Linux Verification Center (linuxtesting.org) with the Svace static analysis tool.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in software_node_get_reference_args() software_node_get_reference_args() wants to get @index-th element, so the property value requires at least '(index + 1) * sizeof(*ref)' bytes but that can not be guaranteed by current OOB check, and may cause OOB for malformed property. Fix by using as OOB check '((index + 1) * sizeof(*ref) > prop->length)'.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight class passive via qlen_notify(). Most qdiscs do not expect such behaviour at this point in time and may re-activate the class eventually anyways which will lead to a use-after-free. The referenced fix commit attempted to fix this behavior for the HFSC case by moving the backlog accounting around, though this turned out to be incomplete since the parent's parent may run into the issue too. The following reproducer demonstrates this use-after-free: tc qdisc add dev lo root handle 1: drr tc filter add dev lo parent 1: basic classid 1:1 tc class add dev lo parent 1: classid 1:1 drr tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1 tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0 tc qdisc add dev lo parent 2:1 handle 3: netem tc qdisc add dev lo parent 3:1 handle 4: blackhole echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 tc class delete dev lo classid 1:1 echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888 Since backlog accounting issues leading to a use-after-frees on stale class pointers is a recurring pattern at this point, this patch takes a different approach. Instead of trying to fix the accounting, the patch ensures that qdisc_tree_reduce_backlog always calls qlen_notify when the child qdisc is empty. This solves the problem because deletion of qdiscs always involves a call to qdisc_reset() and / or qdisc_purge_queue() which ultimately resets its qlen to 0 thus causing the following qdisc_tree_reduce_backlog() to report to the parent. Note that this may call qlen_notify on passive classes multiple times. This is not a problem after the recent patch series that made all the classful qdiscs qlen_notify() handlers idempotent.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() Temporarily clear the preallocation flag when explicitly requesting allocations. Pre-existing allocations are already counted against the request through mas_node_count_gfp(), but the allocations will not happen if the MA_STATE_PREALLOC flag is set. This flag is meant to avoid re-allocating in bulk allocation mode, and to detect issues with preallocation calculations. The MA_STATE_PREALLOC flag should also always be set on zero allocations so that detection of underflow allocations will print a WARN_ON() during consumption. User visible effect of this flaw is a WARN_ON() followed by a null pointer dereference when subsequent requests for larger number of nodes is ignored, such as the vma merge retry in mmap_region() caused by drivers altering the vma flags (which happens in v6.6, at least)
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFS_LAYOUT_DRAIN bit in pnfs_update_layout(), however the pnfs_layout_hdr's plh_outstanding count was zero. It seems most likely that this is another race between the waiter and waker similar to commit ed0172af5d6f ("SUNRPC: Fix a race to wake a sync task"). Fix it up by applying the advised barrier.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. syzbot reported a warning below [1] following a fault injection in nfs_fs_proc_net_init(). [0] When nfs_fs_proc_net_init() fails, /proc/net/rpc/nfs is not removed. Later, rpc_proc_exit() tries to remove /proc/net/rpc, and the warning is logged as the directory is not empty. Let's handle the error of nfs_fs_proc_net_init() properly. [0]: FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:123) should_fail_ex (lib/fault-inject.c:73 lib/fault-inject.c:174) should_failslab (mm/failslab.c:46) kmem_cache_alloc_noprof (mm/slub.c:4178 mm/slub.c:4204) __proc_create (fs/proc/generic.c:427) proc_create_reg (fs/proc/generic.c:554) proc_create_net_data (fs/proc/proc_net.c:120) nfs_fs_proc_net_init (fs/nfs/client.c:1409) nfs_net_init (fs/nfs/inode.c:2600) ops_init (net/core/net_namespace.c:138) setup_net (net/core/net_namespace.c:443) copy_net_ns (net/core/net_namespace.c:576) create_new_namespaces (kernel/nsproxy.c:110) unshare_nsproxy_namespaces (kernel/nsproxy.c:218 (discriminator 4)) ksys_unshare (kernel/fork.c:3123) __x64_sys_unshare (kernel/fork.c:3190) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) </TASK> [1]: remove_proc_entry: removing non-empty directory 'net/rpc', leaking at least 'nfs' WARNING: CPU: 1 PID: 6120 at fs/proc/generic.c:727 remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727 Modules linked in: CPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 RIP: 0010:remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727 Code: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 40 ba a2 8b 48 c7 c7 60 b9 a2 8b e8 33 81 1d ff 90 <0f> 0b 90 90 e9 5f fe ff ff e8 04 69 5e ff 90 48 b8 00 00 00 00 00 RSP: 0018:ffffc90003637b08 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff88805f534140 RCX: ffffffff817a92c8 RDX: ffff88807da99e00 RSI: ffffffff817a92d5 RDI: 0000000000000001 RBP: ffff888033431ac0 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: 0000000000000001 R12: ffff888033431a00 R13: ffff888033431ae4 R14: ffff888033184724 R15: dffffc0000000000 FS: 0000555580328500(0000) GS:ffff888124a62000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f71733743e0 CR3: 000000007f618000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> sunrpc_exit_net+0x46/0x90 net/sunrpc/sunrpc_syms.c:76 ops_exit_list net/core/net_namespace.c:200 [inline] ops_undo_list+0x2eb/0xab0 net/core/net_namespace.c:253 setup_net+0x2e1/0x510 net/core/net_namespace.c:457 copy_net_ns+0x2a6/0x5f0 net/core/net_namespace.c:574 create_new_namespaces+0x3ea/0xa90 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0xc0/0x1f0 kernel/nsproxy.c:218 ksys_unshare+0x45b/0xa40 kernel/fork.c:3121 __do_sys_unshare kernel/fork.c:3192 [inline] __se_sys_unshare kernel/fork.c:3190 [inline] __x64_sys_unshare+0x31/0x40 kernel/fork.c:3190 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x490 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa1a6b8e929 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check that the rpc procedure being executed (rq_procinfo) is the NFSPROC4_COMPOUND procedure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix GPF in bitmap_get_stats() The commit message of commit 6ec1f0239485 ("md/md-bitmap: fix stats collection for external bitmaps") states: Remove the external bitmap check as the statistics should be available regardless of bitmap storage location. Return -EINVAL only for invalid bitmap with no storage (neither in superblock nor in external file). But, the code does not adhere to the above, as it does only check for a valid super-block for "internal" bitmaps. Hence, we observe: Oops: GPF, probably for non-canonical address 0x1cd66f1f40000028 RIP: 0010:bitmap_get_stats+0x45/0xd0 Call Trace: seq_read_iter+0x2b9/0x46a seq_read+0x12f/0x180 proc_reg_read+0x57/0xb0 vfs_read+0xf6/0x380 ksys_read+0x6d/0xf0 do_syscall_64+0x8c/0x1b0 entry_SYSCALL_64_after_hwframe+0x76/0x7e We fix this by checking the existence of a super-block for both the internal and external case.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort __tc_modify_qdisc if parent class does not exist Lion's patch [1] revealed an ancient bug in the qdisc API. Whenever a user creates/modifies a qdisc specifying as a parent another qdisc, the qdisc API will, during grafting, detect that the user is not trying to attach to a class and reject. However grafting is performed after qdisc_create (and thus the qdiscs' init callback) is executed. In qdiscs that eventually call qdisc_tree_reduce_backlog during init or change (such as fq, hhf, choke, etc), an issue arises. For example, executing the following commands: sudo tc qdisc add dev lo root handle a: htb default 2 sudo tc qdisc add dev lo parent a: handle beef fq Qdiscs such as fq, hhf, choke, etc unconditionally invoke qdisc_tree_reduce_backlog() in their control path init() or change() which then causes a failure to find the child class; however, that does not stop the unconditional invocation of the assumed child qdisc's qlen_notify with a null class. All these qdiscs make the assumption that class is non-null. The solution is ensure that qdisc_leaf() which looks up the parent class, and is invoked prior to qdisc_create(), should return failure on not finding the class. In this patch, we leverage qdisc_leaf to return ERR_PTRs whenever the parentid doesn't correspond to a class, so that we can detect it earlier on and abort before qdisc_create is called. [1] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk->sk_rmem_alloc. Netlink has this pattern in some places if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf) atomic_add(skb->truesize, &sk->sk_rmem_alloc); , which has the same problem fixed by commit 5a465a0da13e ("udp: Fix multiple wraparounds of sk->sk_rmem_alloc."). For example, if we set INT_MAX to SO_RCVBUFFORCE, the condition is always false as the two operands are of int. Then, a single socket can eat as many skb as possible until OOM happens, and we can see multiple wraparounds of sk->sk_rmem_alloc. Let's fix it by using atomic_add_return() and comparing the two variables as unsigned int. Before: [root@fedora ~]# ss -f netlink Recv-Q Send-Q Local Address:Port Peer Address:Port -1668710080 0 rtnl:nl_wraparound/293 * After: [root@fedora ~]# ss -f netlink Recv-Q Send-Q Local Address:Port Peer Address:Port 2147483072 0 rtnl:nl_wraparound/290 * ^ `--- INT_MAX - 576
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAP_SYS_ADMIN for uprobes Jann reports that uprobes can be used destructively when used in the middle of an instruction. The kernel only verifies there is a valid instruction at the requested offset, but due to variable instruction length cannot determine if this is an instruction as seen by the intended execution stream. Additionally, Mark Rutland notes that on architectures that mix data in the text segment (like arm64), a similar things can be done if the data word is 'mistaken' for an instruction. As such, require CAP_SYS_ADMIN for uprobes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo parent 1: classid 1:1 htb rate 64bit tc qdisc add dev lo parent 1:1 handle 2: netem tc qdisc add dev lo parent 2:1 handle 3: blackhole ping -I lo -c1 -W0.001 127.0.0.1 The root cause is the following: 1. htb_dequeue calls htb_dequeue_tree which calls the dequeue handler on the selected leaf qdisc 2. netem_dequeue calls enqueue on the child qdisc 3. blackhole_enqueue drops the packet and returns a value that is not just NET_XMIT_SUCCESS 4. Because of this, netem_dequeue calls qdisc_tree_reduce_backlog, and since qlen is now 0, it calls htb_qlen_notify -> htb_deactivate -> htb_deactiviate_prios -> htb_remove_class_from_row -> htb_safe_rb_erase 5. As this is the only class in the selected hprio rbtree, __rb_change_child in __rb_erase_augmented sets the rb_root pointer to NULL 6. Because blackhole_dequeue returns NULL, netem_dequeue returns NULL, which causes htb_dequeue_tree to call htb_lookup_leaf with the same hprio rbtree, and fail the BUG_ON The function graph for this scenario is shown here: 0) | htb_enqueue() { 0) + 13.635 us | netem_enqueue(); 0) 4.719 us | htb_activate_prios(); 0) # 2249.199 us | } 0) | htb_dequeue() { 0) 2.355 us | htb_lookup_leaf(); 0) | netem_dequeue() { 0) + 11.061 us | blackhole_enqueue(); 0) | qdisc_tree_reduce_backlog() { 0) | qdisc_lookup_rcu() { 0) 1.873 us | qdisc_match_from_root(); 0) 6.292 us | } 0) 1.894 us | htb_search(); 0) | htb_qlen_notify() { 0) 2.655 us | htb_deactivate_prios(); 0) 6.933 us | } 0) + 25.227 us | } 0) 1.983 us | blackhole_dequeue(); 0) + 86.553 us | } 0) # 2932.761 us | qdisc_warn_nonwc(); 0) | htb_lookup_leaf() { 0) | BUG_ON(); ------------------------------------------ The full original bug report can be seen here [1]. We can fix this just by returning NULL instead of the BUG_ON, as htb_dequeue_tree returns NULL when htb_lookup_leaf returns NULL. [1] https://lore.kernel.org/netdev/pF5XOOIim0IuEfhI-SOxTgRvNoDwuux7UHKnE_Y5-zVd4wmGvNk2ceHjKb8ORnzw0cGwfmVu42g9dL7XyJLf1NEzaztboTWcm0Ogxuojoeo=@willsroot.io/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the net device is put administratively up or down, respectively. There are a couple of problems with the above scheme. The first problem is a memory leak that can happen if the "rx-vlan-filter" feature is disabled while the device is running: # ip link add bond1 up type bond mode 0 # ethtool -K bond1 rx-vlan-filter off # ip link del dev bond1 When the device is put administratively down the "rx-vlan-filter" feature is disabled, so the 8021q module will not remove VLAN 0 and the memory will be leaked [1]. Another problem that can happen is that the kernel can automatically delete VLAN 0 when the device is put administratively down despite not adding it when the device was put administratively up since during that time the "rx-vlan-filter" feature was disabled. null-ptr-unref or bug_on[2] will be triggered by unregister_vlan_dev() for refcount imbalance if toggling filtering during runtime: $ ip link add bond0 type bond mode 0 $ ip link add link bond0 name vlan0 type vlan id 0 protocol 802.1q $ ethtool -K bond0 rx-vlan-filter off $ ifconfig bond0 up $ ethtool -K bond0 rx-vlan-filter on $ ifconfig bond0 down $ ip link del vlan0 Root cause is as below: step1: add vlan0 for real_dev, such as bond, team. register_vlan_dev vlan_vid_add(real_dev,htons(ETH_P_8021Q),0) //refcnt=1 step2: disable vlan filter feature and enable real_dev step3: change filter from 0 to 1 vlan_device_event vlan_filter_push_vids ndo_vlan_rx_add_vid //No refcnt added to real_dev vlan0 step4: real_dev down vlan_device_event vlan_vid_del(dev, htons(ETH_P_8021Q), 0); //refcnt=0 vlan_info_rcu_free //free vlan0 step5: delete vlan0 unregister_vlan_dev BUG_ON(!vlan_info); //vlan_info is null Fix both problems by noting in the VLAN info whether VLAN 0 was automatically added upon NETDEV_UP and based on that decide whether it should be deleted upon NETDEV_DOWN, regardless of the state of the "rx-vlan-filter" feature.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the queue have matching decrypt state and geometry. BUG: KASAN: slab-use-after-free in tls_strp_check_rcv+0x898/0x9a0 [tls] (net/tls/tls_strp.c:436 net/tls/tls_strp.c:530 net/tls/tls_strp.c:544) Read of size 4 at addr ffff888013085750 by task tls/13529 CPU: 2 UID: 0 PID: 13529 Comm: tls Not tainted 6.16.0-rc5-virtme Call Trace: kasan_report+0xca/0x100 tls_strp_check_rcv+0x898/0x9a0 [tls] tls_rx_rec_wait+0x2c9/0x8d0 [tls] tls_sw_recvmsg+0x40f/0x1aa0 [tls] inet_recvmsg+0x1c3/0x1f0 Always reload the queue, fast path is to have the record in the queue when we wake, anyway (IOW the path going down "if !strp->stm.full_len").
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg (called during qfq_enqueue) while other threads access it concurrently. For example, qfq_dump_class may trigger a NULL dereference, and qfq_delete_class may cause a use-after-free. This patch addresses the issue by: 1. Moved qfq_destroy_class into the critical section. 2. Added sch_tree_lock protection to qfq_dump_class and qfq_dump_class_stats.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount(2).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a result of MNT_LOCKED on a child, but it may also come from lacking admin rights in the userns of the namespace mount belongs to. clone_private_mnt() checks the former, but not the latter. There's a number of rather confusing CAP_SYS_ADMIN checks in various userns during the mount, especially with the new mount API; they serve different purposes and in case of clone_private_mnt() they usually, but not always end up covering the missing check mentioned above.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EP_MAX_NESTS+1 links. Currently, ep_loop_check_proc() ensures that the graph is loop-free and does some recursion depth checks, but those recursion depth checks don't limit the depth of the resulting tree for two reasons: - They don't look upwards in the tree. - If there are multiple downwards paths of different lengths, only one of the paths is actually considered for the depth check since commit 28d82dc1c4ed ("epoll: limit paths"). Essentially, the current recursion depth check in ep_loop_check_proc() just serves to prevent it from recursing too deeply while checking for loops. A more thorough check is done in reverse_path_check() after the new graph edge has already been created; this checks, among other things, that no paths going upwards from any non-epoll file with a length of more than 5 edges exist. However, this check does not apply to non-epoll files. As a result, it is possible to recurse to a depth of at least roughly 500, tested on v6.15. (I am unsure if deeper recursion is possible; and this may have changed with commit 8c44dac8add7 ("eventpoll: Fix priority inversion problem").) To fix it: 1. In ep_loop_check_proc(), note the subtree depth of each visited node, and use subtree depths for the total depth calculation even when a subtree has already been visited. 2. Add ep_get_upwards_depth_proc() for similarly determining the maximum depth of an upwards walk. 3. In ep_loop_check(), use these values to limit the total path length between epoll nodes to EP_MAX_NESTS edges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit This issue triggers when a userspace program does an ioctl FBIOPUT_CON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and updates the screen if console is visible. As part of mapping it has to do resize of console according to frame buffer info. if this resize fails and returns from vc_do_resize() and continues further. At this point console and new frame buffer are mapped and sets display vars. Despite failure still it continue to proceed updating the screen at later stages where vc_data is related to previous frame buffer and frame buffer info and display vars are mapped to new frame buffer and eventully leading to out-of-bounds write in fast_imageblit(). This bheviour is excepted only when fg_console is equal to requested console which is a visible console and updates screen with invalid struct references in fbcon_putcs().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix uninited ptr deref in block/scsi layout The error occurs on the third attempt to encode extents. When function ext_tree_prepare_commit() reallocates a larger buffer to retry encoding extents, the "layoutupdate_pages" page array is initialized only after the retry loop. But ext_tree_free_commitdata() is called on every iteration and tries to put pages in the array, thus dereferencing uninitialized pointers. An additional problem is that there is no limit on the maximum possible buffer_size. When there are too many extents, the client may create a layoutcommit that is larger than the maximum possible RPC size accepted by the server. During testing, we observed two typical scenarios. First, one memory page for extents is enough when we work with small files, append data to the end of the file, or preallocate extents before writing. But when we fill a new large file without preallocating, the number of extents can be huge, and counting the number of written extents in ext_tree_encode_commit() does not help much. Since this number increases even more between unlocking and locking of ext_tree, the reallocated buffer may not be large enough again and again.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr A syzbot fuzzed image triggered a BUG_ON in ext4_update_inline_data() when an inode had the INLINE_DATA_FL flag set but was missing the system.data extended attribute. Since this can happen due to a maiciouly fuzzed file system, we shouldn't BUG, but rather, report it as a corrupted file system. Add similar replacements of BUG_ON with EXT4_ERROR_INODE() ii ext4_create_inline_data() and ext4_inline_data_truncate().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fbdev: fix potential buffer overflow in do_register_framebuffer() The current implementation may lead to buffer overflow when: 1. Unregistration creates NULL gaps in registered_fb[] 2. All array slots become occupied despite num_registered_fb < FB_MAX 3. The registration loop exceeds array bounds Add boundary check to prevent registered_fb[FB_MAX] access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access In the preparation stage of CPU online, if the corresponding the rdp's->nocb_cb_kthread does not exist, will be created, there is a situation where the rdp's rcuop kthreads creation fails, and then de-offload this CPU's rdp, does not assign this CPU's rdp->nocb_cb_kthread pointer, but this rdp's->nocb_gp_rdp and rdp's->rdp_gp->nocb_gp_kthread is still valid. This will cause the subsequent re-offload operation of this offline CPU, which will pass the conditional check and the kthread_unpark() will access invalid rdp's->nocb_cb_kthread pointer. This commit therefore use rdp's->nocb_gp_kthread instead of rdp_gp's->nocb_gp_kthread for safety check.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: drbd: add missing kref_get in handle_write_conflicts With `two-primaries` enabled, DRBD tries to detect "concurrent" writes and handle write conflicts, so that even if you write to the same sector simultaneously on both nodes, they end up with the identical data once the writes are completed. In handling "superseeded" writes, we forgot a kref_get, resulting in a premature drbd_destroy_device and use after free, and further to kernel crashes with symptoms. Relevance: No one should use DRBD as a random data generator, and apparently all users of "two-primaries" handle concurrent writes correctly on layer up. That is cluster file systems use some distributed lock manager, and live migration in virtualization environments stops writes on one node before starting writes on the other node. Which means that other than for "test cases", this code path is never taken in real life. FYI, in DRBD 9, things are handled differently nowadays. We still detect "write conflicts", but no longer try to be smart about them. We decided to disconnect hard instead: upper layers must not submit concurrent writes. If they do, that's their fault.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix refcount leak on table dump There is a reference count leak in ctnetlink_dump_table(): if (res < 0) { nf_conntrack_get(&ct->ct_general); // HERE cb->args[1] = (unsigned long)ct; ... While its very unlikely, its possible that ct == last. If this happens, then the refcount of ct was already incremented. This 2nd increment is never undone. This prevents the conntrack object from being released, which in turn keeps prevents cnet->count from dropping back to 0. This will then block the netns dismantle (or conntrack rmmod) as nf_conntrack_cleanup_net_list() will wait forever. This can be reproduced by running conntrack_resize.sh selftest in a loop. It takes ~20 minutes for me on a preemptible kernel on average before I see a runaway kworker spinning in nf_conntrack_cleanup_net_list. One fix would to change this to: if (res < 0) { if (ct != last) nf_conntrack_get(&ct->ct_general); But this reference counting isn't needed in the first place. We can just store a cookie value instead. A followup patch will do the same for ctnetlink_exp_dump_table, it looks to me as if this has the same problem and like ctnetlink_dump_table, we only need a 'skip hint', not the actual object so we can apply the same cookie strategy there as well.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() Lei Lu recently reported that nfsd4_setclientid_confirm() did not check the return value from get_client_locked(). a SETCLIENTID_CONFIRM could race with a confirmed client expiring and fail to get a reference. That could later lead to a UAF. Fix this by getting a reference early in the case where there is an extant confirmed client. If that fails then treat it as if there were no confirmed client found at all. In the case where the unconfirmed client is expiring, just fail and return the result from get_client_locked().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netlink: avoid infinite retry looping in netlink_unicast() netlink_attachskb() checks for the socket's read memory allocation constraints. Firstly, it has: rmem < READ_ONCE(sk->sk_rcvbuf) to check if the just increased rmem value fits into the socket's receive buffer. If not, it proceeds and tries to wait for the memory under: rmem + skb->truesize > READ_ONCE(sk->sk_rcvbuf) The checks don't cover the case when skb->truesize + sk->sk_rmem_alloc is equal to sk->sk_rcvbuf. Thus the function neither successfully accepts these conditions, nor manages to reschedule the task - and is called in retry loop for indefinite time which is caught as: rcu: INFO: rcu_sched self-detected stall on CPU rcu: 0-....: (25999 ticks this GP) idle=ef2/1/0x4000000000000000 softirq=262269/262269 fqs=6212 (t=26000 jiffies g=230833 q=259957) NMI backtrace for cpu 0 CPU: 0 PID: 22 Comm: kauditd Not tainted 5.10.240 #68 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc42 04/01/2014 Call Trace: <IRQ> dump_stack lib/dump_stack.c:120 nmi_cpu_backtrace.cold lib/nmi_backtrace.c:105 nmi_trigger_cpumask_backtrace lib/nmi_backtrace.c:62 rcu_dump_cpu_stacks kernel/rcu/tree_stall.h:335 rcu_sched_clock_irq.cold kernel/rcu/tree.c:2590 update_process_times kernel/time/timer.c:1953 tick_sched_handle kernel/time/tick-sched.c:227 tick_sched_timer kernel/time/tick-sched.c:1399 __hrtimer_run_queues kernel/time/hrtimer.c:1652 hrtimer_interrupt kernel/time/hrtimer.c:1717 __sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 asm_call_irq_on_stack arch/x86/entry/entry_64.S:808 </IRQ> netlink_attachskb net/netlink/af_netlink.c:1234 netlink_unicast net/netlink/af_netlink.c:1349 kauditd_send_queue kernel/audit.c:776 kauditd_thread kernel/audit.c:897 kthread kernel/kthread.c:328 ret_from_fork arch/x86/entry/entry_64.S:304 Restore the original behavior of the check which commit in Fixes accidentally missed when restructuring the code. Found by Linux Verification Center (linuxtesting.org).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tracing: Limit access to parser->buffer when trace_get_user failed When the length of the string written to set_ftrace_filter exceeds FTRACE_BUFF_MAX, the following KASAN alarm will be triggered: BUG: KASAN: slab-out-of-bounds in strsep+0x18c/0x1b0 Read of size 1 at addr ffff0000d00bd5ba by task ash/165 CPU: 1 UID: 0 PID: 165 Comm: ash Not tainted 6.16.0-g6bcdbd62bd56-dirty Hardware name: linux,dummy-virt (DT) Call trace: show_stack+0x34/0x50 (C) dump_stack_lvl+0xa0/0x158 print_address_description.constprop.0+0x88/0x398 print_report+0xb0/0x280 kasan_report+0xa4/0xf0 __asan_report_load1_noabort+0x20/0x30 strsep+0x18c/0x1b0 ftrace_process_regex.isra.0+0x100/0x2d8 ftrace_regex_release+0x484/0x618 __fput+0x364/0xa58 ____fput+0x28/0x40 task_work_run+0x154/0x278 do_notify_resume+0x1f0/0x220 el0_svc+0xec/0xf0 el0t_64_sync_handler+0xa0/0xe8 el0t_64_sync+0x1ac/0x1b0 The reason is that trace_get_user will fail when processing a string longer than FTRACE_BUFF_MAX, but not set the end of parser->buffer to 0. Then an OOB access will be triggered in ftrace_regex_release-> ftrace_process_regex->strsep->strpbrk. We can solve this problem by limiting access to parser->buffer when trace_get_user failed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ftrace: Also allocate and copy hash for reading of filter files Currently the reader of set_ftrace_filter and set_ftrace_notrace just adds the pointer to the global tracer hash to its iterator. Unlike the writer that allocates a copy of the hash, the reader keeps the pointer to the filter hashes. This is problematic because this pointer is static across function calls that release the locks that can update the global tracer hashes. This can cause UAF and similar bugs. Allocate and copy the hash for reading the filter files like it is done for the writers. This not only fixes UAF bugs, but also makes the code a bit simpler as it doesn't have to differentiate when to free the iterator's hash between writers and readers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write After nfs_lock_and_join_requests() tests for whether the request is still attached to the mapping, nothing prevents a call to nfs_inode_remove_request() from succeeding until we actually lock the page group. The reason is that whoever called nfs_inode_remove_request() doesn't necessarily have a lock on the page group head. So in order to avoid races, let's take the page group lock earlier in nfs_lock_and_join_requests(), and hold it across the removal of the request in nfs_inode_remove_request().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: serial: 8250: fix panic due to PSLVERR When the PSLVERR_RESP_EN parameter is set to 1, the device generates an error response if an attempt is made to read an empty RBR (Receive Buffer Register) while the FIFO is enabled. In serial8250_do_startup(), calling serial_port_out(port, UART_LCR, UART_LCR_WLEN8) triggers dw8250_check_lcr(), which invokes dw8250_force_idle() and serial8250_clear_and_reinit_fifos(). The latter function enables the FIFO via serial_out(p, UART_FCR, p->fcr). Execution proceeds to the serial_port_in(port, UART_RX). This satisfies the PSLVERR trigger condition. When another CPU (e.g., using printk()) is accessing the UART (UART is busy), the current CPU fails the check (value & ~UART_LCR_SPAR) == (lcr & ~UART_LCR_SPAR) in dw8250_check_lcr(), causing it to enter dw8250_force_idle(). Put serial_port_out(port, UART_LCR, UART_LCR_WLEN8) under the port->lock to fix this issue. Panic backtrace: [ 0.442336] Oops - unknown exception [#1] [ 0.442343] epc : dw8250_serial_in32+0x1e/0x4a [ 0.442351] ra : serial8250_do_startup+0x2c8/0x88e ... [ 0.442416] console_on_rootfs+0x26/0x70
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Forget ranges when refining tnum after JSET Syzbot reported a kernel warning due to a range invariant violation on the following BPF program. 0: call bpf_get_netns_cookie 1: if r0 == 0 goto <exit> 2: if r0 & Oxffffffff goto <exit> The issue is on the path where we fall through both jumps. That path is unreachable at runtime: after insn 1, we know r0 != 0, but with the sign extension on the jset, we would only fallthrough insn 2 if r0 == 0. Unfortunately, is_branch_taken() isn't currently able to figure this out, so the verifier walks all branches. The verifier then refines the register bounds using the second condition and we end up with inconsistent bounds on this unreachable path: 1: if r0 == 0 goto <exit> r0: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0xffffffffffffffff) 2: if r0 & 0xffffffff goto <exit> r0 before reg_bounds_sync: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0) r0 after reg_bounds_sync: u64=[0x1, 0] var_off=(0, 0) Improving the range refinement for JSET to cover all cases is tricky. We also don't expect many users to rely on JSET given LLVM doesn't generate those instructions. So instead of improving the range refinement for JSETs, Eduard suggested we forget the ranges whenever we're narrowing tnums after a JSET. This patch implements that approach.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INT_MAX When sysctl_nr_open is set to a very high value (for example, 1073741816 as set by systemd), processes attempting to use file descriptors near the limit can trigger massive memory allocation attempts that exceed INT_MAX, resulting in a WARNING in mm/slub.c: WARNING: CPU: 0 PID: 44 at mm/slub.c:5027 __kvmalloc_node_noprof+0x21a/0x288 This happens because kvmalloc_array() and kvmalloc() check if the requested size exceeds INT_MAX and emit a warning when the allocation is not flagged with __GFP_NOWARN. Specifically, when nr_open is set to 1073741816 (0x3ffffff8) and a process calls dup2(oldfd, 1073741880), the kernel attempts to allocate: - File descriptor array: 1073741880 * 8 bytes = 8,589,935,040 bytes - Multiple bitmaps: ~400MB - Total allocation size: > 8GB (exceeding INT_MAX = 2,147,483,647) Reproducer: 1. Set /proc/sys/fs/nr_open to 1073741816: # echo 1073741816 > /proc/sys/fs/nr_open 2. Run a program that uses a high file descriptor: #include <unistd.h> #include <sys/resource.h> int main() { struct rlimit rlim = {1073741824, 1073741824}; setrlimit(RLIMIT_NOFILE, &rlim); dup2(2, 1073741880); // Triggers the warning return 0; } 3. Observe WARNING in dmesg at mm/slub.c:5027 systemd commit a8b627a introduced automatic bumping of fs.nr_open to the maximum possible value. The rationale was that systems with memory control groups (memcg) no longer need separate file descriptor limits since memory is properly accounted. However, this change overlooked that: 1. The kernel's allocation functions still enforce INT_MAX as a maximum size regardless of memcg accounting 2. Programs and tests that legitimately test file descriptor limits can inadvertently trigger massive allocations 3. The resulting allocations (>8GB) are impractical and will always fail systemd's algorithm starts with INT_MAX and keeps halving the value until the kernel accepts it. On most systems, this results in nr_open being set to 1073741816 (0x3ffffff8), which is just under 1GB of file descriptors. While processes rarely use file descriptors near this limit in normal operation, certain selftests (like tools/testing/selftests/core/unshare_test.c) and programs that test file descriptor limits can trigger this issue. Fix this by adding a check in alloc_fdtable() to ensure the requested allocation size does not exceed INT_MAX. This causes the operation to fail with -EMFILE instead of triggering a kernel warning and avoids the impractical >8GB memory allocation request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump resumption. AFAICS this has the same issue as the one resolved in the conntrack dumper, when we do if (!refcount_inc_not_zero(&exp->use)) to increment the refcount, there is a chance that exp == last, which causes a double-increment of the refcount and subsequent memory leak.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM When performing Generic Segmentation Offload (GSO) on an IPv6 packet that contains extension headers, the kernel incorrectly requests checksum offload if the egress device only advertises NETIF_F_IPV6_CSUM feature, which has a strict contract: it supports checksum offload only for plain TCP or UDP over IPv6 and explicitly does not support packets with extension headers. The current GSO logic violates this contract by failing to disable the feature for packets with extension headers, such as those used in GREoIPv6 tunnels. This violation results in the device being asked to perform an operation it cannot support, leading to a `skb_warn_bad_offload` warning and a collapse of network throughput. While device TSO/USO is correctly bypassed in favor of software GSO for these packets, the GSO stack must be explicitly told not to request checksum offload. Mask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4 in gso_features_check if the IPv6 header contains extension headers to compute checksum in software. The exception is a BIG TCP extension, which, as stated in commit 68e068cabd2c6c53 ("net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets"): "The feature is only enabled on devices that support BIG TCP TSO. The header is only present for PF_PACKET taps like tcpdump, and not transmitted by physical devices." kernel log output (truncated): WARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140 ... Call Trace: <TASK> skb_checksum_help+0x12a/0x1f0 validate_xmit_skb+0x1a3/0x2d0 validate_xmit_skb_list+0x4f/0x80 sch_direct_xmit+0x1a2/0x380 __dev_xmit_skb+0x242/0x670 __dev_queue_xmit+0x3fc/0x7f0 ip6_finish_output2+0x25e/0x5d0 ip6_finish_output+0x1fc/0x3f0 ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel] ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre] dev_hard_start_xmit+0x63/0x1c0 __dev_queue_xmit+0x6d0/0x7f0 ip6_finish_output2+0x214/0x5d0 ip6_finish_output+0x1fc/0x3f0 ip6_xmit+0x2ca/0x6f0 ip6_finish_output+0x1fc/0x3f0 ip6_xmit+0x2ca/0x6f0 inet6_csk_xmit+0xeb/0x150 __tcp_transmit_skb+0x555/0xa80 tcp_write_xmit+0x32a/0xe90 tcp_sendmsg_locked+0x437/0x1110 tcp_sendmsg+0x2f/0x50 ... skb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e skb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00 skb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00 skb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00 skb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00 skb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00 skb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9 skb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01 skb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in br_multicast_query_expired() When set multicast_query_interval to a large value, the local variable 'time' in br_multicast_send_query() may overflow. If the time is smaller than jiffies, the timer will expire immediately, and then call mod_timer() again, which creates a loop and may trigger the following soft lockup issue. watchdog: BUG: soft lockup - CPU#1 stuck for 221s! [rb_consumer:66] CPU: 1 UID: 0 PID: 66 Comm: rb_consumer Not tainted 6.16.0+ #259 PREEMPT(none) Call Trace: <IRQ> __netdev_alloc_skb+0x2e/0x3a0 br_ip6_multicast_alloc_query+0x212/0x1b70 __br_multicast_send_query+0x376/0xac0 br_multicast_send_query+0x299/0x510 br_multicast_query_expired.constprop.0+0x16d/0x1b0 call_timer_fn+0x3b/0x2a0 __run_timers+0x619/0x950 run_timer_softirq+0x11c/0x220 handle_softirqs+0x18e/0x560 __irq_exit_rcu+0x158/0x1a0 sysvec_apic_timer_interrupt+0x76/0x90 </IRQ> This issue can be reproduced with: ip link add br0 type bridge echo 1 > /sys/class/net/br0/bridge/multicast_querier echo 0xffffffffffffffff > /sys/class/net/br0/bridge/multicast_query_interval ip link set dev br0 up The multicast_startup_query_interval can also cause this issue. Similar to the commit 99b40610956a ("net: bridge: mcast: add and enforce query interval minimum"), add check for the query interval maximum to fix this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a list_del() on the epf_group field of struct pci_epf_driver in pci_epf_remove_cfs() is not correct as this field is a list head, not a list entry. This list_del() call triggers a KASAN warning when an endpoint function driver which has a configfs attribute group is torn down: ================================================================== BUG: KASAN: slab-use-after-free in pci_epf_remove_cfs+0x17c/0x198 Write of size 8 at addr ffff00010f4a0d80 by task rmmod/319 CPU: 3 UID: 0 PID: 319 Comm: rmmod Not tainted 6.16.0-rc2 #1 NONE Hardware name: Radxa ROCK 5B (DT) Call trace: show_stack+0x2c/0x84 (C) dump_stack_lvl+0x70/0x98 print_report+0x17c/0x538 kasan_report+0xb8/0x190 __asan_report_store8_noabort+0x20/0x2c pci_epf_remove_cfs+0x17c/0x198 pci_epf_unregister_driver+0x18/0x30 nvmet_pci_epf_cleanup_module+0x24/0x30 [nvmet_pci_epf] __arm64_sys_delete_module+0x264/0x424 invoke_syscall+0x70/0x260 el0_svc_common.constprop.0+0xac/0x230 do_el0_svc+0x40/0x58 el0_svc+0x48/0xdc el0t_64_sync_handler+0x10c/0x138 el0t_64_sync+0x198/0x19c ... Remove this incorrect list_del() call from pci_epf_remove_cfs().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdt_loader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the firmware buffer to ensure that we don't read past the end as we iterate over the header. e_phentsize and e_shentsize are validated as well, to ensure that the assumptions about step size in the traversal are valid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunk_sectors check in blk_stack_limits() In blk_stack_limits(), we check that the t->chunk_sectors value is a multiple of the t->physical_block_size value. However, by finding the chunk_sectors value in bytes, we may overflow the unsigned int which holds chunk_sectors, so change the check to be based on sectors.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be inherited when we cross into a new filesystem. They need to be reset to the minimal defaults, and then probed for again.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in __mark_inode_dirty() An use-after-free issue occurred when __mark_inode_dirty() get the bdi_writeback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1 ...... pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __mark_inode_dirty+0x124/0x418 lr : __mark_inode_dirty+0x118/0x418 sp : ffffffc08c9dbbc0 ........ Call trace: __mark_inode_dirty+0x124/0x418 generic_update_time+0x4c/0x60 file_modified+0xcc/0xd0 ext4_buffered_write_iter+0x58/0x124 ext4_file_write_iter+0x54/0x704 vfs_write+0x1c0/0x308 ksys_write+0x74/0x10c __arm64_sys_write+0x1c/0x28 invoke_syscall+0x48/0x114 el0_svc_common.constprop.0+0xc0/0xe0 do_el0_svc+0x1c/0x28 el0_svc+0x40/0xe4 el0t_64_sync_handler+0x120/0x12c el0t_64_sync+0x194/0x198 Root cause is: systemd-random-seed kworker ---------------------------------------------------------------------- ___mark_inode_dirty inode_switch_wbs_work_fn spin_lock(&inode->i_lock); inode_attach_wb locked_inode_to_wb_and_lock_list get inode->i_wb spin_unlock(&inode->i_lock); spin_lock(&wb->list_lock) spin_lock(&inode->i_lock) inode_io_list_move_locked spin_unlock(&wb->list_lock) spin_unlock(&inode->i_lock) spin_lock(&old_wb->list_lock) inode_do_switch_wbs spin_lock(&inode->i_lock) inode->i_wb = new_wb spin_unlock(&inode->i_lock) spin_unlock(&old_wb->list_lock) wb_put_many(old_wb, nr_switched) cgwb_release old wb released wb_wakeup_delayed() accesses wb, then trigger the use-after-free issue Fix this race condition by holding inode spinlock until wb_wakeup_delayed() finished.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path During tests of another unrelated patch I was able to trigger this error: Objects remaining on __kmem_cache_shutdown()
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Set merge to zero early in af_alg_sendmsg If an error causes af_alg_sendmsg to abort, ctx->merge may contain a garbage value from the previous loop. This may then trigger a crash on the next entry into af_alg_sendmsg when it attempts to do a merge that can't be done. Fix this by setting ctx->merge to zero near the start of the loop.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futex_wait_requeue_pi() futex_do_wait() schedule() futex_requeue() futex_proxy_trylock_atomic() futex_requeue_pi_prepare() requeue_pi_wake_futex() futex_requeue_pi_complete() /* preempt */ * timeout/ signal wakes T1 * futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED futex_hash_put() // back to userland, on stack futex_q is garbage /* back */ wake_up_state(q->task, TASK_NORMAL); In this scenario futex_wait_requeue_pi() is able to leave without using futex_q::lock_ptr for synchronization. This can be prevented by reading futex_q::task before updating the futex_q::requeue_state. A reference on the task_struct is not needed because requeue_pi_wake_futex() is invoked with a spinlock_t held which implies a RCU read section. Even if T1 terminates immediately after, the task_struct will remain valid during T2's wake_up_state(). A READ_ONCE on futex_q::task before futex_requeue_pi_complete() is enough because it ensures that the variable is read before the state is updated. Read futex_q::task before updating the requeue state, use it for the following wakeup.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Commit 1b34cbbf4f01 ("crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg") changed some fields from bool to 1-bit bitfields of type u32. However, some assignments to these fields, specifically 'more' and 'merge', assign values greater than 1. These relied on C's implicit conversion to bool, such that zero becomes false and nonzero becomes true. With a 1-bit bitfields of type u32 instead, mod 2 of the value is taken instead, resulting in 0 being assigned in some cases when 1 was intended. Fix this by restoring the bool type.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_xmit() Use RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent possible UAF.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fix race between SR-IOV enable/disable and hotplug Commit 05703271c3cd ("PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV") tried to fix a race between the VF removal inside sriov_del_vfs() and concurrent hot unplug by taking the PCI rescan/remove lock in sriov_del_vfs(). Similarly the PCI rescan/remove lock was also taken in sriov_add_vfs() to protect addition of VFs. This approach however causes deadlock on trying to remove PFs with SR-IOV enabled because PFs disable SR-IOV during removal and this removal happens under the PCI rescan/remove lock. So the original fix had to be reverted. Instead of taking the PCI rescan/remove lock in sriov_add_vfs() and sriov_del_vfs(), fix the race that occurs with SR-IOV enable and disable vs hotplug higher up in the callchain by taking the lock in sriov_numvfs_store() before calling into the driver's sriov_configure() callback.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() nvme_fc_delete_assocation() waits for pending I/O to complete before returning, and an error can cause ->ioerr_work to be queued after cancel_work_sync() had been called. Move the call to cancel_work_sync() to be after nvme_fc_delete_association() to ensure ->ioerr_work is not running when the nvme_fc_ctrl object is freed. Otherwise the following can occur: [ 1135.911754] list_del corruption, ff2d24c8093f31f8->next is NULL [ 1135.917705] ------------[ cut here ]------------ [ 1135.922336] kernel BUG at lib/list_debug.c:52! [ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI [ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary) [ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025 [ 1135.950969] Workqueue: 0x0 (nvme-wq) [ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f [ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff <0f> 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b [ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046 [ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000 [ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0 [ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08 [ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100 [ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0 [ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000 [ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0 [ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400 [ 1136.055910] PKRU: 55555554 [ 1136.058623] Call Trace: [ 1136.061074] <TASK> [ 1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0 [ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0 [ 1136.071898] ? move_linked_works+0x4a/0xa0 [ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.081744] ? __die_body.cold+0x8/0x12 [ 1136.085584] ? die+0x2e/0x50 [ 1136.088469] ? do_trap+0xca/0x110 [ 1136.091789] ? do_error_trap+0x65/0x80 [ 1136.095543] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.101289] ? exc_invalid_op+0x50/0x70 [ 1136.105127] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20 [ 1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f [ 1136.120806] move_linked_works+0x4a/0xa0 [ 1136.124733] worker_thread+0x216/0x3a0 [ 1136.128485] ? __pfx_worker_thread+0x10/0x10 [ 1136.132758] kthread+0xfa/0x240 [ 1136.135904] ? __pfx_kthread+0x10/0x10 [ 1136.139657] ret_from_fork+0x31/0x50 [ 1136.143236] ? __pfx_kthread+0x10/0x10 [ 1136.146988] ret_from_fork_asm+0x1a/0x30 [ 1136.150915] </TASK>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package do not properly validate the structure of /proc files when showing interfaces. `get_name()` in `interface.c` copies interface labels from `/proc/net/dev` into a fixed 16-byte stack buffer without bounds checking, leading to possible arbitrary code execution or crash. The known attack path does not require privilege but also does not provide privilege escalation in this scenario. A patch is available and expected to be part of version 2.20.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
CWE-407 - Inefficient Algorithmic Complexity| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload (IP, port) on the ftp control connection. This can require changes to the TCP length and expected seq / ack_seq. The easiest way to reproduce this issue is with PASV mode. Example ruleset: table inet ftp_nat { ct helper ftp_helper { type "ftp" protocol tcp l3proto inet } chain prerouting { type filter hook prerouting priority 0; policy accept; tcp dport 21 ct state new ct helper set "ftp_helper" } } table ip nat { chain prerouting { type nat hook prerouting priority -100; policy accept; tcp dport 21 dnat ip prefix to ip daddr map { 192.168.100.1 : 192.168.13.2/32 } } chain postrouting { type nat hook postrouting priority 100 ; policy accept; tcp sport 21 snat ip prefix to ip saddr map { 192.168.13.2 : 192.168.100.1/32 } } } Note that the ftp helper gets assigned *after* the dnat setup. The inverse (nat after helper assign) is handled by an existing check in nf_nat_setup_info() and will not show the problem. Topoloy: +-------------------+ +----------------------------------+ | FTP: 192.168.13.2 | <-> | NAT: 192.168.13.3, 192.168.100.1 | +-------------------+ +----------------------------------+ | +-----------------------+ | Client: 192.168.100.2 | +-----------------------+ ftp nat changes do not work as expected in this case: Connected to 192.168.100.1. [..] ftp> epsv EPSV/EPRT on IPv4 off. ftp> ls 227 Entering passive mode (192,168,100,1,209,129). 421 Service not available, remote server has closed connection. Kernel logs: Missing nfct_seqadj_ext_add() setup call WARNING: CPU: 1 PID: 0 at net/netfilter/nf_conntrack_seqadj.c:41 [..] __nf_nat_mangle_tcp_packet+0x100/0x160 [nf_nat] nf_nat_ftp+0x142/0x280 [nf_nat_ftp] help+0x4d1/0x880 [nf_conntrack_ftp] nf_confirm+0x122/0x2e0 [nf_conntrack] nf_hook_slow+0x3c/0xb0 .. Fix this by adding the required extension when a conntrack helper is assigned to a connection that has a nat binding.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin request_queue lifetime The namespaces can access the controller's admin request_queue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin request_queue is active by moving the controller's 'put' to after all controller references have been released to ensure no one is can access the request_queue. This fixes a reported use-after-free bug: BUG: KASAN: slab-use-after-free in blk_queue_enter+0x41c/0x4a0 Read of size 8 at addr ffff88c0a53819f8 by task nvme/3287 CPU: 67 UID: 0 PID: 3287 Comm: nvme Tainted: G E 6.13.2-ga1582f1a031e #15 Tainted: [E]=UNSIGNED_MODULE Hardware name: Jabil /EGS 2S MB1, BIOS 1.00 06/18/2025 Call Trace: <TASK> dump_stack_lvl+0x4f/0x60 print_report+0xc4/0x620 ? _raw_spin_lock_irqsave+0x70/0xb0 ? _raw_read_unlock_irqrestore+0x30/0x30 ? blk_queue_enter+0x41c/0x4a0 kasan_report+0xab/0xe0 ? blk_queue_enter+0x41c/0x4a0 blk_queue_enter+0x41c/0x4a0 ? __irq_work_queue_local+0x75/0x1d0 ? blk_queue_start_drain+0x70/0x70 ? irq_work_queue+0x18/0x20 ? vprintk_emit.part.0+0x1cc/0x350 ? wake_up_klogd_work_func+0x60/0x60 blk_mq_alloc_request+0x2b7/0x6b0 ? __blk_mq_alloc_requests+0x1060/0x1060 ? __switch_to+0x5b7/0x1060 nvme_submit_user_cmd+0xa9/0x330 nvme_user_cmd.isra.0+0x240/0x3f0 ? force_sigsegv+0xe0/0xe0 ? nvme_user_cmd64+0x400/0x400 ? vfs_fileattr_set+0x9b0/0x9b0 ? cgroup_update_frozen_flag+0x24/0x1c0 ? cgroup_leave_frozen+0x204/0x330 ? nvme_ioctl+0x7c/0x2c0 blkdev_ioctl+0x1a8/0x4d0 ? blkdev_common_ioctl+0x1930/0x1930 ? fdget+0x54/0x380 __x64_sys_ioctl+0x129/0x190 do_syscall_64+0x5b/0x160 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7f765f703b0b Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d dd 52 0f 00 f7 d8 64 89 01 48 RSP: 002b:00007ffe2cefe808 EFLAGS: 00000202 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007ffe2cefe860 RCX: 00007f765f703b0b RDX: 00007ffe2cefe860 RSI: 00000000c0484e41 RDI: 0000000000000003 RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000000 R10: 00007f765f611d50 R11: 0000000000000202 R12: 0000000000000003 R13: 00000000c0484e41 R14: 0000000000000001 R15: 00007ffe2cefea60 </TASK>
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fec_read_bufs, there is a loop that has 253 iterations. For each iteration, we may call verity_hash_for_block recursively. There is a limit of 4 nested recursions - that means that there may be at most 253^4 (4 billion) iterations. Red Hat QE team actually created an image that pushes dm-verity to this limit - and this image just makes the udev-worker process get stuck in the 'D' state. 2. It doesn't work. In fec_read_bufs we store data into the variable "fio->bufs", but fio bufs is shared between recursive invocations, if "verity_hash_for_block" invoked correction recursively, it would overwrite partially filled fio->bufs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue() Add proper locking in mmp_pdma_residue() to prevent use-after-free when accessing descriptor list and descriptor contents. The race occurs when multiple threads call tx_status() while the tasklet on another CPU is freeing completed descriptors: CPU 0 CPU 1 ----- ----- mmp_pdma_tx_status() mmp_pdma_residue() -> NO LOCK held list_for_each_entry(sw, ..) DMA interrupt dma_do_tasklet() -> spin_lock(&desc_lock) list_move(sw->node, ...) spin_unlock(&desc_lock) | dma_pool_free(sw) <- FREED! -> access sw->desc <- UAF! This issue can be reproduced when running dmatest on the same channel with multiple threads (threads_per_chan > 1). Fix by protecting the chain_running list iteration and descriptor access with the chan->desc_lock spinlock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an infinite loop when an attribute header indicates an empty run list, while directory entries reference it as containing actual data. In NTFS, setting evcn=-1 with svcn=0 is a valid way to represent an empty run list, and run_unpack() correctly handles this by checking if evcn + 1 equals svcn and returning early without parsing any run data. However, this creates a problem when there is metadata inconsistency, where the attribute header claims to be empty (evcn=-1) but the caller expects to read actual data. When run_unpack() immediately returns success upon seeing this condition, it leaves the runs_tree uninitialized with run->runs as a NULL. The calling function attr_load_runs_range() assumes that a successful return means that the runs were loaded and sets clen to 0, expecting the next run_lookup_entry() call to succeed. Because runs_tree remains uninitialized, run_lookup_entry() continues to fail, and the loop increments vcn by zero (vcn += 0), leading to an infinite loop. This patch adds a retry counter to detect when run_lookup_entry() fails consecutively after attr_load_runs_vcn(). If the run is still not found on the second attempt, it indicates corrupted metadata and returns -EINVAL, preventing the Denial-of-Service (DoS) vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed dentry in the ntfs3 filesystem can cause the kernel to hang during the lookup operations. By setting the HAS_SUB_NODE flag in an INDEX_ENTRY within a directory's INDEX_ALLOCATION block and manipulating the VCN pointer, an attacker can cause the indx_find() function to repeatedly read the same block, allocating 4 KB of memory each time. The kernel lacks VCN loop detection and depth limits, causing memory exhaustion and an OOM crash. This patch adds a return value check for fnd_push() to prevent a memory exhaustion vulnerability caused by infinite loops. When the index exceeds the size of the fnd->nodes array, fnd_push() returns -EINVAL. The indx_find() function checks this return value and stops processing, preventing further memory allocation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service (DoS) condition. A malformed NTFS image can cause an infinite loop when an ATTR_LIST attribute indicates a zero data size while the driver allocates memory for it. When ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, it still allocates memory because of al_aligned(0). This creates an inconsistent state where ni->attr_list.size is zero, but ni->attr_list.le is non-null. This causes ni_enum_attr_ex to incorrectly assume that no attribute list exists and enumerates only the primary MFT record. When it finds ATTR_LIST, the code reloads it and restarts the enumeration, repeating indefinitely. The mount operation never completes, hanging the kernel thread. This patch adds validation to ensure that data_size is non-zero before memory allocation. When a zero-sized ATTR_LIST is detected, the function returns -EINVAL, preventing a DoS vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
Calling NSS-backed functions that support caching via nscd may call the nscd client side code and in the GNU C Library version 2.36 under high load on x86_64 systems, the client may call memcmp on inputs that are concurrently modified by other processes or threads and crash. The nscd client in the GNU C Library uses the memcmp function with inputs that may be concurrently modified by another thread, potentially resulting in spurious cache misses, which in itself is not a security issue. However in the GNU C Library version 2.36 an optimized implementation of memcmp was introduced for x86_64 which could crash when invoked with such undefined behaviour, turning this into a potential crash of the nscd client and the application that uses it. This implementation was backported to the 2.35 branch, making the nscd client in that branch vulnerable as well. Subsequently, the fix for this issue was backported to all vulnerable branches in the GNU C Library repository. It is advised that distributions that may have cherry-picked the memcpy SSE2 optimization in their copy of the GNU C Library, also apply the fix to avoid the potential crash in the nscd client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially resulting in unintentional disclosure of neighboring data in the heap, or a program crash. A bug in the wide character pushback implementation (_IO_wdefault_pbackfail in libio/wgenops.c) causes ungetwc() to operate on the regular character buffer (fp->_IO_read_ptr) instead of the actual wide-stream read pointer (fp->_wide_data->_IO_read_ptr). The program crash may happen in cases where fp->_IO_read_ptr is not initialized and hence points to NULL. The buffer under-read requires a special situation where the input character encoding is such that there are overlaps between single byte representations and multibyte representations in that encoding, resulting in spurious matches. The spurious match case is not possible in the standard Unicode character sets.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory. These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugetlb_pmd_shared() Patch series "mm/hugetlb: fixes for PMD table sharing (incl. using mmu_gather)", v3. One functional fix, one performance regression fix, and two related comment fixes. I cleaned up my prototype I recently shared [1] for the performance fix, deferring most of the cleanups I had in the prototype to a later point. While doing that I identified the other things. The goal of this patch set is to be backported to stable trees "fairly" easily. At least patch #1 and #4. Patch #1 fixes hugetlb_pmd_shared() not detecting any sharing Patch #2 + #3 are simple comment fixes that patch #4 interacts with. Patch #4 is a fix for the reported performance regression due to excessive IPI broadcasts during fork()+exit(). The last patch is all about TLB flushes, IPIs and mmu_gather. Read: complicated There are plenty of cleanups in the future to be had + one reasonable optimization on x86. But that's all out of scope for this series. Runtime tested, with a focus on fixing the performance regression using the original reproducer [2] on x86. This patch (of 4): We switched from (wrongly) using the page count to an independent shared count. Now, shared page tables have a refcount of 1 (excluding speculative references) and instead use ptdesc->pt_share_count to identify sharing. We didn't convert hugetlb_pmd_shared(), so right now, we would never detect a shared PMD table as such, because sharing/unsharing no longer touches the refcount of a PMD table. Page migration, like mbind() or migrate_pages() would allow for migrating folios mapped into such shared PMD tables, even though the folios are not exclusive. In smaps we would account them as "private" although they are "shared", and we would be wrongly setting the PM_MMAP_EXCLUSIVE in the pagemap interface. Fix it by properly using ptdesc_pmd_is_shared() in hugetlb_pmd_shared().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate() and compared to what is logically required. nft_map_catchall_activate() is called from the abort path to re-activate catchall map elements that were deactivated during a failed transaction. It should skip elements that are already active (they don't need re-activation) and process elements that are inactive (they need to be restored). Instead, the current code does the opposite: it skips inactive elements and processes active ones. Compare the non-catchall activate callback, which is correct: nft_mapelem_activate(): if (nft_set_elem_active(ext, iter->genmask)) return 0; /* skip active, process inactive */ With the buggy catchall version: nft_map_catchall_activate(): if (!nft_set_elem_active(ext, genmask)) continue; /* skip inactive, process active */ The consequence is that when a DELSET operation is aborted, nft_setelem_data_activate() is never called for the catchall element. For NFT_GOTO verdict elements, this means nft_data_hold() is never called to restore the chain->use reference count. Each abort cycle permanently decrements chain->use. Once chain->use reaches zero, DELCHAIN succeeds and frees the chain while catchall verdict elements still reference it, resulting in a use-after-free. This is exploitable for local privilege escalation from an unprivileged user via user namespaces + nftables on distributions that enable CONFIG_USER_NS and CONFIG_NF_TABLES. Fix by removing the negation so the check matches nft_mapelem_activate(): skip active elements, process inactive ones.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking (which will create a new worker for other items), or they complete fairly quickly. But syzbot reports an issue where io-wq takes seemingly forever to exit, and with a bit of debugging, this turns out to be because it queues a bunch of big (2GB - 4096b) reads with a /dev/msr* file. Since this file type doesn't support ->read_iter(), loop_rw_iter() ends up handling them. Each read returns 16MB of data read, which takes 20 (!!) seconds. With a bunch of these pending, processing the whole chain can take a long time. Easily longer than the syzbot uninterruptible sleep timeout of 140 seconds. This then triggers a complaint off the io-wq exit path: INFO: task syz.4.135:6326 blocked for more than 143 seconds. Not tainted syzkaller #0 Blocked by coredump. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.4.135 state:D stack:26824 pid:6326 tgid:6324 ppid:5957 task_flags:0x400548 flags:0x00080000 Call Trace: <TASK> context_switch kernel/sched/core.c:5256 [inline] __schedule+0x1139/0x6150 kernel/sched/core.c:6863 __schedule_loop kernel/sched/core.c:6945 [inline] schedule+0xe7/0x3a0 kernel/sched/core.c:6960 schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75 do_wait_for_common kernel/sched/completion.c:100 [inline] __wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:121 io_wq_exit_workers io_uring/io-wq.c:1328 [inline] io_wq_put_and_exit+0x271/0x8a0 io_uring/io-wq.c:1356 io_uring_clean_tctx+0x10d/0x190 io_uring/tctx.c:203 io_uring_cancel_generic+0x69c/0x9a0 io_uring/cancel.c:651 io_uring_files_cancel include/linux/io_uring.h:19 [inline] do_exit+0x2ce/0x2bd0 kernel/exit.c:911 do_group_exit+0xd3/0x2a0 kernel/exit.c:1112 get_signal+0x2671/0x26d0 kernel/signal.c:3034 arch_do_signal_or_restart+0x8f/0x7e0 arch/x86/kernel/signal.c:337 __exit_to_user_mode_loop kernel/entry/common.c:41 [inline] exit_to_user_mode_loop+0x8c/0x540 kernel/entry/common.c:75 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline] syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline] syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline] syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline] do_syscall_64+0x4ee/0xf80 arch/x86/entry/syscall_64.c:100 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fa02738f749 RSP: 002b:00007fa0281ae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca RAX: fffffffffffffe00 RBX: 00007fa0275e6098 RCX: 00007fa02738f749 RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa0275e6098 RBP: 00007fa0275e6090 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fa0275e6128 R14: 00007fff14e4fcb0 R15: 00007fff14e4fd98 There's really nothing wrong here, outside of processing these reads will take a LONG time. However, we can speed up the exit by checking the IO_WQ_BIT_EXIT inside the io_worker_handle_work() loop, as syzbot will exit the ring after queueing up all of these reads. Then once the first item is processed, io-wq will simply cancel the rest. That should avoid syzbot running into this complaint again.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKB_GSO_DODGY flag for frag_list GSO packets, addressing low throughput issues observed when a station accesses IPv4 servers via hotspots with an IPv6-only upstream interface. Specifically, it fixes a bug in GSO segmentation when forwarding GRO packets containing a frag_list. The function skb_segment_list cannot correctly process GRO skbs that have been converted by XLAT, since XLAT only translates the header of the head skb. Consequently, skbs in the frag_list may remain untranslated, resulting in protocol inconsistencies and reduced throughput. To address this, the patch explicitly sets the SKB_GSO_DODGY flag for GSO packets in XLAT's IPv4/IPv6 protocol translation helpers (bpf_skb_proto_4_to_6 and bpf_skb_proto_6_to_4). This marks GSO packets as potentially modified after protocol translation. As a result, GSO segmentation will avoid using skb_segment_list and instead falls back to skb_segment for packets with the SKB_GSO_DODGY flag. This ensures that only safe and fully translated frag_list packets are processed by skb_segment_list, resolving protocol inconsistencies and improving throughput when forwarding GRO packets converted by XLAT.
CWE-237 - Improper Handling of Structural Elements| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provided a report and a repro fooling u32_classify(): BUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0 net/sched/cls_u32.c:221
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain to table->chains via list_add_tail_rcu() (in nft_chain_add()) before registering hooks. If nf_tables_register_hook() then fails, the error path calls nft_chain_del() (list_del_rcu()) followed by nf_tables_chain_destroy() with no RCU grace period in between. This creates two use-after-free conditions: 1) Control-plane: nf_tables_dump_chains() traverses table->chains under rcu_read_lock(). A concurrent dump can still be walking the chain when the error path frees it. 2) Packet path: for NFPROTO_INET, nf_register_net_hook() briefly installs the IPv4 hook before IPv6 registration fails. Packets entering nft_do_chain() via the transient IPv4 hook can still be dereferencing chain->blob_gen_X when the error path frees the chain. Add synchronize_rcu() between nft_chain_del() and the chain destroy so that all RCU readers -- both dump threads and in-flight packet evaluation -- have finished before the chain is freed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(), qp->rx_fpdu can be NULL. The error path in siw_tcp_rx_data() dereferences qp->rx_fpdu->more_ddp_segs without checking, which may lead to a NULL pointer deref. Only check more_ddp_segs when rx_fpdu is present. KASAN splat: [ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7] [ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len can become negative and reach ib_create_send_mad(). This can make the padding calculation exceed the segment size and trigger an out-of-bounds memset in alloc_send_rmpp_list(). Add an explicit check to reject negative data_len before creating the send buffer. KASAN splat: [ 211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0 [ 211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102 [ 211.365867] ib_create_send_mad+0xa01/0x11b0 [ 211.365887] ib_umad_write+0x853/0x1c80
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump path is walking the schedule list. Convert the parameters to an RCU-protected snapshot and swap updates under tcf_lock, freeing the previous snapshot via call_rcu(). When REPLACE omits the entry list, preserve the existing schedule so the effective state is unchanged.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held by the defragmentation engine. As reported by GangMin Kim, if such packet is that may cause a UaF when the defrag engine later on tries to tuch again such packet." act_ct was never meant to be used in the egress path, however some users are attaching it to egress today [2]. Attempting to reach a middle ground, we noticed that, while most qdiscs are not handling TC_ACT_CONSUMED, clsact/ingress qdiscs are. With that in mind, we address the issue by only allowing act_ct to bind to clsact/ingress qdiscs and shared blocks. That way it's still possible to attach act_ct to egress (albeit only with clsact). [1] https://lore.kernel.org/netdev/674b8cbfc385c6f37fb29a1de08d8fe5c2b0fbee.1771321118.git.pabeni@redhat.com/ [2] https://lore.kernel.org/netdev/cc6bfb4a-4a2b-42d8-b9ce-7ef6644fb22b@ovn.org/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race Make sure that __perf_event_overflow() runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled. This opens up a race vs perf_event_exit_event() and friends that will go and free various things the overflow path expects to be present, like the BPF program.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: macvlan: observe an RCU grace period in macvlan_common_newlink() error path valis reported that a race condition still happens after my prior patch. macvlan_common_newlink() might have made @dev visible before detecting an error, and its caller will directly call free_netdev(dev). We must respect an RCU period, either in macvlan or the core networking stack. After adding a temporary mdelay(1000) in macvlan_forward_source_one() to open the race window, valis repro was: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip link add mv0 link p2 type macvlan mode source (ip link add invalid% link p2 type macvlan mode source macaddr add 00:00:00:00:00:20 &) ; sleep 0.5 ; ping -c1 -I p1 1.2.3.4 PING 1.2.3.4 (1.2.3.4): 56 data bytes RTNETLINK answers: Invalid argument BUG: KASAN: slab-use-after-free in macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) Read of size 8 at addr ffff888016bb89c0 by task e/175 CPU: 1 UID: 1000 PID: 175 Comm: e Not tainted 6.19.0-rc8+ #33 NONE Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014 Call Trace: <IRQ> dump_stack_lvl (lib/dump_stack.c:123) print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) ? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) kasan_report (mm/kasan/report.c:597) ? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444) ? tasklet_init (kernel/softirq.c:983) macvlan_handle_frame (drivers/net/macvlan.c:501) Allocated by task 169: kasan_save_stack (mm/kasan/common.c:58) kasan_save_track (./arch/x86/include/asm/current.h:25 mm/kasan/common.c:70 mm/kasan/common.c:79) __kasan_kmalloc (mm/kasan/common.c:419) __kvmalloc_node_noprof (./include/linux/kasan.h:263 mm/slub.c:5657 mm/slub.c:7140) alloc_netdev_mqs (net/core/dev.c:12012) rtnl_create_link (net/core/rtnetlink.c:3648) rtnl_newlink (net/core/rtnetlink.c:3830 net/core/rtnetlink.c:3957 net/core/rtnetlink.c:4072) rtnetlink_rcv_msg (net/core/rtnetlink.c:6958) netlink_rcv_skb (net/netlink/af_netlink.c:2550) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131) Freed by task 169: kasan_save_stack (mm/kasan/common.c:58) kasan_save_track (./arch/x86/include/asm/current.h:25 mm/kasan/common.c:70 mm/kasan/common.c:79) kasan_save_free_info (mm/kasan/generic.c:587) __kasan_slab_free (mm/kasan/common.c:287) kfree (mm/slub.c:6674 mm/slub.c:6882) rtnl_newlink (net/core/rtnetlink.c:3845 net/core/rtnetlink.c:3957 net/core/rtnetlink.c:4072) rtnetlink_rcv_msg (net/core/rtnetlink.c:6958) netlink_rcv_skb (net/netlink/af_netlink.c:2550) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call mod_timer() on timer->timer. If the label was created first by revision 1 with XT_IDLETIMER_ALARM, the object uses alarm timer semantics and timer->timer is never initialized. Reusing that object from revision 0 causes mod_timer() on an uninitialized timer_list, triggering debugobjects warnings and possible panic when panic_on_warn=1. Fix this by rejecting revision 0 rule insertion when an existing timer with the same label is of ALARM type.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit teql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit through slave devices, but does not update skb->dev to the slave device beforehand. When a gretap tunnel is a TEQL slave, the transmit path reaches iptunnel_xmit() which saves dev = skb->dev (still pointing to teql0 master) and later calls iptunnel_xmit_stats(dev, pkt_len). This function does: get_cpu_ptr(dev->tstats) Since teql_master_setup() does not set dev->pcpu_stat_type to NETDEV_PCPU_STAT_TSTATS, the core network stack never allocates tstats for teql0, so dev->tstats is NULL. get_cpu_ptr(NULL) computes NULL + __per_cpu_offset[cpu], resulting in a page fault. BUG: unable to handle page fault for address: ffff8880e6659018 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 68bc067 P4D 68bc067 PUD 0 Oops: Oops: 0002 [#1] SMP KASAN PTI RIP: 0010:iptunnel_xmit (./include/net/ip_tunnels.h:664 net/ipv4/ip_tunnel_core.c:89) Call Trace: <TASK> ip_tunnel_xmit (net/ipv4/ip_tunnel.c:847) __gre_xmit (net/ipv4/ip_gre.c:478) gre_tap_xmit (net/ipv4/ip_gre.c:779) teql_master_xmit (net/sched/sch_teql.c:319) dev_hard_start_xmit (net/core/dev.c:3887) sch_direct_xmit (net/sched/sch_generic.c:347) __dev_queue_xmit (net/core/dev.c:4802) neigh_direct_output (net/core/neighbour.c:1660) ip_finish_output2 (net/ipv4/ip_output.c:237) __ip_finish_output.part.0 (net/ipv4/ip_output.c:315) ip_mc_output (net/ipv4/ip_output.c:369) ip_send_skb (net/ipv4/ip_output.c:1508) udp_send_skb (net/ipv4/udp.c:1195) udp_sendmsg (net/ipv4/udp.c:1485) inet_sendmsg (net/ipv4/af_inet.c:859) __sys_sendto (net/socket.c:2206) Fix this by setting skb->dev = slave before calling netdev_start_xmit(), so that tunnel xmit functions see the correct slave device with properly allocated tstats.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup() Reset eBPF program pointer to old_prog and do not decrease its ref-count if mtk_open routine in mtk_xdp_setup() fails.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: irqchip/sifive-plic: Fix frozen interrupt due to affinity setting PLIC ignores interrupt completion message for disabled interrupt, explained by the specification: The PLIC signals it has completed executing an interrupt handler by writing the interrupt ID it received from the claim to the claim/complete register. The PLIC does not check whether the completion ID is the same as the last claim ID for that target. If the completion ID does not match an interrupt source that is currently enabled for the target, the completion is silently ignored. This caused problems in the past, because an interrupt can be disabled while still being handled and plic_irq_eoi() had no effect. That was fixed by checking if the interrupt is disabled, and if so enable it, before sending the completion message. That check is done with irqd_irq_disabled(). However, that is not sufficient because the enable bit for the handling hart can be zero despite irqd_irq_disabled(d) being false. This can happen when affinity setting is changed while a hart is still handling the interrupt. This problem is easily reproducible by dumping a large file to uart (which generates lots of interrupts) and at the same time keep changing the uart interrupt's affinity setting. The uart port becomes frozen almost instantaneously. Fix this by checking PLIC's enable bit instead of irqd_irq_disabled().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which initializes it. If an IPv6 packet is injected into the interface, route_shortcircuit() is called and a NULL pointer dereference happens on neigh_lookup(). BUG: kernel NULL pointer dereference, address: 0000000000000380 Oops: Oops: 0000 [#1] SMP NOPTI [...] RIP: 0010:neigh_lookup+0x20/0x270 [...] Call Trace: <TASK> vxlan_xmit+0x638/0x1ef0 [vxlan] dev_hard_start_xmit+0x9e/0x2e0 __dev_queue_xmit+0xbee/0x14e0 packet_sendmsg+0x116f/0x1930 __sys_sendto+0x1f5/0x200 __x64_sys_sendto+0x24/0x30 do_syscall_64+0x12f/0x1590 entry_SYSCALL_64_after_hwframe+0x76/0x7e Fix this by adding an early check on route_shortcircuit() when protocol is ETH_P_IPV6. Note that ipv6_mod_enabled() cannot be used here because VXLAN can be built-in even when IPv6 is built as a module.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop When a standalone IPv6 nexthop object is created with a loopback device (e.g., "ip -6 nexthop add id 100 dev lo"), fib6_nh_init() misclassifies it as a reject route. This is because nexthop objects have no destination prefix (fc_dst=::), causing fib6_is_reject() to match any loopback nexthop. The reject path skips fib_nh_common_init(), leaving nhc_pcpu_rth_output unallocated. If an IPv4 route later references this nexthop, __mkroute_output() dereferences NULL nhc_pcpu_rth_output and panics. Simplify the check in fib6_nh_init() to only match explicit reject routes (RTF_REJECT) instead of using fib6_is_reject(). The loopback promotion heuristic in fib6_is_reject() is handled separately by ip6_route_info_create_nh(). After this change, the three cases behave as follows: 1. Explicit reject route ("ip -6 route add unreachable 2001:db8::/64"): RTF_REJECT is set, enters reject path, skips fib_nh_common_init(). No behavior change. 2. Implicit loopback reject route ("ip -6 route add 2001:db8::/32 dev lo"): RTF_REJECT is not set, takes normal path, fib_nh_common_init() is called. ip6_route_info_create_nh() still promotes it to reject afterward. nhc_pcpu_rth_output is allocated but unused, which is harmless. 3. Standalone nexthop object ("ip -6 nexthop add id 100 dev lo"): RTF_REJECT is not set, takes normal path, fib_nh_common_init() is called. nhc_pcpu_rth_output is properly allocated, fixing the crash when IPv4 routes reference this nexthop.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() l3mdev_master_dev_rcu() can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6_rt_pcpu_alloc() -> ip6_rt_get_dev_rcu() with commit 4832c30d5458 ("net: ipv6: put host and anycast routes on device with address"). KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f] RIP: 0010:ip6_rt_pcpu_alloc (net/ipv6/route.c:1418) Call Trace: ip6_pol_route (net/ipv6/route.c:2318) fib6_rule_lookup (net/ipv6/fib6_rules.c:115) ip6_route_output_flags (net/ipv6/route.c:2607) vrf_process_v6_outbound (drivers/net/vrf.c:437) I was tempted to rework the un-slaving code to clear the flag first and insert synchronize_rcu() before we remove the upper. But looks like the explicit fallback to loopback_dev is an established pattern. And I guess avoiding the synchronize_rcu() is nice, too.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim The root cause of this bug is that when 'bpf_link_put' reduces the refcount of 'shim_link->link.link' to zero, the resource is considered released but may still be referenced via 'tr->progs_hlist' in 'cgroup_shim_find'. The actual cleanup of 'tr->progs_hlist' in 'bpf_shim_tramp_link_release' is deferred. During this window, another process can cause a use-after-free via 'bpf_trampoline_link_cgroup_shim'. Based on Martin KaFai Lau's suggestions, I have created a simple patch. To fix this: Add an atomic non-zero check in 'bpf_trampoline_link_cgroup_shim'. Only increment the refcount if it is not already zero. Testing: I verified the fix by adding a delay in 'bpf_shim_tramp_link_release' to make the bug easier to trigger: static void bpf_shim_tramp_link_release(struct bpf_link *link) { /* ... */ if (!shim_link->trampoline) return; + msleep(100); WARN_ON_ONCE(bpf_trampoline_unlink_prog(&shim_link->link, shim_link->trampoline, NULL)); bpf_trampoline_put(shim_link->trampoline); } Before the patch, running a PoC easily reproduced the crash(almost 100%) with a call trace similar to KaiyanM's report. After the patch, the bug no longer occurs even after millions of iterations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk->pm.local_addr_used == 0 WARNING: net/mptcp/pm_kernel.c:1071 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline], CPU#1: syz.2.17/961 WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline], CPU#1: syz.2.17/961 WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210, CPU#1: syz.2.17/961 Modules linked in: CPU: 1 UID: 0 PID: 961 Comm: syz.2.17 Not tainted 6.19.0-08368-gfafda3b4b06b #22 PREEMPT(full) Hardware name: QEMU Ubuntu 25.10 PC v2 (i440FX + PIIX, + 10.1 machine, 1996), BIOS 1.17.0-debian-1.17.0-1build1 04/01/2014 RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline] RIP: 0010:mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline] RIP: 0010:mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210 Code: 89 c5 e8 46 30 6f fe e9 21 fd ff ff 49 83 ed 80 e8 38 30 6f fe 4c 89 ef be 03 00 00 00 e8 db 49 df fe eb ac e8 24 30 6f fe 90 <0f> 0b 90 e9 1d ff ff ff e8 16 30 6f fe eb 05 e8 0f 30 6f fe e8 9a RSP: 0018:ffffc90001663880 EFLAGS: 00010293 RAX: ffffffff82de1a6c RBX: 0000000000000000 RCX: ffff88800722b500 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffff8880158b22d0 R08: 0000000000010425 R09: ffffffffffffffff R10: ffffffff82de18ba R11: 0000000000000000 R12: ffff88800641a640 R13: ffff8880158b1880 R14: ffff88801ec3c900 R15: ffff88800641a650 FS: 00005555722c3500(0000) GS:ffff8880f909d000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f66346e0f60 CR3: 000000001607c000 CR4: 0000000000350ef0 Call Trace: <TASK> genl_family_rcv_msg_doit+0x117/0x180 net/netlink/genetlink.c:1115 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0x3a8/0x3f0 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x16d/0x240 net/netlink/af_netlink.c:2550 genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x3e9/0x4c0 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x4aa/0x5b0 net/netlink/af_netlink.c:1894 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg+0xc9/0xf0 net/socket.c:742 ____sys_sendmsg+0x272/0x3b0 net/socket.c:2592 ___sys_sendmsg+0x2de/0x320 net/socket.c:2646 __sys_sendmsg net/socket.c:2678 [inline] __do_sys_sendmsg net/socket.c:2683 [inline] __se_sys_sendmsg net/socket.c:2681 [inline] __x64_sys_sendmsg+0x110/0x1a0 net/socket.c:2681 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x143/0x440 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f66346f826d Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffc83d8bdc8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f6634985fa0 RCX: 00007f66346f826d RDX: 00000000040000b0 RSI: 0000200000000740 RDI: 0000000000000007 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6634985fa8 R13: 00007f6634985fac R14: 0000000000000000 R15: 0000000000001770 </TASK> The actions that caused that seem to be: - Set the MPTCP subflows limit to 0 - Create an MPTCP endpoint with both the 'signal' and 'subflow' flags - Create a new MPTCP connection from a different address: an ADD_ADDR linked to the MPTCP endpoint will be sent ('signal' flag), but no subflows is initiated ('subflow' flag) - Remove the MPTCP endpoint ---truncated---
CWE-911 - Improper Update of Reference Count| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() struct irdma_create_ah_resp { // 8 bytes, no padding __u32 ah_id; // offset 0 - SET (uresp.ah_id = ah->sc_ah.ah_info.ah_idx) __u8 rsvd[4]; // offset 4 - NEVER SET <- LEAK }; rsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata(). The reserved members of the structure were not zeroed.
CWE-908 - Use of Uninitialized Resource| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush qdiscs for queues which will no longer be used. qdisc_reset_all_tx_gt() currently serializes qdisc_reset() with qdisc_lock(). However, for lockless qdiscs, the dequeue path is serialized by qdisc_run_begin/end() using qdisc->seqlock instead, so qdisc_reset() can run concurrently with __qdisc_run() and free skbs while they are still being dequeued, leading to UAF. This can easily be reproduced on e.g. virtio-net by imposing heavy traffic while frequently changing the number of queue pairs: iperf3 -ub0 -c $peer -t 0 & while :; do ethtool -L eth0 combined 1 ethtool -L eth0 combined 2 done With KASAN enabled, this leads to reports like: BUG: KASAN: slab-use-after-free in __qdisc_run+0x133f/0x1760 ... Call Trace: <TASK> ... __qdisc_run+0x133f/0x1760 __dev_queue_xmit+0x248f/0x3550 ip_finish_output2+0xa42/0x2110 ip_output+0x1a7/0x410 ip_send_skb+0x2e6/0x480 udp_send_skb+0xb0a/0x1590 udp_sendmsg+0x13c9/0x1fc0 ... </TASK> Allocated by task 1270 on cpu 5 at 44.558414s: ... alloc_skb_with_frags+0x84/0x7c0 sock_alloc_send_pskb+0x69a/0x830 __ip_append_data+0x1b86/0x48c0 ip_make_skb+0x1e8/0x2b0 udp_sendmsg+0x13a6/0x1fc0 ... Freed by task 1306 on cpu 3 at 44.558445s: ... kmem_cache_free+0x117/0x5e0 pfifo_fast_reset+0x14d/0x580 qdisc_reset+0x9e/0x5f0 netif_set_real_num_tx_queues+0x303/0x840 virtnet_set_channels+0x1bf/0x260 [virtio_net] ethnl_set_channels+0x684/0xae0 ethnl_default_set_doit+0x31a/0x890 ... Serialize qdisc_reset_all_tx_gt() against the lockless dequeue path by taking qdisc->seqlock for TCQ_F_NOLOCK qdiscs, matching the serialization model already used by dev_reset_queue(). Additionally clear QDISC_STATE_NON_EMPTY after reset so the qdisc state reflects an empty queue, avoiding needless re-scheduling.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpf_xdp_frags_increase_tail(), clearly expects a truesize. Such difference leads to unspecific memory corruption issues under certain circumstances, e.g. in ixgbevf maximum DMA write size is 3 KB, so when running xskxceiver's XDP_ADJUST_TAIL_GROW_MULTI_BUFF, 6K packet fully uses all DMA-writable space in 2 buffers. This would be fine, if only rxq->frag_size was properly set to 4K, but value of 3K results in a negative tailroom, because there is a non-zero page offset. We are supposed to return -EINVAL and be done with it in such case, but due to tailroom being stored as an unsigned int, it is reported to be somewhere near UINT_MAX, resulting in a tail being grown, even if the requested offset is too much (it is around 2K in the abovementioned test). This later leads to all kinds of unspecific calltraces. [ 7340.337579] xskxceiver[1440]: segfault at 1da718 ip 00007f4161aeac9d sp 00007f41615a6a00 error 6 [ 7340.338040] xskxceiver[1441]: segfault at 7f410000000b ip 00000000004042b5 sp 00007f415bffecf0 error 4 [ 7340.338179] in libc.so.6[61c9d,7f4161aaf000+160000] [ 7340.339230] in xskxceiver[42b5,400000+69000] [ 7340.340300] likely on CPU 6 (core 0, socket 6) [ 7340.340302] Code: ff ff 01 e9 f4 fe ff ff 0f 1f 44 00 00 4c 39 f0 74 73 31 c0 ba 01 00 00 00 f0 0f b1 17 0f 85 ba 00 00 00 49 8b 87 88 00 00 00 <4c> 89 70 08 eb cc 0f 1f 44 00 00 48 8d bd f0 fe ff ff 89 85 ec fe [ 7340.340888] likely on CPU 3 (core 0, socket 3) [ 7340.345088] Code: 00 00 00 ba 00 00 00 00 be 00 00 00 00 89 c7 e8 31 ca ff ff 89 45 ec 8b 45 ec 85 c0 78 07 b8 00 00 00 00 eb 46 e8 0b c8 ff ff <8b> 00 83 f8 69 74 24 e8 ff c7 ff ff 8b 00 83 f8 0b 74 18 e8 f3 c7 [ 7340.404334] Oops: general protection fault, probably for non-canonical address 0x6d255010bdffc: 0000 [#1] SMP NOPTI [ 7340.405972] CPU: 7 UID: 0 PID: 1439 Comm: xskxceiver Not tainted 6.19.0-rc1+ #21 PREEMPT(lazy) [ 7340.408006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014 [ 7340.409716] RIP: 0010:lookup_swap_cgroup_id+0x44/0x80 [ 7340.410455] Code: 83 f8 1c 73 39 48 ba ff ff ff ff ff ff ff 03 48 8b 04 c5 20 55 fa bd 48 21 d1 48 89 ca 83 e1 01 48 d1 ea c1 e1 04 48 8d 04 90 <8b> 00 48 83 c4 10 d3 e8 c3 cc cc cc cc 31 c0 e9 98 b7 dd 00 48 89 [ 7340.412787] RSP: 0018:ffffcc5c04f7f6d0 EFLAGS: 00010202 [ 7340.413494] RAX: 0006d255010bdffc RBX: ffff891f477895a8 RCX: 0000000000000010 [ 7340.414431] RDX: 0001c17e3fffffff RSI: 00fa070000000000 RDI: 000382fc7fffffff [ 7340.415354] RBP: 00fa070000000000 R08: ffffcc5c04f7f8f8 R09: ffffcc5c04f7f7d0 [ 7340.416283] R10: ffff891f4c1a7000 R11: ffffcc5c04f7f9c8 R12: ffffcc5c04f7f7d0 [ 7340.417218] R13: 03ffffffffffffff R14: 00fa06fffffffe00 R15: ffff891f47789500 [ 7340.418229] FS: 0000000000000000(0000) GS:ffff891ffdfaa000(0000) knlGS:0000000000000000 [ 7340.419489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 7340.420286] CR2: 00007f415bfffd58 CR3: 0000000103f03002 CR4: 0000000000772ef0 [ 7340.421237] PKRU: 55555554 [ 7340.421623] Call Trace: [ 7340.421987] <TASK> [ 7340.422309] ? softleaf_from_pte+0x77/0xa0 [ 7340.422855] swap_pte_batch+0xa7/0x290 [ 7340.423363] zap_nonpresent_ptes.constprop.0.isra.0+0xd1/0x270 [ 7340.424102] zap_pte_range+0x281/0x580 [ 7340.424607] zap_pmd_range.isra.0+0xc9/0x240 [ 7340.425177] unmap_page_range+0x24d/0x420 [ 7340.425714] unmap_vmas+0xa1/0x180 [ 7340.426185] exit_mmap+0xe1/0x3b0 [ 7340.426644] __mmput+0x41/0x150 [ 7340.427098] exit_mm+0xb1/0x110 [ 7340.427539] do_exit+0x1b2/0x460 [ 7340.427992] do_group_exit+0x2d/0xc0 [ 7340.428477] get_signal+0x79d/0x7e0 [ 7340.428957] arch_do_signal_or_restart+0x34/0x100 [ 7340.429571] exit_to_user_mode_loop+0x8e/0x4c0 [ 7340.430159] do_syscall_64+0x188/ ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible context, triggering soft lockup warnings and RCU stall reports (local denial of service). We must split GC in an unlink and a reclaim phase. We cannot queue elements for freeing until pointers have been swapped. Expired elements are still exposed to both the packet path and userspace dumpers via the live copy of the data structure. call_rcu() does not protect us: dump operations or element lookups starting after call_rcu has fired can still observe the free'd element, unless the commit phase has made enough progress to swap the clone and live pointers before any new reader has picked up the old version. This a similar approach as done recently for the rbtree backend in commit 35f83a75529a ("netfilter: nft_set_rbtree: don't gc elements on insert").
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap get_upper_ifindexes() iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is MAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack, but that assumption is not correct and the number of upper devices could be larger than MAX_NEST_DEV (e.g., many macvlans), causing a stack-out-of-bounds write. Add a max parameter to get_upper_ifindexes() to avoid the issue. When there are too many upper devices, return -EOVERFLOW and abort the redirect. To reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with an XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS. Then send a packet to the device to trigger the XDP redirect path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: kalmia: validate USB endpoints The kalmia driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock There is an AB-BA deadlock when both LEDS_TRIGGER_NETDEV and LED_TRIGGER_PHY are enabled: [ 1362.049207] [<8054e4b8>] led_trigger_register+0x5c/0x1fc <-- Trying to get lock "triggers_list_lock" via down_write(&triggers_list_lock); [ 1362.054536] [<80662830>] phy_led_triggers_register+0xd0/0x234 [ 1362.060329] [<8065e200>] phy_attach_direct+0x33c/0x40c [ 1362.065489] [<80651fc4>] phylink_fwnode_phy_connect+0x15c/0x23c [ 1362.071480] [<8066ee18>] mtk_open+0x7c/0xba0 [ 1362.075849] [<806d714c>] __dev_open+0x280/0x2b0 [ 1362.080384] [<806d7668>] __dev_change_flags+0x244/0x24c [ 1362.085598] [<806d7698>] dev_change_flags+0x28/0x78 [ 1362.090528] [<807150e4>] dev_ioctl+0x4c0/0x654 <-- Hold lock "rtnl_mutex" by calling rtnl_lock(); [ 1362.094985] [<80694360>] sock_ioctl+0x2f4/0x4e0 [ 1362.099567] [<802e9c4c>] sys_ioctl+0x32c/0xd8c [ 1362.104022] [<80014504>] syscall_common+0x34/0x58 Here LED_TRIGGER_PHY is registering LED triggers during phy_attach while holding RTNL and then taking triggers_list_lock. [ 1362.191101] [<806c2640>] register_netdevice_notifier+0x60/0x168 <-- Trying to get lock "rtnl_mutex" via rtnl_lock(); [ 1362.197073] [<805504ac>] netdev_trig_activate+0x194/0x1e4 [ 1362.202490] [<8054e28c>] led_trigger_set+0x1d4/0x360 <-- Hold lock "triggers_list_lock" by down_read(&triggers_list_lock); [ 1362.207511] [<8054eb38>] led_trigger_write+0xd8/0x14c [ 1362.212566] [<80381d98>] sysfs_kf_bin_write+0x80/0xbc [ 1362.217688] [<8037fcd8>] kernfs_fop_write_iter+0x17c/0x28c [ 1362.223174] [<802cbd70>] vfs_write+0x21c/0x3c4 [ 1362.227712] [<802cc0c4>] ksys_write+0x78/0x12c [ 1362.232164] [<80014504>] syscall_common+0x34/0x58 Here LEDS_TRIGGER_NETDEV is being enabled on an LED. It first takes triggers_list_lock and then RTNL. A classical AB-BA deadlock. phy_led_triggers_registers() does not require the RTNL, it does not make any calls into the network stack which require protection. There is also no requirement the PHY has been attached to a MAC, the triggers only make use of phydev state. This allows the call to phy_led_triggers_registers() to be placed elsewhere. PHY probe() and release() don't hold RTNL, so solving the AB-BA deadlock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data set_new_password() hex dumps the entire buffer, which contains plaintext password data, including current and new passwords. Remove the hex dump to avoid leaking credentials.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ife: Fix metalist update behavior Whenever an ife action replace changes the metalist, instead of replacing the old data on the metalist, the current ife code is appending the new metadata. Aside from being innapropriate behavior, this may lead to an unbounded addition of metadata to the metalist which might cause an out of bounds error when running the encode op: [ 138.423369][ C1] ================================================================== [ 138.424317][ C1] BUG: KASAN: slab-out-of-bounds in ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.424906][ C1] Write of size 4 at addr ffff8880077f4ffe by task ife_out_out_bou/255 [ 138.425778][ C1] CPU: 1 UID: 0 PID: 255 Comm: ife_out_out_bou Not tainted 7.0.0-rc1-00169-gfbdfa8da05b6 #624 PREEMPT(full) [ 138.425795][ C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 138.425800][ C1] Call Trace: [ 138.425804][ C1] <IRQ> [ 138.425808][ C1] dump_stack_lvl (lib/dump_stack.c:122) [ 138.425828][ C1] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) [ 138.425839][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 138.425844][ C1] ? __virt_addr_valid (./arch/x86/include/asm/preempt.h:95 (discriminator 1) ./include/linux/rcupdate.h:975 (discriminator 1) ./include/linux/mmzone.h:2207 (discriminator 1) arch/x86/mm/physaddr.c:54 (discriminator 1)) [ 138.425853][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.425859][ C1] kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:597) [ 138.425868][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.425878][ C1] kasan_check_range (mm/kasan/generic.c:186 (discriminator 1) mm/kasan/generic.c:200 (discriminator 1)) [ 138.425884][ C1] __asan_memset (mm/kasan/shadow.c:84 (discriminator 2)) [ 138.425889][ C1] ife_tlv_meta_encode (net/ife/ife.c:168) [ 138.425893][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:171) [ 138.425898][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 138.425903][ C1] ife_encode_meta_u16 (net/sched/act_ife.c:57) [ 138.425910][ C1] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114) [ 138.425916][ C1] ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 3)) [ 138.425921][ C1] ? __pfx_ife_encode_meta_u16 (net/sched/act_ife.c:45) [ 138.425927][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 138.425931][ C1] tcf_ife_act (net/sched/act_ife.c:847 net/sched/act_ife.c:879) To solve this issue, fix the replace behavior by adding the metalist to the ife rcu data structure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: fix divide by zero in the offload path Offloading ETS requires computing each class' WRR weight: this is done by averaging over the sums of quanta as 'q_sum' and 'q_psum'. Using unsigned int, the same integer size as the individual DRR quanta, can overflow and even cause division by zero, like it happened in the following splat: Oops: divide error: 0000 [#1] SMP PTI CPU: 13 UID: 0 PID: 487 Comm: tc Tainted: G E 6.19.0-virtme #45 PREEMPT(full) Tainted: [E]=UNSIGNED_MODULE Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets] Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 <41> f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44 RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246 RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660 RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000 FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0 Call Trace: <TASK> ets_qdisc_change+0x870/0xf40 [sch_ets] qdisc_create+0x12b/0x540 tc_modify_qdisc+0x6d7/0xbd0 rtnetlink_rcv_msg+0x168/0x6b0 netlink_rcv_skb+0x5c/0x110 netlink_unicast+0x1d6/0x2b0 netlink_sendmsg+0x22e/0x470 ____sys_sendmsg+0x38a/0x3c0 ___sys_sendmsg+0x99/0xe0 __sys_sendmsg+0x8a/0xf0 do_syscall_64+0x111/0xf80 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f440b81c77e Code: 4d 89 d8 e8 d4 bc 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 <c9> c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa RSP: 002b:00007fff951e4c10 EFLAGS: 00000202 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000481820 RCX: 00007f440b81c77e RDX: 0000000000000000 RSI: 00007fff951e4cd0 RDI: 0000000000000003 RBP: 00007fff951e4c20 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff951f4fa8 R13: 00000000699ddede R14: 00007f440bb01000 R15: 0000000000486980 </TASK> Modules linked in: sch_ets(E) netdevsim(E) ---[ end trace 0000000000000000 ]--- RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets] Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 <41> f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44 RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246 RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660 RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000 FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0 Kernel panic - not syncing: Fatal exception Kernel Offset: 0x30000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff) ---[ end Kernel panic - not syncing: Fatal exception ]--- Fix this using 64-bit integers for 'q_sum' and 'q_psum'.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which initializes it. Then, if neigh_suppress is enabled and an ICMPv6 Neighbor Discovery packet reaches the bridge, br_do_suppress_nd() will dereference ipv6_stub->nd_tbl which is NULL, passing it to neigh_lookup(). This causes a kernel NULL pointer dereference. BUG: kernel NULL pointer dereference, address: 0000000000000268 Oops: 0000 [#1] PREEMPT SMP NOPTI [...] RIP: 0010:neigh_lookup+0x16/0xe0 [...] Call Trace: <IRQ> ? neigh_lookup+0x16/0xe0 br_do_suppress_nd+0x160/0x290 [bridge] br_handle_frame_finish+0x500/0x620 [bridge] br_handle_frame+0x353/0x440 [bridge] __netif_receive_skb_core.constprop.0+0x298/0x1110 __netif_receive_skb_one_core+0x3d/0xa0 process_backlog+0xa0/0x140 __napi_poll+0x2c/0x170 net_rx_action+0x2c4/0x3a0 handle_softirqs+0xd0/0x270 do_softirq+0x3f/0x60 Fix this by replacing IS_ENABLED(IPV6) call with ipv6_mod_enabled() in the callers. This is in essence disabling NS/NA suppression when IPv6 is disabled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_CT: drop pending enqueued packets on template removal Templates refer to objects that can go away while packets are sitting in nfqueue refer to: - helper, this can be an issue on module removal. - timeout policy, nfnetlink_cttimeout might remove it. The use of templates with zone and event cache filter are safe, since this just copies values. Flush these enqueued packets in case the template rule gets removed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error Call synchronize_rcu() after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this flowtable to packet path and nfnetlink_hook control plane. This error path is rare, it should only happen by reaching the maximum number hooks or by failing to set up to hardware offload, just call synchronize_rcu(). There is a check for already used device hooks by different flowtable that could result in EEXIST at this late stage. The hook parser can be updated to perform this check earlier to this error path really becomes rarely exercised. Uncovered by KASAN reported as use-after-free from nfnetlink_hook path when dumping hooks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfnetlink_osf: validate individual option lengths in fingerprints nfnl_osf_add_callback() validates opt_num bounds and string NUL-termination but does not check individual option length fields. A zero-length option causes nf_osf_match_one() to enter the option matching loop even when foptsize sums to zero, which matches packets with no TCP options where ctx->optp is NULL: Oops: general protection fault KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98) Call Trace: nf_osf_match (net/netfilter/nfnetlink_osf.c:227) xt_osf_match_packet (net/netfilter/xt_osf.c:32) ipt_do_table (net/ipv4/netfilter/ip_tables.c:293) nf_hook_slow (net/netfilter/core.c:623) ip_local_deliver (net/ipv4/ip_input.c:262) ip_rcv (net/ipv4/ip_input.c:573) Additionally, an MSS option (kind=2) with length < 4 causes out-of-bounds reads when nf_osf_match_one() unconditionally accesses optp[2] and optp[3] for MSS value extraction. While RFC 9293 section 3.2 specifies that the MSS option is always exactly 4 bytes (Kind=2, Length=4), the check uses "< 4" rather than "!= 4" because lengths greater than 4 do not cause memory safety issues -- the buffer is guaranteed to be at least foptsize bytes by the ctx->optsize == foptsize check. Reject fingerprints where any option has zero length, or where an MSS option has length less than 4, at add time rather than trusting these values in the packet matching hot path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmp_tag_validation() icmp_tag_validation() unconditionally dereferences the result of rcu_dereference(inet_protos[proto]) without checking for NULL. The inet_protos[] array is sparse -- only about 15 of 256 protocol numbers have registered handlers. When ip_no_pmtu_disc is set to 3 (hardened PMTU mode) and the kernel receives an ICMP Fragmentation Needed error with a quoted inner IP header containing an unregistered protocol number, the NULL dereference causes a kernel panic in softirq context. Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017] RIP: 0010:icmp_unreach (net/ipv4/icmp.c:1085 net/ipv4/icmp.c:1143) Call Trace: <IRQ> icmp_rcv (net/ipv4/icmp.c:1527) ip_protocol_deliver_rcu (net/ipv4/ip_input.c:207) ip_local_deliver_finish (net/ipv4/ip_input.c:242) ip_local_deliver (net/ipv4/ip_input.c:262) ip_rcv (net/ipv4/ip_input.c:573) __netif_receive_skb_one_core (net/core/dev.c:6164) process_backlog (net/core/dev.c:6628) handle_softirqs (kernel/softirq.c:561) </IRQ> Add a NULL check before accessing icmp_strict_tag_validation. If the protocol has no registered handler, return false since it cannot perform strict tag validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: tls: Purge async_hold in tls_decrypt_async_wait() The async_hold queue pins encrypted input skbs while the AEAD engine references their scatterlist data. Once tls_decrypt_async_wait() returns, every AEAD operation has completed and the engine no longer references those skbs, so they can be freed unconditionally. A subsequent patch adds batch async decryption to tls_sw_read_sock(), introducing a new call site that must drain pending AEAD operations and release held skbs. Move __skb_queue_purge(&ctx->async_hold) into tls_decrypt_async_wait() so the purge is centralized and every caller -- recvmsg's drain path, the -EBUSY fallback in tls_do_decryption(), and the new read_sock batch path -- releases held skbs on synchronization without each site managing the purge independently. This fixes a leak when tls_strp_msg_hold() fails part-way through, after having added some cloned skbs to the async_hold queue. tls_decrypt_sg() will then call tls_decrypt_async_wait() to process all pending decrypts, and drop back to synchronous mode, but tls_sw_recvmsg() only flushes the async_hold queue when one record has been processed in "fully-async" mode, which may not be the case here. [pabeni@redhat.com: added leak comment]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler Commit 31a7a0bbeb00 ("dpaa2-switch: add bounds check for if_id in IRQ handler") introduces a range check for if_id to avoid an out-of-bounds access. If an out-of-bounds if_id is detected, the interrupt status is not cleared. This may result in an interrupt storm. Clear the interrupt status after detecting an out-of-bounds if_id to avoid the problem. Found by an experimental AI code review agent at Google.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nand_lock() and nand_unlock() call into chip->ops.lock_area/unlock_area without holding the NAND device lock. On controllers that implement SET_FEATURES via multiple low-level PIO commands, these can race with concurrent UBI/UBIFS background erase/write operations that hold the device lock, resulting in cmd_pending conflicts on the NAND controller. Add nand_get_device()/nand_release_device() around the lock/unlock operations to serialize them against all other NAND controller access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with global_tx_fc in buffer switching mvpp2_bm_switch_buffers() unconditionally calls mvpp2_bm_pool_update_priv_fc() when switching between per-cpu and shared buffer pool modes. This function programs CM3 flow control registers via mvpp2_cm3_read()/mvpp2_cm3_write(), which dereference priv->cm3_base without any NULL check. When the CM3 SRAM resource is not present in the device tree (the third reg entry added by commit 60523583b07c ("dts: marvell: add CM3 SRAM memory to cp11x ethernet device tree")), priv->cm3_base remains NULL and priv->global_tx_fc is false. Any operation that triggers mvpp2_bm_switch_buffers(), for example an MTU change that crosses the jumbo frame threshold, will crash: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 Mem abort info: ESR = 0x0000000096000006 EC = 0x25: DABT (current EL), IL = 32 bits pc : readl+0x0/0x18 lr : mvpp2_cm3_read.isra.0+0x14/0x20 Call trace: readl+0x0/0x18 mvpp2_bm_pool_update_fc+0x40/0x12c mvpp2_bm_pool_update_priv_fc+0x94/0xd8 mvpp2_bm_switch_buffers.isra.0+0x80/0x1c0 mvpp2_change_mtu+0x140/0x380 __dev_set_mtu+0x1c/0x38 dev_set_mtu_ext+0x78/0x118 dev_set_mtu+0x48/0xa8 dev_ifsioc+0x21c/0x43c dev_ioctl+0x2d8/0x42c sock_ioctl+0x314/0x378 Every other flow control call site in the driver already guards hardware access with either priv->global_tx_fc or port->tx_fc. mvpp2_bm_switch_buffers() is the only place that omits this check. Add the missing priv->global_tx_fc guard to both the disable and re-enable calls in mvpp2_bm_switch_buffers(), consistent with the rest of the driver.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: udp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n When CONFIG_IPV6 is disabled, the udp_sock_create6() function returns 0 (success) without actually creating a socket. Callers such as fou_create() then proceed to dereference the uninitialized socket pointer, resulting in a NULL pointer dereference. The captured NULL deref crash: BUG: kernel NULL pointer dereference, address: 0000000000000018 RIP: 0010:fou_nl_add_doit (net/ipv4/fou_core.c:590 net/ipv4/fou_core.c:764) [...] Call Trace: <TASK> genl_family_rcv_msg_doit.constprop.0 (net/netlink/genetlink.c:1114) genl_rcv_msg (net/netlink/genetlink.c:1194 net/netlink/genetlink.c:1209) [...] netlink_rcv_skb (net/netlink/af_netlink.c:2550) genl_rcv (net/netlink/genetlink.c:1219) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sock_sendmsg (net/socket.c:727 (discriminator 1) net/socket.c:742 (discriminator 1)) __sys_sendto (./include/linux/file.h:62 (discriminator 1) ./include/linux/file.h:83 (discriminator 1) net/socket.c:2183 (discriminator 1)) __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) entry_SYSCALL_64_after_hwframe (net/arch/x86/entry/entry_64.S:130) This patch makes udp_sock_create6 return -EPFNOSUPPORT instead, so callers correctly take their error paths. There is only one caller of the vulnerable function and only privileged users can trigger it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpm_resume" This is caused by aqc111_suspend calling the PM variant of its write_cmd routine. The simplified call trace looks like this: rpm_suspend() usb_suspend_both() - here udev->dev.power.runtime_status == RPM_SUSPENDING aqc111_suspend() - called for the usb device interface aqc111_write32_cmd() usb_autopm_get_interface() pm_runtime_resume_and_get() rpm_resume() - here we call rpm_resume() on our parent rpm_resume() - Here we wait for a status change that will never happen. At this point we block another task which holds rtnl_lock and locks up the whole networking stack. Fix this by replacing the write_cmd calls with their _nopm variants
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teql_master_xmit Whenever a TEQL devices has a lockless Qdisc as root, qdisc_reset should be called using the seq_lock to avoid racing with the datapath. Failure to do so may cause crashes like the following: [ 238.028993][ T318] BUG: KASAN: double-free in skb_release_data (net/core/skbuff.c:1139) [ 238.029328][ T318] Free of addr ffff88810c67ec00 by task poc_teql_uaf_ke/318 [ 238.029749][ T318] [ 238.029900][ T318] CPU: 3 UID: 0 PID: 318 Comm: poc_teql_ke Not tainted 7.0.0-rc3-00149-ge5b31d988a41 #704 PREEMPT(full) [ 238.029906][ T318] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 238.029910][ T318] Call Trace: [ 238.029913][ T318] <TASK> [ 238.029916][ T318] dump_stack_lvl (lib/dump_stack.c:122) [ 238.029928][ T318] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) [ 238.029940][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029944][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) ... [ 238.029957][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029969][ T318] kasan_report_invalid_free (mm/kasan/report.c:221 mm/kasan/report.c:563) [ 238.029979][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029989][ T318] check_slab_allocation (mm/kasan/common.c:231) [ 238.029995][ T318] kmem_cache_free (mm/slub.c:2637 (discriminator 1) mm/slub.c:6168 (discriminator 1) mm/slub.c:6298 (discriminator 1)) [ 238.030004][ T318] skb_release_data (net/core/skbuff.c:1139) ... [ 238.030025][ T318] sk_skb_reason_drop (net/core/skbuff.c:1256) [ 238.030032][ T318] pfifo_fast_reset (./include/linux/ptr_ring.h:171 ./include/linux/ptr_ring.h:309 ./include/linux/skb_array.h:98 net/sched/sch_generic.c:827) [ 238.030039][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) ... [ 238.030054][ T318] qdisc_reset (net/sched/sch_generic.c:1034) [ 238.030062][ T318] teql_destroy (./include/linux/spinlock.h:395 net/sched/sch_teql.c:157) [ 238.030071][ T318] __qdisc_destroy (./include/net/pkt_sched.h:328 net/sched/sch_generic.c:1077) [ 238.030077][ T318] qdisc_graft (net/sched/sch_api.c:1062 net/sched/sch_api.c:1053 net/sched/sch_api.c:1159) [ 238.030089][ T318] ? __pfx_qdisc_graft (net/sched/sch_api.c:1091) [ 238.030095][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030102][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030106][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030114][ T318] tc_get_qdisc (net/sched/sch_api.c:1529 net/sched/sch_api.c:1556) ... [ 238.072958][ T318] Allocated by task 303 on cpu 5 at 238.026275s: [ 238.073392][ T318] kasan_save_stack (mm/kasan/common.c:58) [ 238.073884][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5)) [ 238.074230][ T318] __kasan_slab_alloc (mm/kasan/common.c:369) [ 238.074578][ T318] kmem_cache_alloc_node_noprof (./include/linux/kasan.h:253 mm/slub.c:4542 mm/slub.c:4869 mm/slub.c:4921) [ 238.076091][ T318] kmalloc_reserve (net/core/skbuff.c:616 (discriminator 107)) [ 238.076450][ T318] __alloc_skb (net/core/skbuff.c:713) [ 238.076834][ T318] alloc_skb_with_frags (./include/linux/skbuff.h:1383 net/core/skbuff.c:6763) [ 238.077178][ T318] sock_alloc_send_pskb (net/core/sock.c:2997) [ 238.077520][ T318] packet_sendmsg (net/packet/af_packet.c:2926 net/packet/af_packet.c:3019 net/packet/af_packet.c:3108) [ 238.081469][ T318] [ 238.081870][ T318] Freed by task 299 on cpu 1 at 238.028496s: [ 238.082761][ T318] kasan_save_stack (mm/kasan/common.c:58) [ 238.083481][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5)) [ 238.085348][ T318] kasan_save_free_info (mm/kasan/generic.c:587 (discriminator 1)) [ 238.085900][ T318] __kasan_slab_free (mm/ ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock() Syzkaller reported a panic in smc_tcp_syn_recv_sock() [1]. smc_tcp_syn_recv_sock() is called in the TCP receive path (softirq) via icsk_af_ops->syn_recv_sock on the clcsock (TCP listening socket). It reads sk_user_data to get the smc_sock pointer. However, when the SMC listen socket is being closed concurrently, smc_close_active() sets clcsock->sk_user_data to NULL under sk_callback_lock, and then the smc_sock itself can be freed via sock_put() in smc_release(). This leads to two issues: 1) NULL pointer dereference: sk_user_data is NULL when accessed. 2) Use-after-free: sk_user_data is read as non-NULL, but the smc_sock is freed before its fields (e.g., queued_smc_hs, ori_af_ops) are accessed. The race window looks like this (the syzkaller crash [1] triggers via the SYN cookie path: tcp_get_cookie_sock() -> smc_tcp_syn_recv_sock(), but the normal tcp_check_req() path has the same race): CPU A (softirq) CPU B (process ctx) tcp_v4_rcv() TCP_NEW_SYN_RECV: sk = req->rsk_listener sock_hold(sk) /* No lock on listener */ smc_close_active(): write_lock_bh(cb_lock) sk_user_data = NULL write_unlock_bh(cb_lock) ... smc_clcsock_release() sock_put(smc->sk) x2 -> smc_sock freed! tcp_check_req() smc_tcp_syn_recv_sock(): smc = user_data(sk) -> NULL or dangling smc->queued_smc_hs -> crash! Note that the clcsock and smc_sock are two independent objects with separate refcounts. TCP stack holds a reference on the clcsock, which keeps it alive, but this does NOT prevent the smc_sock from being freed. Fix this by using RCU and refcount_inc_not_zero() to safely access smc_sock. Since smc_tcp_syn_recv_sock() is called in the TCP three-way handshake path, taking read_lock_bh on sk_callback_lock is too heavy and would not survive a SYN flood attack. Using rcu_read_lock() is much more lightweight. - Set SOCK_RCU_FREE on the SMC listen socket so that smc_sock freeing is deferred until after the RCU grace period. This guarantees the memory is still valid when accessed inside rcu_read_lock(). - Use rcu_read_lock() to protect reading sk_user_data. - Use refcount_inc_not_zero(&smc->sk.sk_refcnt) to pin the smc_sock. If the refcount has already reached zero (close path completed), it returns false and we bail out safely. Note: smc_hs_congested() has a similar lockless read of sk_user_data without rcu_read_lock(), but it only checks for NULL and accesses the global smc_hs_wq, never dereferencing any smc_sock field, so it is not affected. Reproducer was verified with mdelay injection and smc_run, the issue no longer occurs with this patch applied. [1] https://syzkaller.appspot.com/bug?extid=827ae2bfb3a3529333e9
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in pm_runtime_work() may dereference the dev->parent pointer after the parent device has been freed: /* Maybe the parent is now able to suspend. */ if (parent && !parent->power.ignore_children) { spin_unlock(&dev->power.lock); spin_lock(&parent->power.lock); rpm_idle(parent, RPM_ASYNC); spin_unlock(&parent->power.lock); spin_lock(&dev->power.lock); } Fix this by inserting a flush_work() call in pm_runtime_remove(). Without this patch blktest block/001 triggers the following complaint sporadically: BUG: KASAN: slab-use-after-free in lock_acquire+0x70/0x160 Read of size 1 at addr ffff88812bef7198 by task kworker/u553:1/3081 Workqueue: pm pm_runtime_work Call Trace: <TASK> dump_stack_lvl+0x61/0x80 print_address_description.constprop.0+0x8b/0x310 print_report+0xfd/0x1d7 kasan_report+0xd8/0x1d0 __kasan_check_byte+0x42/0x60 lock_acquire.part.0+0x38/0x230 lock_acquire+0x70/0x160 _raw_spin_lock+0x36/0x50 rpm_suspend+0xc6a/0xfe0 rpm_idle+0x578/0x770 pm_runtime_work+0xee/0x120 process_one_work+0xde3/0x1410 worker_thread+0x5eb/0xfe0 kthread+0x37b/0x480 ret_from_fork+0x6cb/0x920 ret_from_fork_asm+0x11/0x20 </TASK> Allocated by task 4314: kasan_save_stack+0x2a/0x50 kasan_save_track+0x18/0x40 kasan_save_alloc_info+0x3d/0x50 __kasan_kmalloc+0xa0/0xb0 __kmalloc_noprof+0x311/0x990 scsi_alloc_target+0x122/0xb60 [scsi_mod] __scsi_scan_target+0x101/0x460 [scsi_mod] scsi_scan_channel+0x179/0x1c0 [scsi_mod] scsi_scan_host_selected+0x259/0x2d0 [scsi_mod] store_scan+0x2d2/0x390 [scsi_mod] dev_attr_store+0x43/0x80 sysfs_kf_write+0xde/0x140 kernfs_fop_write_iter+0x3ef/0x670 vfs_write+0x506/0x1470 ksys_write+0xfd/0x230 __x64_sys_write+0x76/0xc0 x64_sys_call+0x213/0x1810 do_syscall_64+0xee/0xfc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Freed by task 4314: kasan_save_stack+0x2a/0x50 kasan_save_track+0x18/0x40 kasan_save_free_info+0x3f/0x50 __kasan_slab_free+0x67/0x80 kfree+0x225/0x6c0 scsi_target_dev_release+0x3d/0x60 [scsi_mod] device_release+0xa3/0x220 kobject_cleanup+0x105/0x3a0 kobject_put+0x72/0xd0 put_device+0x17/0x20 scsi_device_dev_release+0xacf/0x12c0 [scsi_mod] device_release+0xa3/0x220 kobject_cleanup+0x105/0x3a0 kobject_put+0x72/0xd0 put_device+0x17/0x20 scsi_device_put+0x7f/0xc0 [scsi_mod] sdev_store_delete+0xa5/0x120 [scsi_mod] dev_attr_store+0x43/0x80 sysfs_kf_write+0xde/0x140 kernfs_fop_write_iter+0x3ef/0x670 vfs_write+0x506/0x1470 ksys_write+0xfd/0x230 __x64_sys_write+0x76/0xc0 x64_sys_call+0x213/0x1810
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown A potential race condition exists in mana_hwc_destroy_channel() where hwc->caller_ctx is freed before the HWC's Completion Queue (CQ) and Event Queue (EQ) are destroyed. This allows an in-flight CQ interrupt handler to dereference freed memory, leading to a use-after-free or NULL pointer dereference in mana_hwc_handle_resp(). mana_smc_teardown_hwc() signals the hardware to stop but does not synchronize against IRQ handlers already executing on other CPUs. The IRQ synchronization only happens in mana_hwc_destroy_cq() via mana_gd_destroy_eq() -> mana_gd_deregister_irq(). Since this runs after kfree(hwc->caller_ctx), a concurrent mana_hwc_rx_event_handler() can dereference freed caller_ctx (and rxq->msg_buf) in mana_hwc_handle_resp(). Fix this by reordering teardown to reverse-of-creation order: destroy the TX/RX work queues and CQ/EQ before freeing hwc->caller_ctx. This ensures all in-flight interrupt handlers complete before the memory they access is freed.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to DecodeH323_UserInformation(). If the encoded length is 0, the decrement wraps to -1, which is then passed as a large value to the decoder, leading to an out-of-bounds read. Add a check to ensure len is positive after the decrement.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case In decode_int(), the CONS case calls get_bits(bs, 2) to read a length value, then calls get_uint(bs, len) without checking that len bytes remain in the buffer. The existing boundary check only validates the 2 bits for get_bits(), not the subsequent 1-4 bytes that get_uint() reads. This allows a malformed H.323/RAS packet to cause a 1-4 byte slab-out-of-bounds read. Add a boundary check for len bytes after get_bits() and before get_uint().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() sip_help_tcp() parses the SIP Content-Length header with simple_strtoul(), which returns unsigned long, but stores the result in unsigned int clen. On 64-bit systems, values exceeding UINT_MAX are silently truncated before computing the SIP message boundary. For example, Content-Length 4294967328 (2^32 + 32) is truncated to 32, causing the parser to miscalculate where the current message ends. The loop then treats trailing data in the TCP segment as a second SIP message and processes it through the SDP parser. Fix this by changing clen to unsigned long to match the return type of simple_strtoul(), and reject Content-Length values that exceed the remaining TCP payload length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() ctnetlink_dump_exp_ct() stores a conntrack pointer in cb->data for the netlink dump callback ctnetlink_exp_ct_dump_table(), but drops the conntrack reference immediately after netlink_dump_start(). When the dump spans multiple rounds, the second recvmsg() triggers the dump callback which dereferences the now-freed conntrack via nfct_help(ct), leading to a use-after-free on ct->ext. The bug is that the netlink_dump_control has no .start or .done callbacks to manage the conntrack reference across dump rounds. Other dump functions in the same file (e.g. ctnetlink_get_conntrack) properly use .start/.done callbacks for this purpose. Fix this by adding .start and .done callbacks that hold and release the conntrack reference for the duration of the dump, and move the nfct_help() call after the cb->args[0] early-return check in the dump callback to avoid dereferencing ct->ext unnecessarily. BUG: KASAN: slab-use-after-free in ctnetlink_exp_ct_dump_table+0x4f/0x2e0 Read of size 8 at addr ffff88810597ebf0 by task ctnetlink_poc/133 CPU: 1 UID: 0 PID: 133 Comm: ctnetlink_poc Not tainted 7.0.0-rc2+ #3 PREEMPTLAZY Call Trace: <TASK> ctnetlink_exp_ct_dump_table+0x4f/0x2e0 netlink_dump+0x333/0x880 netlink_recvmsg+0x3e2/0x4b0 ? aa_sk_perm+0x184/0x450 sock_recvmsg+0xde/0xf0 Allocated by task 133: kmem_cache_alloc_noprof+0x134/0x440 __nf_conntrack_alloc+0xa8/0x2b0 ctnetlink_create_conntrack+0xa1/0x900 ctnetlink_new_conntrack+0x3cf/0x7d0 nfnetlink_rcv_msg+0x48e/0x510 netlink_rcv_skb+0xc9/0x1f0 nfnetlink_rcv+0xdb/0x220 netlink_unicast+0x3ec/0x590 netlink_sendmsg+0x397/0x690 __sys_sendmsg+0xf4/0x180 Freed by task 0: slab_free_after_rcu_debug+0xad/0x1e0 rcu_core+0x5c3/0x9c0
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qman_destroy_fq When QMAN_FQ_FLAG_DYNAMIC_FQID is set, there's a race condition between fq_table[fq->idx] state and freeing/allocating from the pool and WARN_ON(fq_table[fq->idx]) in qman_create_fq() gets triggered. Indeed, we can have: Thread A Thread B qman_destroy_fq() qman_create_fq() qman_release_fqid() qman_shutdown_fq() gen_pool_free() -- At this point, the fqid is available again -- qman_alloc_fqid() -- so, we can get the just-freed fqid in thread B -- fq->fqid = fqid; fq->idx = fqid * 2; WARN_ON(fq_table[fq->idx]); fq_table[fq->idx] = fq; fq_table[fq->idx] = NULL; And adding some logs between qman_release_fqid() and fq_table[fq->idx] = NULL makes the WARN_ON() trigger a lot more. To prevent that, ensure that fq_table[fq->idx] is set to NULL before gen_pool_free() is called by using smp_wmb().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, commit 439a1bcac648 ("fortify: Use __builtin_dynamic_object_size() when available") produces the warning below and an oops. Searching for RedBoot partition table in 50000000.flash at offset 0x7e0000 ------------[ cut here ]------------ WARNING: lib/string_helpers.c:1035 at 0xc029e04c, CPU#0: swapper/0/1 memcmp: detected buffer overflow: 15 byte read of buffer size 14 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.19.0 #1 NONE As Kees said, "'names' is pointing to the final 'namelen' many bytes of the allocation ... 'namelen' could be basically any length at all. This fortify warning looks legit to me -- this code used to be reading beyond the end of the allocation." Since the size of the dynamic allocation is calculated with strlen() we can use strcmp() instead of memcmp() and remain within bounds.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: spi: fix statistics allocation The controller per-cpu statistics is not allocated until after the controller has been registered with driver core, which leaves a window where accessing the sysfs attributes can trigger a NULL-pointer dereference. Fix this by moving the statistics allocation to controller allocation while tying its lifetime to that of the controller (rather than using implicit devres).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free on controller registration failure Make sure to deregister from driver core also in the unlikely event that per-cpu statistics allocation fails during controller registration to avoid use-after-free (of driver resources) and unclocked register accesses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via get_ts_info ethtool call which is possible while the interface is just present in the kernel. BUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426 Read of size 4 at addr ffff8880194345cc by task syz.0.6/948 CPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106 print_address_description mm/kasan/report.c:316 [inline] print_report+0x17f/0x496 mm/kasan/report.c:420 kasan_report+0xd9/0x180 mm/kasan/report.c:524 ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426 gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349 macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371 __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558 ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline] __dev_ethtool net/ethtool/ioctl.c:3017 [inline] dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095 dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510 sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215 sock_ioctl+0x577/0x6d0 net/socket.c:1320 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl fs/ioctl.c:856 [inline] __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:46 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 </TASK> Allocated by task 457: kmalloc include/linux/slab.h:563 [inline] kzalloc include/linux/slab.h:699 [inline] ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235 gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375 macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920 __dev_open+0x2ce/0x500 net/core/dev.c:1501 __dev_change_flags+0x56a/0x740 net/core/dev.c:8651 dev_change_flags+0x92/0x170 net/core/dev.c:8722 do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833 __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608 rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655 rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150 netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872 sock_sendmsg_nosec net/socket.c:718 [inline] __sock_sendmsg+0x14b/0x180 net/socket.c:730 __sys_sendto+0x320/0x3b0 net/socket.c:2152 __do_sys_sendto net/socket.c:2164 [inline] __se_sys_sendto net/socket.c:2160 [inline] __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160 do_syscall_x64 arch/x86/entry/common.c:46 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 Freed by task 938: kasan_slab_free include/linux/kasan.h:177 [inline] slab_free_hook mm/slub.c:1729 [inline] slab_free_freelist_hook mm/slub.c:1755 [inline] slab_free mm/slub.c:3687 [inline] __kmem_cache_free+0xbc/0x320 mm/slub.c:3700 device_release+0xa0/0x240 drivers/base/core.c:2507 kobject_cleanup lib/kobject.c:681 [inline] kobject_release lib/kobject.c:712 [inline] kref_put include/linux/kref.h:65 [inline] kobject_put+0x1cd/0x350 lib/kobject.c:729 put_device+0x1b/0x30 drivers/base/core.c:3805 ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391 gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404 macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966 __dev_close_many+0x1b9/0x310 net/core/dev.c:1585 __dev_close net/core/dev.c:1597 [inline] __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649 dev_change_fl ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated based on OPEN responses and does not account for LOCK denied responses, which include the conflicting lock owner as a variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT). When a LOCK operation is denied due to a conflict with an existing lock that has a large owner, nfsd4_encode_operation() copies the full encoded response into the undersized replay buffer via read_bytes_from_xdr_buf() with no bounds check. This results in a slab-out-of-bounds write of up to 944 bytes past the end of the buffer, corrupting adjacent heap memory. This can be triggered remotely by an unauthenticated attacker with two cooperating NFSv4.0 clients: one sets a lock with a large owner string, then the other requests a conflicting lock to provoke the denial. We could fix this by increasing NFSD4_REPLAY_ISIZE to allow for a full opaque, but that would increase the size of every stateowner, when most lockowners are not that large. Instead, fix this by checking the encoded response length against NFSD4_REPLAY_ISIZE before copying into the replay buffer. If the response is too large, set rp_buflen to 0 to skip caching the replay payload. The status is still cached, and the client already received the correct response on the original request.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module init and persists for the module's lifetime. exports_proc_open() captures the caller's current network namespace and stores its svc_export_cache in seq->private, but takes no reference on the namespace. If the namespace is subsequently torn down (e.g. container destruction after the opener does setns() to a different namespace), nfsd_net_exit() calls nfsd_export_shutdown() which frees the cache. Subsequent reads on the still-open fd dereference the freed cache_detail, walking a freed hash table. Hold a reference on the struct net for the lifetime of the open file descriptor. This prevents nfsd_net_exit() from running -- and thus prevents nfsd_export_shutdown() from freeing the cache -- while any exports fd is open. cache_detail already stores its net pointer (cd->net, set by cache_create_net()), so exports_release() can retrieve it without additional per-file storage.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix crash due to unvalidated vcc pointer in sigd_send() Reproducer available at [1]. The ATM send path (sendmsg -> vcc_sendmsg -> sigd_send) reads the vcc pointer from msg->vcc and uses it directly without any validation. This pointer comes from userspace via sendmsg() and can be arbitrarily forged: int fd = socket(AF_ATMSVC, SOCK_DGRAM, 0); ioctl(fd, ATMSIGD_CTRL); // become ATM signaling daemon struct msghdr msg = { .msg_iov = &iov, ... }; *(unsigned long *)(buf + 4) = 0xdeadbeef; // fake vcc pointer sendmsg(fd, &msg, 0); // kernel dereferences 0xdeadbeef In normal operation, the kernel sends the vcc pointer to the signaling daemon via sigd_enq() when processing operations like connect(), bind(), or listen(). The daemon is expected to return the same pointer when responding. However, a malicious daemon can send arbitrary pointer values. Fix this by introducing find_get_vcc() which validates the pointer by searching through vcc_hash (similar to how sigd_close() iterates over all VCCs), and acquires a reference via sock_hold() if found. Since struct atm_vcc embeds struct sock as its first member, they share the same lifetime. Therefore using sock_hold/sock_put is sufficient to keep the vcc alive while it is being used. Note that there may be a race with sigd_close() which could mark the vcc with various flags (e.g., ATM_VF_RELEASED) after find_get_vcc() returns. However, sock_hold() guarantees the memory remains valid, so this race only affects the logical state, not memory safety. [1]: https://gist.github.com/mrpre/1ba5949c45529c511152e2f4c755b0f3
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetlink and /proc to dump the helper name. Using nfct_help() without holding a reference to the master conntrack is unsafe. Use exp->master->helper in ctnetlink path if userspace does not provide an explicit helper when creating an expectation to retain the existing behaviour. The ctnetlink expectation path holds the reference on the master conntrack and nf_conntrack_expect lock and the nfnetlink glue path refers to the master ct that is attached to the skb.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported : <quote> I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that can panic the kernel via `skb_under_panic()` (local DoS). The core issue is a mismatch between: - a 16-bit length accumulator (`struct ipv6_txoptions::opt_flen`, type `__u16`) and - a pointer to the *last* provided destination-options header (`opt->dst1opt`) when multiple `IPV6_DSTOPTS` control messages (cmsgs) are provided. - `include/net/ipv6.h`: - `struct ipv6_txoptions::opt_flen` is `__u16` (wrap possible). (lines 291-307, especially 298) - `net/ipv6/datagram.c:ip6_datagram_send_ctl()`: - Accepts repeated `IPV6_DSTOPTS` and accumulates into `opt_flen` without rejecting duplicates. (lines 909-933) - `net/ipv6/ip6_output.c:__ip6_append_data()`: - Uses `opt->opt_flen + opt->opt_nflen` to compute header sizes/headroom decisions. (lines 1448-1466, especially 1463-1465) - `net/ipv6/ip6_output.c:__ip6_make_skb()`: - Calls `ipv6_push_frag_opts()` if `opt->opt_flen` is non-zero. (lines 1930-1934) - `net/ipv6/exthdrs.c:ipv6_push_frag_opts()` / `ipv6_push_exthdr()`: - Push size comes from `ipv6_optlen(opt->dst1opt)` (based on the pointed-to header). (lines 1179-1185 and 1206-1211) 1. `opt_flen` is a 16-bit accumulator: - `include/net/ipv6.h:298` defines `__u16 opt_flen; /* after fragment hdr */`. 2. `ip6_datagram_send_ctl()` accepts *repeated* `IPV6_DSTOPTS` cmsgs and increments `opt_flen` each time: - In `net/ipv6/datagram.c:909-933`, for `IPV6_DSTOPTS`: - It computes `len = ((hdr->hdrlen + 1) << 3);` - It checks `CAP_NET_RAW` using `ns_capable(net->user_ns, CAP_NET_RAW)`. (line 922) - Then it does: - `opt->opt_flen += len;` (line 927) - `opt->dst1opt = hdr;` (line 928) There is no duplicate rejection here (unlike the legacy `IPV6_2292DSTOPTS` path which rejects duplicates at `net/ipv6/datagram.c:901-904`). If enough large `IPV6_DSTOPTS` cmsgs are provided, `opt_flen` wraps while `dst1opt` still points to a large (2048-byte) destination-options header. In the attached PoC (`poc.c`): - 32 cmsgs with `hdrlen=255` => `len = (255+1)*8 = 2048` - 1 cmsg with `hdrlen=0` => `len = 8` - Total increment: `32*2048 + 8 = 65544`, so `(__u16)opt_flen == 8` - The last cmsg is 2048 bytes, so `dst1opt` points to a 2048-byte header. 3. The transmit path sizes headers using the wrapped `opt_flen`: - In `net/ipv6/ip6_output.c:1463-1465`: - `headersize = sizeof(struct ipv6hdr) + (opt ? opt->opt_flen + opt->opt_nflen : 0) + ...;` With wrapped `opt_flen`, `headersize`/headroom decisions underestimate what will be pushed later. 4. When building the final skb, the actual push length comes from `dst1opt` and is not limited by wrapped `opt_flen`: - In `net/ipv6/ip6_output.c:1930-1934`: - `if (opt->opt_flen) proto = ipv6_push_frag_opts(skb, opt, proto);` - In `net/ipv6/exthdrs.c:1206-1211`, `ipv6_push_frag_opts()` pushes `dst1opt` via `ipv6_push_exthdr()`. - In `net/ipv6/exthdrs.c:1179-1184`, `ipv6_push_exthdr()` does: - `skb_push(skb, ipv6_optlen(opt));` - `memcpy(h, opt, ipv6_optlen(opt));` With insufficient headroom, `skb_push()` underflows and triggers `skb_under_panic()` -> `BUG()`: - `net/core/skbuff.c:2669-2675` (`skb_push()` calls `skb_under_panic()`) - `net/core/skbuff.c:207-214` (`skb_panic()` ends in `BUG()`) - The `IPV6_DSTOPTS` cmsg path requires `CAP_NET_RAW` in the target netns user namespace (`ns_capable(net->user_ns, CAP_NET_RAW)`). - Root (or any task with `CAP_NET_RAW`) can trigger this without user namespaces. - An unprivileged `uid=1000` user can trigger this if unprivileged user namespaces are enabled and it can create a userns+netns to obtain namespaced `CAP_NET_RAW` (the attached PoC does this). - Local denial of service: kernel BUG/panic (system crash). - ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: account for netlink header size This is a followup to an old bug fix: NLMSG_DONE needs to account for the netlink header size, not just the attribute size. This can result in a WARN splat + drop of the netlink message, but other than this there are no ill effects.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_queue` in `x25_clear_queues()`.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops the bucket when both n->pos and k are zero. This misses buckets whose live entries have all been removed while n->pos still points past deleted slots. Treat a bucket as empty when all positions below n->pos are unused and release it directly instead of shrinking it further.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls tcf_block_q() and dereferences q->handle. Shared blocks leave block->q NULL, causing a NULL deref when an empty cls_fw filter is attached to a shared block and a packet with a nonzero major skb mark is classified. Reject the configuration in fw_change() when the old method (no TCA_OPTIONS) is used on a shared block, since fw_classify()'s old-method path needs block->q which is NULL for shared blocks. The fixed null-ptr-deref calling stack: KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f] RIP: 0010:fw_classify (net/sched/cls_fw.c:81) Call Trace: tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1764 net/sched/cls_api.c:1860) tc_run (net/core/dev.c:4401) __dev_queue_xmit (net/core/dev.c:4535 net/core/dev.c:4790)
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL pointer dereference on shared blocks flow_change() calls tcf_block_q() and dereferences q->handle to derive a default baseclass. Shared blocks leave block->q NULL, causing a NULL deref when a flow filter without a fully qualified baseclass is created on a shared block. Check tcf_block_shared() before accessing block->q and return -EINVAL for shared blocks. This avoids the null-deref shown below: ======================================================================= KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f] RIP: 0010:flow_change (net/sched/cls_flow.c:508) Call Trace: tc_new_tfilter (net/sched/cls_api.c:2432) rtnetlink_rcv_msg (net/core/rtnetlink.c:6980) [...] =======================================================================
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled value. For large inputs (e.g. m1=4000000000), the result can reach 2^32. rtsc_min() stores the difference of two such u64 values in a u32 variable `dsm` and uses it as a divisor. When the difference is exactly 2^32 the truncation yields zero, causing a divide-by-zero oops in the concave-curve intersection path: Oops: divide error: 0000 RIP: 0010:rtsc_min (net/sched/sch_hfsc.c:601) Call Trace: init_ed (net/sched/sch_hfsc.c:629) hfsc_enqueue (net/sched/sch_hfsc.c:1569) [...] Widen `dsm` to u64 and replace do_div() with div64_u64() so the full difference is preserved.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Weiming Shi says: xt_match and xt_target structs registered with NFPROTO_UNSPEC can be loaded by any protocol family through nft_compat. When such a match/target sets .hooks to restrict which hooks it may run on, the bitmask uses NF_INET_* constants. This is only correct for families whose hook layout matches NF_INET_*: IPv4, IPv6, INET, and bridge all share the same five hooks (PRE_ROUTING ... POST_ROUTING). ARP only has three hooks (IN=0, OUT=1, FORWARD=2) with different semantics. Because NF_ARP_OUT == 1 == NF_INET_LOCAL_IN, the .hooks validation silently passes for the wrong reasons, allowing matches to run on ARP chains where the hook assumptions (e.g. state->in being set on input hooks) do not hold. This leads to NULL pointer dereferences; xt_devgroup is one concrete example: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000044: 0000 [#1] SMP KASAN NOPTI KASAN: null-ptr-deref in range [0x0000000000000220-0x0000000000000227] RIP: 0010:devgroup_mt+0xff/0x350 Call Trace: <TASK> nft_match_eval (net/netfilter/nft_compat.c:407) nft_do_chain (net/netfilter/nf_tables_core.c:285) nft_do_chain_arp (net/netfilter/nft_chain_filter.c:61) nf_hook_slow (net/netfilter/core.c:623) arp_xmit (net/ipv4/arp.c:666) </TASK> Kernel panic - not syncing: Fatal exception in interrupt Fix it by restricting arptables to NFPROTO_ARP extensions only. Note that arptables-legacy only supports: - arpt_CLASSIFY - arpt_mangle - arpt_MARK that provide explicit NFPROTO_ARP match/target declarations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp process_sdp() declares union nf_inet_addr rtp_addr on the stack and passes it to the nf_nat_sip sdp_session hook after walking the SDP media descriptions. However rtp_addr is only initialized inside the media loop when a recognized media type with a non-zero port is found. If the SDP body contains no m= lines, only inactive media sections (m=audio 0 ...) or only unrecognized media types, rtp_addr is never assigned. Despite that, the function still calls hooks->sdp_session() with &rtp_addr, causing nf_nat_sdp_session() to format the stale stack value as an IP address and rewrite the SDP session owner and connection lines with it. With CONFIG_INIT_STACK_ALL_ZERO (default on most distributions) this results in the session-level o= and c= addresses being rewritten to 0.0.0.0 for inactive SDP sessions. Without stack auto-init the rewritten address is whatever happened to be on the stack. Fix this by pre-initializing rtp_addr from the session-level connection address (caddr) when available, and tracking via a have_rtp_addr flag whether any valid address was established. Skip the sdp_session hook entirely when no valid address exists.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD __build_packet_message() manually constructs the NFULA_PAYLOAD netlink attribute using skb_put() and skb_copy_bits(), bypassing the standard nla_reserve()/nla_put() helpers. While nla_total_size(data_len) bytes are allocated (including NLA alignment padding), only data_len bytes of actual packet data are copied. The trailing nla_padlen(data_len) bytes (1-3 when data_len is not 4-byte aligned) are never initialized, leaking stale heap contents to userspace via the NFLOG netlink socket. Replace the manual attribute construction with nla_reserve(), which handles the tailroom check, header setup, and padding zeroing via __nla_reserve(). The subsequent skb_copy_bits() fills in the payload data on top of the properly initialized attribute.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxd_wq_disable_cleanup() which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty (all its resources were released). Only set the wq type to NONE after its resources are released.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in update_super_work when racing with umount Commit b98535d09179 ("ext4: fix bug_on in start_this_handle during umount filesystem") moved ext4_unregister_sysfs() before flushing s_sb_upd_work to prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups reads during unmount. However, this introduced a use-after-free because update_super_work calls ext4_notify_error_sysfs() -> sysfs_notify() which accesses the kobject's kernfs_node after it has been freed by kobject_del() in ext4_unregister_sysfs(): update_super_work ext4_put_super ----------------- -------------- ext4_unregister_sysfs(sb) kobject_del(&sbi->s_kobj) __kobject_del() sysfs_remove_dir() kobj->sd = NULL sysfs_put(sd) kernfs_put() // RCU free ext4_notify_error_sysfs(sbi) sysfs_notify(&sbi->s_kobj) kn = kobj->sd // stale pointer kernfs_get(kn) // UAF on freed kernfs_node ext4_journal_destroy() flush_work(&sbi->s_sb_upd_work) Instead of reordering the teardown sequence, fix this by making ext4_notify_error_sysfs() detect that sysfs has already been torn down by checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call in that case. A dedicated mutex (s_error_notify_mutex) serializes ext4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs() to prevent TOCTOU races where the kobject could be deleted between the state_in_sysfs check and the sysfs_notify() call.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with s_first_data_block != 0 bigalloc with s_first_data_block != 0 is not supported, reject mounting it.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails (in this example, because the file system disabled the huge file feature when marking the inode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to reclaim the physical block without deleting the corresponding data in the extent tree. This causes subsequent mkdir operations to reference the previously reclaimed physical block number again, even though this physical block is already being used by the xattr block. Therefore, a situation arises where both the directory and xattr are using the same buffer head block in memory simultaneously. The above causes ext4_xattr_block_set() to enter an infinite loop about "inserted" and cannot release the inode lock, ultimately leading to the 143s blocking problem mentioned in [1]. If the metadata is corrupted, then trying to remove some extent space can do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE was passed, remove space wrongly update quota information. Jan Kara suggests distinguishing between two cases: 1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully consistent and we must maintain its consistency including all the accounting. However these errors can happen only early before we've inserted the extent into the extent tree. So current code works correctly for this case. 2) Some other error - this means metadata is corrupted. We should strive to do as few modifications as possible to limit damage. So I'd just skip freeing of allocated blocks. [1] INFO: task syz.0.17:5995 blocked for more than 143 seconds. Call Trace: inode_lock_nested include/linux/fs.h:1073 [inline] __start_dirop fs/namei.c:2923 [inline] start_dirop fs/namei.c:2934 [inline]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4_inode_attach_jinode() publishes ei->jinode to concurrent users. It used to set ei->jinode before jbd2_journal_init_jbd_inode(), allowing a reader to observe a non-NULL jinode with i_vfs_inode still unset. The fast commit flush path can then pass this jinode to jbd2_wait_inode_data(), which dereferences i_vfs_inode->i_mapping and may crash. Below is the crash I observe: ``` BUG: unable to handle page fault for address: 000000010beb47f4 PGD 110e51067 P4D 110e51067 PUD 0 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 1 UID: 0 PID: 4850 Comm: fc_fsync_bench_ Not tainted 6.18.0-00764-g795a690c06a5 #1 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.17.0-2-2 04/01/2014 RIP: 0010:xas_find_marked+0x3d/0x2e0 Code: e0 03 48 83 f8 02 0f 84 f0 01 00 00 48 8b 47 08 48 89 c3 48 39 c6 0f 82 fd 01 00 00 48 85 c9 74 3d 48 83 f9 03 77 63 4c 8b 0f <49> 8b 71 08 48 c7 47 18 00 00 00 00 48 89 f1 83 e1 03 48 83 f9 02 RSP: 0018:ffffbbee806e7bf0 EFLAGS: 00010246 RAX: 000000000010beb4 RBX: 000000000010beb4 RCX: 0000000000000003 RDX: 0000000000000001 RSI: 0000002000300000 RDI: ffffbbee806e7c10 RBP: 0000000000000001 R08: 0000002000300000 R09: 000000010beb47ec R10: ffff9ea494590090 R11: 0000000000000000 R12: 0000002000300000 R13: ffffbbee806e7c90 R14: ffff9ea494513788 R15: ffffbbee806e7c88 FS: 00007fc2f9e3e6c0(0000) GS:ffff9ea6b1444000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000010beb47f4 CR3: 0000000119ac5000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace: <TASK> filemap_get_folios_tag+0x87/0x2a0 __filemap_fdatawait_range+0x5f/0xd0 ? srso_alias_return_thunk+0x5/0xfbef5 ? __schedule+0x3e7/0x10c0 ? srso_alias_return_thunk+0x5/0xfbef5 ? srso_alias_return_thunk+0x5/0xfbef5 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 ? cap_safe_nice+0x37/0x70 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 filemap_fdatawait_range_keep_errors+0x12/0x40 ext4_fc_commit+0x697/0x8b0 ? ext4_file_write_iter+0x64b/0x950 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 ? vfs_write+0x356/0x480 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ext4_sync_file+0xf7/0x370 do_fsync+0x3b/0x80 ? syscall_trace_enter+0x108/0x1d0 __x64_sys_fdatasync+0x16/0x20 do_syscall_64+0x62/0x2c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e ... ``` Fix this by initializing the jbd2_inode first. Use smp_wmb() and WRITE_ONCE() to publish ei->jinode after initialization. Readers use READ_ONCE() to fetch the pointer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ext4: convert inline data to extents when truncate exceeds inline size Add a check in ext4_setattr() to convert files from inline data storage to extent-based storage when truncate() grows the file size beyond the inline capacity. This prevents the filesystem from entering an inconsistent state where the inline data flag is set but the file size exceeds what can be stored inline. Without this fix, the following sequence causes a kernel BUG_ON(): 1. Mount filesystem with inode that has inline flag set and small size 2. truncate(file, 50MB) - grows size but inline flag remains set 3. sendfile() attempts to write data 4. ext4_write_inline_data() hits BUG_ON(write_size > inline_capacity) The crash occurs because ext4_write_inline_data() expects inline storage to accommodate the write, but the actual inline capacity (~60 bytes for i_block + ~96 bytes for xattrs) is far smaller than the file size and write request. The fix checks if the new size from setattr exceeds the inode's actual inline capacity (EXT4_I(inode)->i_inline_size) and converts the file to extent-based storage before proceeding with the size change. This addresses the root cause by ensuring the inline data flag and file size remain consistent during truncate operations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix folio isn't locked in softleaf_to_folio() On arm64 server, we found folio that get from migration entry isn't locked in softleaf_to_folio(). This issue triggers when mTHP splitting and zap_nonpresent_ptes() races, and the root cause is lack of memory barrier in softleaf_to_folio(). The race is as follows: CPU0 CPU1 deferred_split_scan() zap_nonpresent_ptes() lock folio split_folio() unmap_folio() change ptes to migration entries __split_folio_to_order() softleaf_to_folio() set flags(including PG_locked) for tail pages folio = pfn_folio(softleaf_to_pfn(entry)) smp_wmb() VM_WARN_ON_ONCE(!folio_test_locked(folio)) prep_compound_page() for tail pages In __split_folio_to_order(), smp_wmb() guarantees page flags of tail pages are visible before the tail page becomes non-compound. smp_wmb() should be paired with smp_rmb() in softleaf_to_folio(), which is missed. As a result, if zap_nonpresent_ptes() accesses migration entry that stores tail pfn, softleaf_to_folio() may see the updated compound_head of tail page before page->flags. This issue will trigger VM_WARN_ON_ONCE() in pfn_swap_entry_folio() because of the race between folio split and zap_nonpresent_ptes() leading to a folio incorrectly undergoing modification without a folio lock being held. This is a BUG_ON() before commit 93976a20345b ("mm: eliminate further swapops predicates"), which in merged in v6.19-rc1. To fix it, add missing smp_rmb() if the softleaf entry is migration entry in softleaf_to_folio() and softleaf_to_page(). [tujinjiang@huawei.com: update function name and comments]
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false A UAF issue occurs when the virtio_net driver is configured with napi_tx=N and the device's IFF_XMIT_DST_RELEASE flag is cleared (e.g., during the configuration of tc route filter rules). When IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack expects the driver to hold the reference to skb->dst until the packet is fully transmitted and freed. In virtio_net with napi_tx=N, skbs may remain in the virtio transmit ring for an extended period. If the network namespace is destroyed while these skbs are still pending, the corresponding dst_ops structure has freed. When a subsequent packet is transmitted, free_old_xmit() is triggered to clean up old skbs. It then calls dst_release() on the skb associated with the stale dst_entry. Since the dst_ops (referenced by the dst_entry) has already been freed, a UAF kernel paging request occurs. fix it by adds skb_dst_drop(skb) in start_xmit to explicitly release the dst reference before the skb is queued in virtio_net. Call Trace: Unable to handle kernel paging request at virtual address ffff80007e150000 CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT ... percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P) dst_release+0xe0/0x110 net/core/dst.c:177 skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177 sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255 dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469 napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527 __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net] free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net] start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net] ... Reproduction Steps: NETDEV="enp3s0" config_qdisc_route_filter() { tc qdisc del dev $NETDEV root tc qdisc add dev $NETDEV root handle 1: prio tc filter add dev $NETDEV parent 1:0 \ protocol ip prio 100 route to 100 flowid 1:1 ip route add 192.168.1.100/32 dev $NETDEV realm 100 } test_ns() { ip netns add testns ip link set $NETDEV netns testns ip netns exec testns ifconfig $NETDEV 10.0.32.46/24 ip netns exec testns ping -c 1 10.0.32.1 ip netns del testns } config_qdisc_route_filter test_ns sleep 2 test_ns
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue (UAF) There is a teardown order issue in the driver. The SPI controller is registered using devm_spi_register_controller(), which delays unregistration of the SPI controller until after the fsl_lpspi_remove() function returns. As the fsl_lpspi_remove() function synchronously tears down the DMA channels, a running SPI transfer triggers the following NULL pointer dereference due to use after free: | fsl_lpspi 42550000.spi: I/O Error in DMA RX | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [...] | Call trace: | fsl_lpspi_dma_transfer+0x260/0x340 [spi_fsl_lpspi] | fsl_lpspi_transfer_one+0x198/0x448 [spi_fsl_lpspi] | spi_transfer_one_message+0x49c/0x7c8 | __spi_pump_transfer_message+0x120/0x420 | __spi_sync+0x2c4/0x520 | spi_sync+0x34/0x60 | spidev_message+0x20c/0x378 [spidev] | spidev_ioctl+0x398/0x750 [spidev] [...] Switch from devm_spi_register_controller() to spi_register_controller() in fsl_lpspi_probe() and add the corresponding spi_unregister_controller() in fsl_lpspi_remove().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gem_get_sset_count() correctly computes the number of stats based on the active queues, whereas gem_get_ethtool_stats() indiscriminately copies data using the maximum number of queues, and in the case the number of active queues is less than MACB_MAX_QUEUES, this results in a OOB write as observed in the KASAN splat. ================================================================== BUG: KASAN: vmalloc-out-of-bounds in gem_get_ethtool_stats+0x54/0x78 [macb] Write of size 760 at addr ffff80008080b000 by task ethtool/1027 CPU: [...] Tainted: [E]=UNSIGNED_MODULE Hardware name: raspberrypi rpi/rpi, BIOS 2025.10 10/01/2025 Call trace: show_stack+0x20/0x38 (C) dump_stack_lvl+0x80/0xf8 print_report+0x384/0x5e0 kasan_report+0xa0/0xf0 kasan_check_range+0xe8/0x190 __asan_memcpy+0x54/0x98 gem_get_ethtool_stats+0x54/0x78 [macb 926c13f3af83b0c6fe64badb21ec87d5e93fcf65] dev_ethtool+0x1220/0x38c0 dev_ioctl+0x4ac/0xca8 sock_do_ioctl+0x170/0x1d8 sock_ioctl+0x484/0x5d8 __arm64_sys_ioctl+0x12c/0x1b8 invoke_syscall+0xd4/0x258 el0_svc_common.constprop.0+0xb4/0x240 do_el0_svc+0x48/0x68 el0_svc+0x40/0xf8 el0t_64_sync_handler+0xa0/0xe8 el0t_64_sync+0x1b0/0x1b8 The buggy address belongs to a 1-page vmalloc region starting at 0xffff80008080b000 allocated at dev_ethtool+0x11f0/0x38c0 The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff00000a333000 pfn:0xa333 flags: 0x7fffc000000000(node=0|zone=0|lastcpupid=0x1ffff) raw: 007fffc000000000 0000000000000000 dead000000000122 0000000000000000 raw: ffff00000a333000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff80008080b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff80008080b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff80008080b180: 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ^ ffff80008080b200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffff80008080b280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ================================================================== Fix it by making sure the copied size only considers the active number of queues.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extack errors. - CTA_PROTOINFO_TCP_STATE: reject values > TCP_CONNTRACK_SYN_SENT2 at policy level, removing the manual >= TCP_CONNTRACK_MAX check. - CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values > TCP_MAX_WSCALE (14). The normal TCP option parsing path already clamps to this value, but the ctnetlink path accepted 0-255, causing undefined behavior when used as a u32 shift count. - CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with CTA_FILTER_F_ALL, removing the manual mask checks. - CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding a new mask define grouping all valid expect flags. Extracted from a broader nf-next patch by Florian Westphal, scoped to ctnetlink for the fixes tree.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: skip expectations in other netns via proc Skip expectations that do not reside in this netns. Similar to e77e6ff502ea ("netfilter: conntrack: do not dump other netns's conntrack entries via proc").
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udp_sock to a local address and port, UDP uses two hashes (udptable->hash and udptable->hash2) for collision detection. The current code switches to "hash2" when hslot->count > 10. "hash2" is keyed by local address and local port. "hash" is keyed by local port only. The issue can be shown in the following bind sequence (pseudo code): bind(fd1, "[fd00::1]:8888") bind(fd2, "[fd00::2]:8888") bind(fd3, "[fd00::3]:8888") bind(fd4, "[fd00::4]:8888") bind(fd5, "[fd00::5]:8888") bind(fd6, "[fd00::6]:8888") bind(fd7, "[fd00::7]:8888") bind(fd8, "[fd00::8]:8888") bind(fd9, "[fd00::9]:8888") bind(fd10, "[fd00::10]:8888") /* Correctly return -EADDRINUSE because "hash" is used * instead of "hash2". udp_lib_lport_inuse() detects the * conflict. */ bind(fail_fd, "[::]:8888") /* After one more socket is bound to "[fd00::11]:8888", * hslot->count exceeds 10 and "hash2" is used instead. */ bind(fd11, "[fd00::11]:8888") bind(fail_fd, "[::]:8888") /* succeeds unexpectedly */ The same issue applies to the IPv4 wildcard address "0.0.0.0" and the IPv4-mapped wildcard address "::ffff:0.0.0.0". For example, if there are existing sockets bound to "192.168.1.[1-11]:8888", then binding "0.0.0.0:8888" or "[::ffff:0.0.0.0]:8888" can also miss the conflict when hslot->count > 10. TCP inet_csk_get_port() already has the correct check in inet_use_bhash2_on_bind(). Rename it to inet_use_hash2_on_bind() and move it to inet_hashtables.h so udp.c can reuse it in this fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` has a race window where `NETDEV_UP` can re-register a socket into a fanout group's `arr[]` array. The re-registration is not cleaned up by `fanout_release()`, leaving a dangling pointer in the fanout array. `packet_release()` does NOT zero `po->num` in its `bind_lock` section. After releasing `bind_lock`, `po->num` is still non-zero and `po->ifindex` still matches the bound device. A concurrent `packet_notifier(NETDEV_UP)` that already found the socket in `sklist` can re-register the hook. For fanout sockets, this re-registration calls `__fanout_link(sk, po)` which adds the socket back into `f->arr[]` and increments `f->num_members`, but does NOT increment `f->sk_ref`. The fix sets `po->num` to zero in `packet_release` while `bind_lock` is held to prevent NETDEV_UP from linking, preventing the race window. This bug was found following an additional audit with Claude Code based on CVE-2025-38617.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer smc_rx_splice() allocates one smc_spd_priv per pipe_buffer and stores the pointer in pipe_buffer.private. The pipe_buf_operations for these buffers used .get = generic_pipe_buf_get, which only increments the page reference count when tee(2) duplicates a pipe buffer. The smc_spd_priv pointer itself was not handled, so after tee() both the original and the cloned pipe_buffer share the same smc_spd_priv *. When both pipes are subsequently released, smc_rx_pipe_buf_release() is called twice against the same object: 1st call: kfree(priv) sock_put(sk) smc_rx_update_cons() [correct] 2nd call: kfree(priv) sock_put(sk) smc_rx_update_cons() [UAF] KASAN reports a slab-use-after-free in smc_rx_pipe_buf_release(), which then escalates to a NULL-pointer dereference and kernel panic via smc_rx_update_consumer() when it chases the freed priv->smc pointer: BUG: KASAN: slab-use-after-free in smc_rx_pipe_buf_release+0x78/0x2a0 Read of size 8 at addr ffff888004a45740 by task smc_splice_tee_/74 Call Trace: <TASK> dump_stack_lvl+0x53/0x70 print_report+0xce/0x650 kasan_report+0xc6/0x100 smc_rx_pipe_buf_release+0x78/0x2a0 free_pipe_info+0xd4/0x130 pipe_release+0x142/0x160 __fput+0x1c6/0x490 __x64_sys_close+0x4f/0x90 do_syscall_64+0xa6/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> BUG: kernel NULL pointer dereference, address: 0000000000000020 RIP: 0010:smc_rx_update_consumer+0x8d/0x350 Call Trace: <TASK> smc_rx_pipe_buf_release+0x121/0x2a0 free_pipe_info+0xd4/0x130 pipe_release+0x142/0x160 __fput+0x1c6/0x490 __x64_sys_close+0x4f/0x90 do_syscall_64+0xa6/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> Kernel panic - not syncing: Fatal exception Beyond the memory-safety problem, duplicating an SMC splice buffer is semantically questionable: smc_rx_update_cons() would advance the consumer cursor twice for the same data, corrupting receive-window accounting. A refcount on smc_spd_priv could fix the double-free, but the cursor-accounting issue would still need to be addressed separately. The .get callback is invoked by both tee(2) and splice_pipe_to_pipe() for partial transfers; both will now return -EFAULT. Users who need to duplicate SMC socket data must use a copy-based read path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Avoid releasing netdev before teardown completes The patch cited in the Fixes tag below changed the teardown code for OVS ports to no longer unconditionally take the RTNL. After this change, the netdev_destroy() callback can proceed immediately to the call_rcu() invocation if the IFF_OVS_DATAPATH flag is already cleared on the netdev. The ovs_netdev_detach_dev() function clears the flag before completing the unregistration, and if it gets preempted after clearing the flag (as can happen on an -rt kernel), netdev_destroy() can complete and the device can be freed before the unregistration completes. This leads to a splat like: [ 998.393867] Oops: general protection fault, probably for non-canonical address 0xff00000001000239: 0000 [#1] SMP PTI [ 998.393877] CPU: 42 UID: 0 PID: 55177 Comm: ip Kdump: loaded Not tainted 6.12.0-211.1.1.el10_2.x86_64+rt #1 PREEMPT_RT [ 998.393886] Hardware name: Dell Inc. PowerEdge R740/0JMK61, BIOS 2.24.0 03/27/2025 [ 998.393889] RIP: 0010:dev_set_promiscuity+0x8d/0xa0 [ 998.393901] Code: 00 00 75 d8 48 8b 53 08 48 83 ba b0 02 00 00 00 75 ca 48 83 c4 08 5b c3 cc cc cc cc 48 83 bf 48 09 00 00 00 75 91 48 8b 47 08 <48> 83 b8 b0 02 00 00 00 74 97 eb 81 0f 1f 80 00 00 00 00 90 90 90 [ 998.393906] RSP: 0018:ffffce5864a5f6a0 EFLAGS: 00010246 [ 998.393912] RAX: ff00000000ffff89 RBX: ffff894d0adf5a05 RCX: 0000000000000000 [ 998.393917] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff894d0adf5a05 [ 998.393921] RBP: ffff894d19252000 R08: ffff894d19252000 R09: 0000000000000000 [ 998.393924] R10: ffff894d19252000 R11: ffff894d192521b8 R12: 0000000000000006 [ 998.393927] R13: ffffce5864a5f738 R14: 00000000ffffffe2 R15: 0000000000000000 [ 998.393931] FS: 00007fad61971800(0000) GS:ffff894cc0140000(0000) knlGS:0000000000000000 [ 998.393936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 998.393940] CR2: 000055df0a2a6e40 CR3: 000000011c7fe003 CR4: 00000000007726f0 [ 998.393944] PKRU: 55555554 [ 998.393946] Call Trace: [ 998.393949] <TASK> [ 998.393952] ? show_trace_log_lvl+0x1b0/0x2f0 [ 998.393961] ? show_trace_log_lvl+0x1b0/0x2f0 [ 998.393975] ? dp_device_event+0x41/0x80 [openvswitch] [ 998.394009] ? __die_body.cold+0x8/0x12 [ 998.394016] ? die_addr+0x3c/0x60 [ 998.394027] ? exc_general_protection+0x16d/0x390 [ 998.394042] ? asm_exc_general_protection+0x26/0x30 [ 998.394058] ? dev_set_promiscuity+0x8d/0xa0 [ 998.394066] ? ovs_netdev_detach_dev+0x3a/0x80 [openvswitch] [ 998.394092] dp_device_event+0x41/0x80 [openvswitch] [ 998.394102] notifier_call_chain+0x5a/0xd0 [ 998.394106] unregister_netdevice_many_notify+0x51b/0xa60 [ 998.394110] rtnl_dellink+0x169/0x3e0 [ 998.394121] ? rt_mutex_slowlock.constprop.0+0x95/0xd0 [ 998.394125] rtnetlink_rcv_msg+0x142/0x3f0 [ 998.394128] ? avc_has_perm_noaudit+0x69/0xf0 [ 998.394130] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 998.394132] netlink_rcv_skb+0x50/0x100 [ 998.394138] netlink_unicast+0x292/0x3f0 [ 998.394141] netlink_sendmsg+0x21b/0x470 [ 998.394145] ____sys_sendmsg+0x39d/0x3d0 [ 998.394149] ___sys_sendmsg+0x9a/0xe0 [ 998.394156] __sys_sendmsg+0x7a/0xd0 [ 998.394160] do_syscall_64+0x7f/0x170 [ 998.394162] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 998.394165] RIP: 0033:0x7fad61bf4724 [ 998.394188] Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d c5 e9 0c 00 00 74 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89 [ 998.394189] RSP: 002b:00007ffd7e2f7cb8 EFLAGS: 00000202 ORIG_RAX: 000000000000002e [ 998.394191] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fad61bf4724 [ 998.394193] RDX: 0000000000000000 RSI: 00007ffd7e2f7d20 RDI: 0000000000000003 [ 998.394194] RBP: 00007ffd7e2f7d90 R08: 0000000000000010 R09: 000000000000003f [ 998.394195] R10: 000055df11558010 R11: 0000000000000202 R12: 00007ffd7e2 ---truncated---
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to trigger a crash in skb_put() [1] Issue is that pfkey_send_migrate() does not check old/new families, and that set_ipsecrequest() @family argument was truncated, thus possibly overfilling the skb. Validate families early, do not wait set_ipsecrequest(). [1] skbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:<NULL> kernel BUG at net/core/skbuff.c:214 ! Call Trace: <TASK> skb_over_panic net/core/skbuff.c:219 [inline] skb_put+0x159/0x210 net/core/skbuff.c:2655 skb_put_zero include/linux/skbuff.h:2788 [inline] set_ipsecrequest net/key/af_key.c:3532 [inline] pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636 km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848 xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705 xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output code will drop the packet for us. With async crypto (esp_output_done), we need to drop the skb when esp_output_tail_tcp returns an error.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol st_shndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplify_symbols(): for (i = 1; i < symsec->sh_size / sizeof(Elf_Sym); i++) { const char *name = info->strtab + sym[i].st_name; switch (sym[i].st_shndx) { case SHN_COMMON: [...] default: /* Divert to percpu allocation if a percpu var. */ if (sym[i].st_shndx == info->index.pcpu) secbase = (unsigned long)mod_percpu(mod); else /** HERE --> **/ secbase = info->sechdrs[sym[i].st_shndx].sh_addr; sym[i].st_value += secbase; break; } } A symbol with an out-of-bounds st_shndx value, for example 0xffff (known as SHN_XINDEX or SHN_HIRESERVE), may cause a kernel panic: BUG: unable to handle page fault for address: ... RIP: 0010:simplify_symbols+0x2b2/0x480 ... Kernel panic - not syncing: Fatal exception This can happen when module ELF is legitimately using SHN_XINDEX or when it is corrupted. Add a bounds check in simplify_symbols() to validate that st_shndx is within the valid range before using it. This issue was discovered due to a bug in llvm-objcopy, see relevant discussion for details [1]. [1] https://lore.kernel.org/linux-modules/20251224005752.201911-1-ihor.solodrai@linux.dev/
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUSY handling in tls_do_encryption(), introduced by commit 859054147318 ("net: tls: handle backlogging of crypto requests"), has a use-after-free due to double cleanup of encrypt_pending and the scatterlist entry. When crypto_aead_encrypt() returns -EBUSY, the request is enqueued to the cryptd backlog and the async callback tls_encrypt_done() will be invoked upon completion. That callback unconditionally restores the scatterlist entry (sge->offset, sge->length) and decrements ctx->encrypt_pending. However, if tls_encrypt_async_wait() returns an error, the synchronous error path in tls_do_encryption() performs the same cleanup again, double-decrementing encrypt_pending and double-restoring the scatterlist. The double-decrement corrupts the encrypt_pending sentinel (initialized to 1), making tls_encrypt_async_wait() permanently skip the wait for pending async callbacks. A subsequent sendmsg can then free the tls_rec via bpf_exec_tx_verdict() while a cryptd callback is still pending, resulting in a use-after-free when the callback fires on the freed record. Fix this by skipping the synchronous cleanup when the -EBUSY async wait returns an error, since the callback has already handled encrypt_pending and sge restoration.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show rlb_clear_slave intentionally keeps RLB hash-table entries on the rx_hashtbl_used_head list with slave set to NULL when no replacement slave is available. However, bond_debug_rlb_hash_show visites client_info->slave without checking if it's NULL. Other used-list iterators in bond_alb.c already handle this NULL-slave state safely: - rlb_update_client returns early on !client_info->slave - rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance compare slave values before visiting - lb_req_update_subnet_clients continues if slave is NULL The following NULL deref crash can be trigger in bond_debug_rlb_hash_show: [ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41) [ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286 [ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204 [ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078 [ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000 [ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0 [ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8 [ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000 [ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0 [ 1.295897] Call Trace: [ 1.296134] seq_read_iter (fs/seq_file.c:231) [ 1.296341] seq_read (fs/seq_file.c:164) [ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1)) [ 1.296658] vfs_read (fs/read_write.c:572) [ 1.296981] ksys_read (fs/read_write.c:717) [ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) [ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) Add a NULL check and print "(none)" for entries with no assigned slave.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: futex: Clear stale exiting pointer in futex_lock_pi() retry path Fuzzying/stressing futexes triggered: WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524 When futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY and stores a refcounted task pointer in 'exiting'. After wait_for_owner_exiting() consumes that reference, the local pointer is never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a different error, the bogus pointer is passed to wait_for_owner_exiting(). CPU0 CPU1 CPU2 futex_lock_pi(uaddr) // acquires the PI futex exit() futex_cleanup_begin() futex_state = EXITING; futex_lock_pi(uaddr) futex_lock_pi_atomic() attach_to_pi_owner() // observes EXITING *exiting = owner; // takes ref return -EBUSY wait_for_owner_exiting(-EBUSY, owner) put_task_struct(); // drops ref // exiting still points to owner goto retry; futex_lock_pi_atomic() lock_pi_update_atomic() cmpxchg(uaddr) *uaddr ^= WAITERS // whatever // value changed return -EAGAIN; wait_for_owner_exiting(-EAGAIN, exiting) // stale WARN_ON_ONCE(exiting) Fix this by resetting upon retry, essentially aligning it with requeue_pi.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: macb: Use dev_consume_skb_any() to free TX SKBs The napi_consume_skb() function is not intended to be called in an IRQ disabled context. However, after commit 6bc8a5098bf4 ("net: macb: Fix tx_ptr_lock locking"), the freeing of TX SKBs is performed with IRQs disabled. To resolve the following call trace, use dev_consume_skb_any() for freeing TX SKBs: WARNING: kernel/softirq.c:430 at __local_bh_enable_ip+0x174/0x188, CPU#0: ksoftirqd/0/15 Modules linked in: CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 7.0.0-rc4-next-20260319-yocto-standard-dirty #37 PREEMPT Hardware name: ZynqMP ZCU102 Rev1.1 (DT) pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : __local_bh_enable_ip+0x174/0x188 lr : local_bh_enable+0x24/0x38 sp : ffff800082b3bb10 x29: ffff800082b3bb10 x28: ffff0008031f3c00 x27: 000000000011ede0 x26: ffff000800a7ff00 x25: ffff800083937ce8 x24: 0000000000017a80 x23: ffff000803243a78 x22: 0000000000000040 x21: 0000000000000000 x20: ffff000800394c80 x19: 0000000000000200 x18: 0000000000000001 x17: 0000000000000001 x16: ffff000803240000 x15: 0000000000000000 x14: ffffffffffffffff x13: 0000000000000028 x12: ffff000800395650 x11: ffff8000821d1528 x10: ffff800081c2bc08 x9 : ffff800081c1e258 x8 : 0000000100000301 x7 : ffff8000810426ec x6 : 0000000000000000 x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000 x2 : 0000000000000008 x1 : 0000000000000200 x0 : ffff8000810428dc Call trace: __local_bh_enable_ip+0x174/0x188 (P) local_bh_enable+0x24/0x38 skb_attempt_defer_free+0x190/0x1d8 napi_consume_skb+0x58/0x108 macb_tx_poll+0x1a4/0x558 __napi_poll+0x50/0x198 net_rx_action+0x1f4/0x3d8 handle_softirqs+0x16c/0x560 run_ksoftirqd+0x44/0x80 smpboot_thread_fn+0x1d8/0x338 kthread+0x120/0x150 ret_from_fork+0x10/0x20 irq event stamp: 29751 hardirqs last enabled at (29750): [<ffff8000813be184>] _raw_spin_unlock_irqrestore+0x44/0x88 hardirqs last disabled at (29751): [<ffff8000813bdf60>] _raw_spin_lock_irqsave+0x38/0x98 softirqs last enabled at (29150): [<ffff8000800f1aec>] handle_softirqs+0x504/0x560 softirqs last disabled at (29153): [<ffff8000800f2fec>] run_ksoftirqd+0x44/0x80
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications (e.g., rping) are active. The netdev reset causes ice driver to remove irdma auxiliary driver, triggering device_delete and subsequent client removal. During client removal, uverbs_client waits for QP reference count to reach zero while cma_client holds the final reference, creating circular dependency and indefinite wait in iWARP mode. Skip QP reference count wait during device reset to prevent deadlock.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: x86/CPU: Fix FPDSS on Zen1 Zen1's hardware divider can leave, under certain circumstances, partial results from previous operations. Those results can be leaked by another, attacker thread. Fix that with a chicken bit.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix reference count leak in rxrpc_server_keyring() This patch fixes a reference count leak in rxrpc_server_keyring() by checking if rx->securities is already set.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len = nopaged_len - bmax; where nopaged_len = skb_headlen(skb) (linear bytes only) and bmax is BUF_SIZE_8KiB or BUF_SIZE_2KiB. However, the caller stmmac_xmit() decides to invoke jumbo_frm() based on skb->len (total length including page fragments): is_jumbo = stmmac_is_jumbo_frm(priv, skb->len, enh_desc); When a packet has a small linear portion (nopaged_len <= bmax) but a large total length due to page fragments (skb->len > bmax), the subtraction wraps as an unsigned integer, producing a huge len value (~0xFFFFxxxx). This causes the while (len != 0) loop to execute hundreds of thousands of iterations, passing skb->data + bmax * i pointers far beyond the skb buffer to dma_map_single(). On IOMMU-less SoCs (the typical deployment for stmmac), this maps arbitrary kernel memory to the DMA engine, constituting a kernel memory disclosure and potential memory corruption from hardware. Fix this by introducing a buf_len local variable clamped to min(nopaged_len, bmax). Computing len = nopaged_len - buf_len is then always safe: it is zero when the linear portion fits within a single descriptor, causing the while (len != 0) loop to be skipped naturally, and the fragment loop in stmmac_xmit() handles page fragments afterward.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit() When dma_map_single() fails in tse_start_xmit(), the function returns NETDEV_TX_OK without freeing the skb. Since NETDEV_TX_OK tells the stack the packet was consumed, the skb is never freed, leaking memory on every DMA mapping failure. Add dev_kfree_skb_any() before returning to properly free the skb.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears the trailing padding bytes of struct xfrm_user_expire after setting the hard field via memset_after(), but the analogous function build_polexpire() does not do this for struct xfrm_user_polexpire. The padding bytes after the __u8 hard field are left uninitialized from the heap allocation, and are then sent to userspace via netlink multicast to XFRMNLGRP_EXPIRE listeners, leaking kernel heap memory contents. Add the missing memset_after() call, matching build_expire().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: fix use-after-free in timeout object destroy nft_ct_timeout_obj_destroy() frees the timeout object with kfree() immediately after nf_ct_untimeout(), without waiting for an RCU grace period. Concurrent packet processing on other CPUs may still hold RCU-protected references to the timeout object obtained via rcu_dereference() in nf_ct_timeout_data(). Add an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer freeing until after an RCU grace period, matching the approach already used in nfnetlink_cttimeout.c. KASAN report: BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0 Read of size 4 at addr ffff8881035fe19c by task exploit/80 Call Trace: nf_conntrack_tcp_packet+0x1381/0x29d0 nf_conntrack_in+0x612/0x8b0 nf_hook_slow+0x70/0x100 __ip_local_out+0x1b2/0x210 tcp_sendmsg_locked+0x722/0x1580 __sys_sendto+0x2d8/0x320 Allocated by task 75: nft_ct_timeout_obj_init+0xf6/0x290 nft_obj_init+0x107/0x1b0 nf_tables_newobj+0x680/0x9c0 nfnetlink_rcv_batch+0xc29/0xe00 Freed by task 26: nft_obj_destroy+0x3f/0xa0 nf_tables_trans_destroy_work+0x51c/0x5c0 process_one_work+0x2c4/0x5a0
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU to guarantee socket memory stability during RCU read-side critical sections. Both tcp_prot and tcpv6_prot have their slab caches created with this flag via proto_register(). However, MPTCP's mptcp_subflow_init() copies tcpv6_prot into tcpv6_prot_override during inet_init() (fs_initcall, level 5), before inet6_init() (module_init/device_initcall, level 6) has called proto_register(&tcpv6_prot). At that point, tcpv6_prot.slab is still NULL, so tcpv6_prot_override.slab remains NULL permanently. This causes MPTCP v6 subflow child sockets to be allocated via kmalloc (falling into kmalloc-4k) instead of the TCPv6 slab cache. The kmalloc-4k cache lacks SLAB_TYPESAFE_BY_RCU, so when these sockets are freed without SOCK_RCU_FREE (which is cleared for child sockets by design), the memory can be immediately reused. Concurrent ehash lookups under rcu_read_lock can then access freed memory, triggering a slab-use-after-free in __inet_lookup_established. Fix this by splitting the IPv6-specific initialization out of mptcp_subflow_init() into a new mptcp_subflow_v6_init(), called from mptcp_proto_v6_init() before protocol registration. This ensures tcpv6_prot_override.slab correctly inherits the SLAB_TYPESAFE_BY_RCU slab cache.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causing a potential out of memory situation. Prevent this from bounding the number of pending rfkill events at a "large" number (i.e. 1000) to prevent abuses like this.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace. Fix that up by zeroing the structure before setting individual member variables.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr during rule installation so malformed rules are rejected before the match logic can use an out-of-range value.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: flowlabel: defer exclusive option free until RCU teardown `ip6fl_seq_show()` walks the global flowlabel hash under the seq-file RCU read-side lock and prints `fl->opt->opt_nflen` when an option block is present. Exclusive flowlabels currently free `fl->opt` as soon as `fl->users` drops to zero in `fl_release()`. However, the surrounding `struct ip6_flowlabel` remains visible in the global hash table until later garbage collection removes it and `fl_free_rcu()` finally tears it down. A concurrent `/proc/net/ip6_flowlabel` reader can therefore race that early `kfree()` and dereference freed option state, triggering a crash in `ip6fl_seq_show()`. Fix this by keeping `fl->opt` alive until `fl_free_rcu()`. That matches the lifetime already required for the enclosing flowlabel while readers can still reach it under RCU.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] and assumes that these options are in the linear part of request. Its callers only guarantee that the ICMPv6 header and target address are available, so the option area can still be non-linear. Parsing ns->opt[] in that case can access data past the linear buffer. Linearize request before option parsing and derive ns from the linear network header.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and rx_scratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources allocated earlier in the function. Rework the failure path to use staged local unwind labels and free allocated resources in reverse order before returning -ENOMEM. This matches common netdev allocation cleanup style.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: validate ND option lengths br_nd_send() walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option payload. Validate option lengths against the remaining NS option area before advancing, and only read source LLADDR when the option is large enough for an Ethernet address.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Move iio_device_register() to correct location iio_device_register() should be at the end of the probe function to prevent race conditions. Place iio_device_register() at the end of the probe function and place iio_device_unregister() accordingly.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() Add a DMA-safe buffer and use it for spi_read() instead of a stack memory. All SPI buffers must be DMA-safe. Since we only need up to 3 bytes, we just use a u8[] instead of __be16 and __be32 and change the conversion functions appropriately.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
libexpat before 2.7.5 allows an infinite loop while parsing DTD content.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
CWE-476 - NULL Pointer Dereference| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
CWE-331 - Insufficient Entropy| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at line 48 and returns 1 (error). This error propagates back through the call chain: x25_queue_rx_frame returns 1 | v x25_state3_machine receives the return value 1 and takes the else branch at line 278, setting queued=0 and returning 0 | v x25_process_rx_frame returns queued=0 | v x25_backlog_rcv at line 452 sees queued=0 and calls kfree_skb(skb) again This would free the same skb twice. Looking at x25_backlog_rcv: net/x25/x25_in.c:x25_backlog_rcv() { ... queued = x25_process_rx_frame(sk, skb); ... if (!queued) kfree_skb(skb); }
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject immediate NF_QUEUE verdict nft_queue is always used from userspace nftables to deliver the NF_QUEUE verdict. Immediately emitting an NF_QUEUE verdict is never used by the userspace nft tools, so reject immediate NF_QUEUE verdicts. The arp family does not provide queue support, but such an immediate verdict is still reachable. Globally reject NF_QUEUE immediate verdicts to address this issue.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existing master conntrack helper, anything else is not really supported and it just makes validation more complicated, so just ignore what helper userspace suggests for this expectation. This was uncovered when validating CTA_EXPECT_CLASS via different helper provided by userspace than the existing master conntrack helper: BUG: KASAN: slab-out-of-bounds in nf_ct_expect_related_report+0x2479/0x27c0 Read of size 4 at addr ffff8880043fe408 by task poc/102 Call Trace: nf_ct_expect_related_report+0x2479/0x27c0 ctnetlink_create_expect+0x22b/0x3b0 ctnetlink_new_expect+0x4bd/0x5c0 nfnetlink_rcv_msg+0x67a/0x950 netlink_rcv_skb+0x120/0x350 Allowing to read kernel memory bytes off the expectation boundary. CTA_EXPECT_HELP_NAME is still used to offer the helper name to userspace via netlink dump.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent ctnetlink_alloc_expect() allocates expectations from a non-zeroing slab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not present in the netlink message, saved_addr and saved_proto are never initialized. Stale data from a previous slab occupant can then be dumped to userspace by ctnetlink_exp_dump_expect(), which checks these fields to decide whether to emit CTA_EXPECT_NAT. The safe sibling nf_ct_expect_init(), used by the packet path, explicitly zeroes these fields. Zero saved_addr, saved_proto and dir in the else branch, guarded by IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when NAT is enabled. Confirmed by priming the expect slab with NAT-bearing expectations, freeing them, creating a new expectation without CTA_EXPECT_NAT, and observing that the ctnetlink dump emits a spurious CTA_EXPECT_NAT containing stale data from the prior allocation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_helper: pass helper to expect cleanup nf_conntrack_helper_unregister() calls nf_ct_expect_iterate_destroy() to remove expectations belonging to the helper being unregistered. However, it passes NULL instead of the helper pointer as the data argument, so expect_iter_me() never matches any expectation and all of them survive the cleanup. After unregister returns, nfnl_cthelper_del() frees the helper object immediately. Subsequent expectation dumps or packet-driven init_conntrack() calls then dereference the freed exp->helper, causing a use-after-free. Pass the actual helper pointer so expectations referencing it are properly destroyed before the helper object is freed. BUG: KASAN: slab-use-after-free in string+0x38f/0x430 Read of size 1 at addr ffff888003b14d20 by task poc/103 Call Trace: string+0x38f/0x430 vsnprintf+0x3cc/0x1170 seq_printf+0x17a/0x240 exp_seq_show+0x2e5/0x560 seq_read_iter+0x419/0x1280 proc_reg_read+0x1ac/0x270 vfs_read+0x179/0x930 ksys_read+0xef/0x1c0 Freed by task 103: The buggy address is located 32 bytes inside of freed 192-byte region [ffff888003b14d00, ffff888003b14dc0)
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe() for pointers to packet In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N regsafe() may return true which may lead to current state with valid packet range not being explored. Fix the bug.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src != dst), there is no need to save the high-order sequence bits in dst as it could simply be re-copied from the source. However, the data to be hashed need to be rearranged accordingly. Thanks,
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak When building netlink messages, tc_chain_fill_node() never initializes the tcm_info field of struct tcmsg. Since the allocation is not zeroed, kernel heap memory is leaked to userspace through this 4-byte field. The fix simply zeroes tcm_info alongside the other fields that are already initialized.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inet_skb_parm. When skb is cloned into skb2 and passed to icmp6_send(), it uses IP6CB(skb2). IP6CB interprets the IPv4 inet_skb_parm as an inet6_skb_parm. The cipso offset in inet_skb_parm.opt directly overlaps with dsthao in inet6_skb_parm at offset 18. If an attacker sends a forged ICMPv4 error with a CIPSO IP option, dsthao would be a non-zero offset. Inside icmp6_send(), mip6_addr_swap() is called and uses ipv6_find_tlv(skb, opt->dsthao, IPV6_TLV_HAO). This would scan the inner, attacker-controlled IPv6 packet starting at that offset, potentially returning a fake TLV without checking if the remaining packet length can hold the full 18-byte struct ipv6_destopt_hao. Could mip6_addr_swap() then perform a 16-byte swap that extends past the end of the packet data into skb_shared_info? Should the cb array also be cleared in ip6_err_gen_icmpv6_unreach() and ip6ip6_err() to prevent this? This patch implements the first suggestion. I am not sure if ip6ip6_err() needs to be changed. A separate patch would be better anyway.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct has three padding fields that are never zeroed and can leak kernel data The fix is simple, just zeroes the padding fields.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback NETIF_F_IPV6_CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software checksumming. Since TSO depends on checksum offload, those must revert to GSO. The below commit introduces that fallback. It always checks network header length. For tunneled packets, the inner header length must be checked instead. Extend the check accordingly. A special case is tunneled packets without inner IP protocol. Such as RFC 6951 SCTP in UDP. Those are not standard IPv6 followed by transport header either, so also must revert to the software GSO path.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt externally backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.
CWE-407 - Inefficient Algorithmic Complexity| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5 < V3.1.6
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5 < V3.1.6
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5|<3.1.6 |
Mitigation
Mitigation
Vendor Fix
fix
|
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)
|
6ES7518-4AX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)
|
6ES7518-4AX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)
|
6ES7518-4FX00-1AB0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) >= V3.1.5
Siemens / SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)
|
6ES7518-4FX00-1AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
|
SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) >= V3.1.5
Siemens / SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)
|
6AG1518-4AX00-4AC0
|
vers:intdot/>=3.1.5 |
Mitigation
Mitigation
None Available
|
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nSiemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.\n\nNote: This SSA advises vulnerabilities for firmware version V3.1.5 only; for version V3.1.6 refer to SSA-019113.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"category": "self",
"summary": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-082556.json"
}
],
"title": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5",
"tracking": {
"current_release_date": "2026-07-14T00:00:00.000Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-082556",
"initial_release_date": "2025-06-10T00:00:00.000Z",
"revision_history": [
{
"date": "2025-06-10T00:00:00.000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-08-12T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990"
},
{
"date": "2026-01-13T00:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added CVE-2025-66382, CVE-2025-39929, CVE-2025-39931, CVE-2025-39977, CVE-2025-40022, CVE-2025-11082, CVE-2025-11083, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-11839, CVE-2025-11840, CVE-2025-9230, CVE-2025-9232, CVE-2025-3198, CVE-2025-5244, CVE-2025-5245, CVE-2025-7545, CVE-2025-7546, CVE-2025-8224, CVE-2025-7425, CVE-2025-59375"
},
{
"date": "2026-02-10T00:00:00.000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added 22 CVEs"
},
{
"date": "2026-03-10T00:00:00.000Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Added 36 CVEs"
},
{
"date": "2026-05-12T00:00:00.000Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Added CVE-2026-31431"
},
{
"date": "2026-07-14T00:00:00.000Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Added 167 CVEs; Added fix for CVE-2026-32776, CVE-2026-32777, CVE-2026-32778, CVE-2026-3904, CVE-2026-4046, CVE-2026-41080, CVE-2026-4437, CVE-2026-4438, CVE-2026-45186, CVE-2026-5435, CVE-2026-5450, CVE-2026-5928, CVE-2026-6238"
}
],
"status": "interim",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) \u003e= V3.1.5",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AB0"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5|\u003c3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0) \u003e= V3.1.5 \u003c V3.1.6",
"product_id": "2",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) \u003e= V3.1.5",
"product_id": "3",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AC0"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5|\u003c3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0) \u003e= V3.1.5 \u003c V3.1.6",
"product_id": "4",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) \u003e= V3.1.5",
"product_id": "5",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AB0"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5|\u003c3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0) \u003e= V3.1.5 \u003c V3.1.6",
"product_id": "6",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) \u003e= V3.1.5",
"product_id": "7",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AC0"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5|\u003c3.1.6",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0) \u003e= V3.1.5 \u003c V3.1.6",
"product_id": "8",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) \u003e= V3.1.5",
"product_id": "9",
"product_identification_helper": {
"model_numbers": [
"6AG1518-4AX00-4AC0"
]
}
}
},
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5|\u003c3.1.6",
"product": {
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0) \u003e= V3.1.5 \u003c V3.1.6",
"product_id": "10",
"product_identification_helper": {
"model_numbers": [
"6AG1518-4AX00-4AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "description",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-4527",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-4527"
},
{
"cve": "CVE-2023-4806",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-4806"
},
{
"cve": "CVE-2023-4911",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-4911"
},
{
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-684",
"name": "Incorrect Provision of Specified Functionality"
},
"notes": [
{
"category": "description",
"text": "Issue summary: A bug has been identified in the processing of key and\ninitialisation vector (IV) lengths. This can lead to potential truncation\nor overruns during the initialisation of some symmetric ciphers.\n\nImpact summary: A truncation in the IV can result in non-uniqueness,\nwhich could result in loss of confidentiality for some cipher modes.\n\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or\nEVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after\nthe key and IV have been established. Any alterations to the key length,\nvia the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter,\nwithin the OSSL_PARAM array will not take effect as intended, potentially\ncausing truncation or overreading of these values. The following ciphers\nand cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\n\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in\nloss of confidentiality. For example, when following NIST\u0027s SP 800-38D\nsection 8.2.1 guidance for constructing a deterministic IV for AES in\nGCM mode, truncation of the counter portion could lead to IV reuse.\n\nBoth truncations and overruns of the key and overruns of the IV will\nproduce incorrect results and could, in some cases, trigger a memory\nexception. However, these issues are not currently assessed as security\ncritical.\n\nChanging the key and/or IV lengths is not considered to be a common operation\nand the vulnerable API was recently introduced. Furthermore it is likely that\napplication developers will have spotted this problem during testing since\ndecryption would fail unless both peers in the communication were similarly\nvulnerable. For these reasons we expect the probability of an application being\nvulnerable to this to be quite low. However if an application is vulnerable then\nthis issue is considered very serious. For these reasons we have assessed this\nissue as Moderate severity overall.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\n\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because\nthe issue lies outside of the FIPS provider boundary.\n\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2023-6246",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-6246"
},
{
"cve": "CVE-2023-6779",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-6779"
},
{
"cve": "CVE-2023-6780",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-6780"
},
{
"cve": "CVE-2023-28531",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "description",
"text": "ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-28531"
},
{
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy\nhandshake.\n\nWhen curl is asked to pass along the host name to the SOCKS5 proxy to allow\nthat to resolve the address instead of it getting done by curl itself, the\nmaximum length that host name can be is 255 bytes.\n\nIf the host name is detected to be longer, curl switches to local name\nresolving and instead passes on the resolved address only. Due to this bug,\nthe local variable that means \"let the host resolve the name\" could get the\nwrong value during a slow SOCKS5 handshake, and contrary to the intention,\ncopy the too long host name to the target buffer instead of copying just the\nresolved address there.\n\nThe target buffer being a heap based buffer, and the host name coming from the\nURL that curl has been told to operate with.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "description",
"text": "This flaw allows an attacker to insert cookies at will into a running program\nusing libcurl, if the specific series of conditions are met.\n\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\nthat are the individual handles for single transfers.\n\nlibcurl provides a function call that duplicates en easy handle called\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\n\nIf a transfer has cookies enabled when the handle is duplicated, the\ncookie-enable state is also cloned - but without cloning the actual\ncookies. If the source handle did not read any cookies from a specific file on\ndisk, the cloned version of the handle would instead store the file name as\n`none` (using the four ASCII letters, no quotes).\n\nSubsequent use of the cloned handle that does not explicitly set a source to\nload cookies from would then inadvertently load cookies from a file named\n`none` - if such a file exists and is readable in the current directory of the\nprogram using libcurl. And if using the correct file format of course.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"cwe": {
"id": "CWE-178",
"name": "Improper Handling of Case Sensitivity"
},
"notes": [
{
"category": "description",
"text": "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that\nare then passed back to more origins than what is otherwise allowed or\npossible. This allows a site to set cookies that then would get sent to\ndifferent and unrelated sites and domains.\n\nIt could do this by exploiting a mixed case flaw in curl\u0027s function that\nverifies a given cookie domain against the Public Suffix List (PSL). For\nexample a cookie could be set with `domain=co.UK` when the URL used a lower\ncase hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "description",
"text": "When saving HSTS data to an excessively long file name, curl could end up\nremoving all contents, making subsequent requests using that file unaware of\nthe HSTS status they should otherwise use.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"notes": [
{
"category": "description",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "description",
"text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52927",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "description",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "description",
"text": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-12243",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-12243"
},
{
"cve": "CVE-2024-24855",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-26596",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events\n\nAfter the blamed commit, we started doing this dereference for every\nNETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the system.\n\nstatic inline struct dsa_port *dsa_user_to_port(const struct net_device *dev)\n{\n\tstruct dsa_user_priv *p = netdev_priv(dev);\n\n\treturn p-\u003edp;\n}\n\nWhich is obviously bogus, because not all net_devices have a netdev_priv()\nof type struct dsa_user_priv. But struct dsa_user_priv is fairly small,\nand p-\u003edp means dereferencing 8 bytes starting with offset 16. Most\ndrivers allocate that much private memory anyway, making our access not\nfault, and we discard the bogus data quickly afterwards, so this wasn\u0027t\ncaught.\n\nBut the dummy interface is somewhat special in that it calls\nalloc_netdev() with a priv size of 0. So every netdev_priv() dereference\nis invalid, and we get this when we emit a NETDEV_PRECHANGEUPPER event\nwith a VLAN as its new upper:\n\n$ ip link add dummy1 type dummy\n$ ip link add link dummy1 name dummy1.100 type vlan id 100\n[ 43.309174] ==================================================================\n[ 43.316456] BUG: KASAN: slab-out-of-bounds in dsa_user_prechangeupper+0x30/0xe8\n[ 43.323835] Read of size 8 at addr ffff3f86481d2990 by task ip/374\n[ 43.330058]\n[ 43.342436] Call trace:\n[ 43.366542] dsa_user_prechangeupper+0x30/0xe8\n[ 43.371024] dsa_user_netdevice_event+0xb38/0xee8\n[ 43.375768] notifier_call_chain+0xa4/0x210\n[ 43.379985] raw_notifier_call_chain+0x24/0x38\n[ 43.384464] __netdev_upper_dev_link+0x3ec/0x5d8\n[ 43.389120] netdev_upper_dev_link+0x70/0xa8\n[ 43.393424] register_vlan_dev+0x1bc/0x310\n[ 43.397554] vlan_newlink+0x210/0x248\n[ 43.401247] rtnl_newlink+0x9fc/0xe30\n[ 43.404942] rtnetlink_rcv_msg+0x378/0x580\n\nAvoid the kernel oops by dereferencing after the type check, as customary.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-28085",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"notes": [
{
"category": "description",
"text": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users\u0027 terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "nscd: Stack-based buffer overflow in netgroup cache\n\nIf the Name Service Cache Daemon\u0027s (nscd) fixed size cache is exhausted\nby client requests then a subsequent client request for netgroup data\nmay result in a stack-based buffer overflow. This flaw was introduced\nin glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "nscd: Null pointer crashes after notfound response\n\nIf the Name Service Cache Daemon\u0027s (nscd) cache fails to add a not-found\nnetgroup response to the cache, the client request can result in a null\npointer dereference. This flaw was introduced in glibc 2.15 when the\ncache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "nscd: netgroup cache may terminate daemon on memory allocation failure\n\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache uses xmalloc or\nxrealloc and these functions may terminate the process due to a memory\nallocation failure resulting in a denial of service to the clients. The\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "description",
"text": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\n\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache can corrupt memory\nwhen the NSS callback does not store all strings in the provided buffer.\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\n\nThis vulnerability is only present in the nscd binary.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34397",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"notes": [
{
"category": "description",
"text": "An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "description",
"text": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-47736",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: handle overlapped pclusters out of crafted images properly\n\nsyzbot reported a task hang issue due to a deadlock case where it is\nwaiting for the folio lock of a cached folio that will be used for\ncache I/Os.\n\nAfter looking into the crafted fuzzed image, I found it\u0027s formed with\nseveral overlapped big pclusters as below:\n\n Ext: logical offset | length : physical offset | length\n 0: 0.. 16384 | 16384 : 151552.. 167936 | 16384\n 1: 16384.. 32768 | 16384 : 155648.. 172032 | 16384\n 2: 32768.. 49152 | 16384 : 537223168.. 537239552 | 16384\n...\n\nHere, extent 0/1 are physically overlapped although it\u0027s entirely\n_impossible_ for normal filesystem images generated by mkfs.\n\nFirst, managed folios containing compressed data will be marked as\nup-to-date and then unlocked immediately (unlike in-place folios) when\ncompressed I/Os are complete. If physical blocks are not submitted in\nthe incremental order, there should be separate BIOs to avoid dependency\nissues. However, the current code mis-arranges z_erofs_fill_bio_vec()\nand BIO submission which causes unexpected BIO waits.\n\nSecond, managed folios will be connected to their own pclusters for\nefficient inter-queries. However, this is somewhat hard to implement\neasily if overlapped big pclusters exist. Again, these only appear in\nfuzzed images so let\u0027s simply fall back to temporary short-lived pages\nfor correctness.\n\nAdditionally, it justifies that referenced managed folios cannot be\ntruncated for now and reverts part of commit 2080ca1ed3e4 (\"erofs: tidy\nup `struct z_erofs_bvec`\") for simplicity although it shouldn\u0027t be any\ndifference.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-47736"
},
{
"cve": "CVE-2024-47809",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: fix possible lkb_resource null dereference\n\nThis patch fixes a possible null pointer dereference when this function is\ncalled from request_lock() as lkb-\u003elkb_resource is not assigned yet,\nonly after validate_lock_args() by calling attach_lkb(). Another issue\nis that a resource name could be a non printable bytearray and we cannot\nassume to be ASCII coded.\n\nThe log functionality is probably never being hit when DLM is used in\nnormal way and no debug logging is enabled. The null pointer dereference\ncan only occur on a new created lkb that does not have the resource\nassigned yet, it probably never hits the null pointer dereference but we\nshould be sure that other changes might not change this behaviour and we\nactually can hit the mentioned null pointer dereference.\n\nIn this patch we just drop the printout of the resource name, the lkb id\nis enough to make a possible connection to a resource name if this\nexists.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-47809"
},
{
"cve": "CVE-2024-49998",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: improve shutdown sequence\n\nAlexander Sverdlin presents 2 problems during shutdown with the\nlan9303 driver. One is specific to lan9303 and the other just happens\nto reproduce there.\n\nThe first problem is that lan9303 is unique among DSA drivers in that it\ncalls dev_get_drvdata() at \"arbitrary runtime\" (not probe, not shutdown,\nnot remove):\n\nphy_state_machine()\n-\u003e ...\n -\u003e dsa_user_phy_read()\n -\u003e ds-\u003eops-\u003ephy_read()\n -\u003e lan9303_phy_read()\n -\u003e chip-\u003eops-\u003ephy_read()\n -\u003e lan9303_mdio_phy_read()\n -\u003e dev_get_drvdata()\n\nBut we never stop the phy_state_machine(), so it may continue to run\nafter dsa_switch_shutdown(). Our common pattern in all DSA drivers is\nto set drvdata to NULL to suppress the remove() method that may come\nafterwards. But in this case it will result in an NPD.\n\nThe second problem is that the way in which we set\ndp-\u003econduit-\u003edsa_ptr = NULL; is concurrent with receive packet\nprocessing. dsa_switch_rcv() checks once whether dev-\u003edsa_ptr is NULL,\nbut afterwards, rather than continuing to use that non-NULL value,\ndev-\u003edsa_ptr is dereferenced again and again without NULL checks:\ndsa_conduit_find_user() and many other places. In between dereferences,\nthere is no locking to ensure that what was valid once continues to be\nvalid.\n\nBoth problems have the common aspect that closing the conduit interface\nsolves them.\n\nIn the first case, dev_close(conduit) triggers the NETDEV_GOING_DOWN\nevent in dsa_user_netdevice_event() which closes user ports as well.\ndsa_port_disable_rt() calls phylink_stop(), which synchronously stops\nthe phylink state machine, and ds-\u003eops-\u003ephy_read() will thus no longer\ncall into the driver after this point.\n\nIn the second case, dev_close(conduit) should do this, as per\nDocumentation/networking/driver.rst:\n\n| Quiescence\n| ----------\n|\n| After the ndo_stop routine has been called, the hardware must\n| not receive or transmit any data. All in flight packets must\n| be aborted. If necessary, poll or wait for completion of\n| any reset commands.\n\nSo it should be sufficient to ensure that later, when we zeroize\nconduit-\u003edsa_ptr, there will be no concurrent dsa_switch_rcv() call\non this conduit.\n\nThe addition of the netif_device_detach() function is to ensure that\nioctls, rtnetlinks and ethtool requests on the user ports no longer\npropagate down to the driver - we\u0027re no longer prepared to handle them.\n\nThe race condition actually did not exist when commit 0650bf52b31f\n(\"net: dsa: be compatible with masters which unregister on shutdown\")\nfirst introduced dsa_switch_shutdown(). It was created later, when we\nstopped unregistering the user interfaces from a bad spot, and we just\nreplaced that sequence with a racy zeroization of conduit-\u003edsa_ptr\n(one which doesn\u0027t ensure that the interfaces aren\u0027t up).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-49998"
},
{
"cve": "CVE-2024-50246",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add rough attr alloc_size check",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-50246"
},
{
"cve": "CVE-2024-50298",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: allocate vf_state during PF probes\n\nIn the previous implementation, vf_state is allocated memory only when VF\nis enabled. However, net_device_ops::ndo_set_vf_mac() may be called before\nVF is enabled to configure the MAC address of VF. If this is the case,\nenetc_pf_set_vf_mac() will access vf_state, resulting in access to a null\npointer. The simplified error log is as follows.\n\nroot@ls1028ardb:~# ip link set eno0 vf 1 mac 00:0c:e7:66:77:89\n[ 173.543315] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n[ 173.637254] pc : enetc_pf_set_vf_mac+0x3c/0x80 Message from sy\n[ 173.641973] lr : do_setlink+0x4a8/0xec8\n[ 173.732292] Call trace:\n[ 173.734740] enetc_pf_set_vf_mac+0x3c/0x80\n[ 173.738847] __rtnl_newlink+0x530/0x89c\n[ 173.742692] rtnl_newlink+0x50/0x7c\n[ 173.746189] rtnetlink_rcv_msg+0x128/0x390\n[ 173.750298] netlink_rcv_skb+0x60/0x130\n[ 173.754145] rtnetlink_rcv+0x18/0x24\n[ 173.757731] netlink_unicast+0x318/0x380\n[ 173.761665] netlink_sendmsg+0x17c/0x3c8",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-50298"
},
{
"cve": "CVE-2024-53166",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix bfqq uaf in bfq_limit_depth()\n\nSet new allocated bfqq to bic or remove freed bfqq from bic are both\nprotected by bfqd-\u003elock, however bfq_limit_depth() is deferencing bfqq\nfrom bic without the lock, this can lead to UAF if the io_context is\nshared by multiple tasks.\n\nFor example, test bfq with io_uring can trigger following UAF in v6.6:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in bfqq_group+0x15/0x50\n\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x80\n print_address_description.constprop.0+0x66/0x300\n print_report+0x3e/0x70\n kasan_report+0xb4/0xf0\n bfqq_group+0x15/0x50\n bfqq_request_over_limit+0x130/0x9a0\n bfq_limit_depth+0x1b5/0x480\n __blk_mq_alloc_requests+0x2b5/0xa00\n blk_mq_get_new_requests+0x11d/0x1d0\n blk_mq_submit_bio+0x286/0xb00\n submit_bio_noacct_nocheck+0x331/0x400\n __block_write_full_folio+0x3d0/0x640\n writepage_cb+0x3b/0xc0\n write_cache_pages+0x254/0x6c0\n write_cache_pages+0x254/0x6c0\n do_writepages+0x192/0x310\n filemap_fdatawrite_wbc+0x95/0xc0\n __filemap_fdatawrite_range+0x99/0xd0\n filemap_write_and_wait_range.part.0+0x4d/0xa0\n blkdev_read_iter+0xef/0x1e0\n io_read+0x1b6/0x8a0\n io_issue_sqe+0x87/0x300\n io_wq_submit_work+0xeb/0x390\n io_worker_handle_work+0x24d/0x550\n io_wq_worker+0x27f/0x6c0\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nAllocated by task 808602:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n __kasan_slab_alloc+0x83/0x90\n kmem_cache_alloc_node+0x1b1/0x6d0\n bfq_get_queue+0x138/0xfa0\n bfq_get_bfqq_handle_split+0xe3/0x2c0\n bfq_init_rq+0x196/0xbb0\n bfq_insert_request.isra.0+0xb5/0x480\n bfq_insert_requests+0x156/0x180\n blk_mq_insert_request+0x15d/0x440\n blk_mq_submit_bio+0x8a4/0xb00\n submit_bio_noacct_nocheck+0x331/0x400\n __blkdev_direct_IO_async+0x2dd/0x330\n blkdev_write_iter+0x39a/0x450\n io_write+0x22a/0x840\n io_issue_sqe+0x87/0x300\n io_wq_submit_work+0xeb/0x390\n io_worker_handle_work+0x24d/0x550\n io_wq_worker+0x27f/0x6c0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x1b/0x30\n\nFreed by task 808589:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_save_free_info+0x27/0x40\n __kasan_slab_free+0x126/0x1b0\n kmem_cache_free+0x10c/0x750\n bfq_put_queue+0x2dd/0x770\n __bfq_insert_request.isra.0+0x155/0x7a0\n bfq_insert_request.isra.0+0x122/0x480\n bfq_insert_requests+0x156/0x180\n blk_mq_dispatch_plug_list+0x528/0x7e0\n blk_mq_flush_plug_list.part.0+0xe5/0x590\n __blk_flush_plug+0x3b/0x90\n blk_finish_plug+0x40/0x60\n do_writepages+0x19d/0x310\n filemap_fdatawrite_wbc+0x95/0xc0\n __filemap_fdatawrite_range+0x99/0xd0\n filemap_write_and_wait_range.part.0+0x4d/0xa0\n blkdev_read_iter+0xef/0x1e0\n io_read+0x1b6/0x8a0\n io_issue_sqe+0x87/0x300\n io_wq_submit_work+0xeb/0x390\n io_worker_handle_work+0x24d/0x550\n io_wq_worker+0x27f/0x6c0\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x1b/0x30\n\nFix the problem by protecting bic_to_bfqq() with bfqd-\u003elock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-53166"
},
{
"cve": "CVE-2024-56719",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-57924",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem \u003eencode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when -\u003eencode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of -\u003eencode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels \u003c v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels \u003c v6.6.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemcg: fix soft lockup in the OOM process\n\nA soft lockup issue was found in the product with about 56,000 tasks were\nin the OOM cgroup, it was traversing them when the soft lockup was\ntriggered.\n\nwatchdog: BUG: soft lockup - CPU#2 stuck for 23s! [VM Thread:1503066]\nCPU: 2 PID: 1503066 Comm: VM Thread Kdump: loaded Tainted: G\nHardware name: Huawei Cloud OpenStack Nova, BIOS\nRIP: 0010:console_unlock+0x343/0x540\nRSP: 0000:ffffb751447db9a0 EFLAGS: 00000247 ORIG_RAX: ffffffffffffff13\nRAX: 0000000000000001 RBX: 0000000000000000 RCX: 00000000ffffffff\nRDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000247\nRBP: ffffffffafc71f90 R08: 0000000000000000 R09: 0000000000000040\nR10: 0000000000000080 R11: 0000000000000000 R12: ffffffffafc74bd0\nR13: ffffffffaf60a220 R14: 0000000000000247 R15: 0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f2fe6ad91f0 CR3: 00000004b2076003 CR4: 0000000000360ee0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n vprintk_emit+0x193/0x280\n printk+0x52/0x6e\n dump_task+0x114/0x130\n mem_cgroup_scan_tasks+0x76/0x100\n dump_header+0x1fe/0x210\n oom_kill_process+0xd1/0x100\n out_of_memory+0x125/0x570\n mem_cgroup_out_of_memory+0xb5/0xd0\n try_charge+0x720/0x770\n mem_cgroup_try_charge+0x86/0x180\n mem_cgroup_try_charge_delay+0x1c/0x40\n do_anonymous_page+0xb5/0x390\n handle_mm_fault+0xc4/0x1f0\n\nThis is because thousands of processes are in the OOM cgroup, it takes a\nlong time to traverse all of them. As a result, this lead to soft lockup\nin the OOM process.\n\nTo fix this issue, call \u0027cond_resched\u0027 in the \u0027mem_cgroup_scan_tasks\u0027\nfunction per 1000 iterations. For global OOM, call\n\u0027touch_softlockup_watchdog\u0027 per 1000 iterations to avoid this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57996",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-58005",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2025-3198",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-3198"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-4598"
},
{
"cve": "CVE-2025-5244",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-5244"
},
{
"cve": "CVE-2025-5245",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-5245"
},
{
"cve": "CVE-2025-6395",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-6395"
},
{
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-7425"
},
{
"cve": "CVE-2025-7545",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "description",
"text": "A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-7545"
},
{
"cve": "CVE-2025-7546",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-7546"
},
{
"cve": "CVE-2025-8224",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-8224"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2025-9232",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-9232"
},
{
"cve": "CVE-2025-11082",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with \"[f]ixed for 2.46\".",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11082"
},
{
"cve": "CVE-2025-11083",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with \"[f]ixed for 2.46\".",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11083"
},
{
"cve": "CVE-2025-11412",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11412"
},
{
"cve": "CVE-2025-11413",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11413"
},
{
"cve": "CVE-2025-11414",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11414"
},
{
"cve": "CVE-2025-11494",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11494"
},
{
"cve": "CVE-2025-11495",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11495"
},
{
"cve": "CVE-2025-11839",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "description",
"text": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11839"
},
{
"cve": "CVE-2025-11840",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-11840"
},
{
"cve": "CVE-2025-21676",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: handle page_pool_dev_alloc_pages error\n\nThe fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did\nnot handle the case when it returned NULL. There was a WARN_ON(!new_page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis case does seem somewhat rare but when the system is under memory\npressure it can happen. One case where I can duplicate this with some\nfrequency is when writing over a smbd share to a SATA HDD attached to an\nimx6q.\n\nSetting /proc/sys/vm/min_free_kbytes to higher values also seems to solve\nthe problem for my test case. But it still seems wrong that the fec driver\nignores the memory allocation error and can crash.\n\nThis commit handles the allocation error by dropping the current packet.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21676"
},
{
"cve": "CVE-2025-21682",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: always recalculate features after XDP clearing, fix null-deref\n\nRecalculate features when XDP is detached.\n\nBefore:\n # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp\n # ip li set dev eth0 xdp off\n # ethtool -k eth0 | grep gro\n rx-gro-hw: off [requested on]\n\nAfter:\n # ip li set dev eth0 xdp obj xdp_dummy.bpf.o sec xdp\n # ip li set dev eth0 xdp off\n # ethtool -k eth0 | grep gro\n rx-gro-hw: on\n\nThe fact that HW-GRO doesn\u0027t get re-enabled automatically is just\na minor annoyance. The real issue is that the features will randomly\ncome back during another reconfiguration which just happens to invoke\nnetdev_update_features(). The driver doesn\u0027t handle reconfiguring\ntwo things at a time very robustly.\n\nStarting with commit 98ba1d931f61 (\"bnxt_en: Fix RSS logic in\n__bnxt_reserve_rings()\") we only reconfigure the RSS hash table\nif the \"effective\" number of Rx rings has changed. If HW-GRO is\nenabled \"effective\" number of rings is 2x what user sees.\nSo if we are in the bad state, with HW-GRO re-enablement \"pending\"\nafter XDP off, and we lower the rings by / 2 - the HW-GRO rings\ndoing 2x and the ethtool -L doing / 2 may cancel each other out,\nand the:\n\n if (old_rx_rings != bp-\u003ehw_resc.resv_rx_rings \u0026\u0026\n\ncondition in __bnxt_reserve_rings() will be false.\nThe RSS map won\u0027t get updated, and we\u0027ll crash with:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000168\n RIP: 0010:__bnxt_hwrm_vnic_set_rss+0x13a/0x1a0\n bnxt_hwrm_vnic_rss_cfg_p5+0x47/0x180\n __bnxt_setup_vnic_p5+0x58/0x110\n bnxt_init_nic+0xb72/0xf50\n __bnxt_open_nic+0x40d/0xab0\n bnxt_open_nic+0x2b/0x60\n ethtool_set_channels+0x18c/0x1d0\n\nAs we try to access a freed ring.\n\nThe issue is present since XDP support was added, really, but\nprior to commit 98ba1d931f61 (\"bnxt_en: Fix RSS logic in\n__bnxt_reserve_rings()\") it wasn\u0027t causing major issues.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21682"
},
{
"cve": "CVE-2025-21701",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21712",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime\n\nAfter commit ec6bb299c7c3 (\"md/md-bitmap: add \u0027sync_size\u0027 into struct\nmd_bitmap_stats\"), following panic is reported:\n\nOops: general protection fault, probably for non-canonical address\nRIP: 0010:bitmap_get_stats+0x2b/0xa0\nCall Trace:\n \u003cTASK\u003e\n md_seq_show+0x2d2/0x5b0\n seq_read_iter+0x2b9/0x470\n seq_read+0x12f/0x180\n proc_reg_read+0x57/0xb0\n vfs_read+0xf6/0x380\n ksys_read+0x6c/0xf0\n do_syscall_64+0x82/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nRoot cause is that bitmap_get_stats() can be called at anytime if mddev\nis still there, even if bitmap is destroyed, or not fully initialized.\nDeferenceing bitmap in this case can crash the kernel. Meanwhile, the\nabove commit start to deferencing bitmap-\u003estorage, make the problem\neasier to trigger.\n\nFix the problem by protecting bitmap_get_stats() with bitmap_info.mutex.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21712"
},
{
"cve": "CVE-2025-21724",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()\n\nResolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()\nwhere shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift\n(an unsigned long value) could result in undefined behavior.\n\nThe constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds\n31 (e.g., pgshift = 63) the shift operation overflows, as the result\ncannot be represented in a 32-bit type.\n\nTo resolve this, the constant is updated to \"1UL\", promoting it to an\nunsigned long type to match the operand\u0027s type.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21728",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Send signals asynchronously if !preemptible\n\nBPF programs can execute in all kinds of contexts and when a program\nrunning in a non-preemptible context uses the bpf_send_signal() kfunc,\nit will cause issues because this kfunc can sleep.\nChange `irqs_disabled()` to `!preemptible()`.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21756",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21758",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n get_random_u32+0x4f/0x110\n clocksource_verify_choose_cpus+0xab/0x1a0\n clocksource_verify_percpu.part.0+0x6b/0x330\n clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled. This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs. The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix hang in nfsd4_shutdown_callback\n\nIf nfs4_client is in courtesy state then there is no point to send\nthe callback. This causes nfsd4_shutdown_callback to hang since\ncl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP\nnotifies NFSD that the connection was dropped.\n\nThis patch modifies nfsd4_run_cb_work to skip the RPC call if\nnfs4_client is in courtesy state.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21848",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21862",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "description",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2025-31115",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "description",
"text": "XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on the null pointer plus an offset. Applications and libraries that use the lzma_stream_decoder_mt function are affected. The bug has been fixed in XZ Utils 5.8.1, and the fix has been committed to the v5.4, v5.6, v5.8, and master branches in the xz Git repository. No new release packages will be made from the old stable branches, but a standalone patch is available that applies to all affected releases.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-31115"
},
{
"cve": "CVE-2025-32988",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.\n\nThis vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-32988"
},
{
"cve": "CVE-2025-32989",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "description",
"text": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-32989"
},
{
"cve": "CVE-2025-37945",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY\n\nDSA has 2 kinds of drivers:\n\n1. Those who call dsa_switch_suspend() and dsa_switch_resume() from\n their device PM ops: qca8k-8xxx, bcm_sf2, microchip ksz\n2. Those who don\u0027t: all others. The above methods should be optional.\n\nFor type 1, dsa_switch_suspend() calls dsa_user_suspend() -\u003e phylink_stop(),\nand dsa_switch_resume() calls dsa_user_resume() -\u003e phylink_start().\nThese seem good candidates for setting mac_managed_pm = true because\nthat is essentially its definition [1], but that does not seem to be the\nbiggest problem for now, and is not what this change focuses on.\n\nTalking strictly about the 2nd category of DSA drivers here (which\ndo not have MAC managed PM, meaning that for their attached PHYs,\nmdio_bus_phy_suspend() and mdio_bus_phy_resume() should run in full),\nI have noticed that the following warning from mdio_bus_phy_resume() is\ntriggered:\n\n\tWARN_ON(phydev-\u003estate != PHY_HALTED \u0026\u0026 phydev-\u003estate != PHY_READY \u0026\u0026\n\t\tphydev-\u003estate != PHY_UP);\n\nbecause the PHY state machine is running.\n\nIt\u0027s running as a result of a previous dsa_user_open() -\u003e ... -\u003e\nphylink_start() -\u003e phy_start() having been initiated by the user.\n\nThe previous mdio_bus_phy_suspend() was supposed to have called\nphy_stop_machine(), but it didn\u0027t. So this is why the PHY is in state\nPHY_NOLINK by the time mdio_bus_phy_resume() runs.\n\nmdio_bus_phy_suspend() did not call phy_stop_machine() because for\nphylink, the phydev-\u003eadjust_link function pointer is NULL. This seems a\ntechnicality introduced by commit fddd91016d16 (\"phylib: fix PAL state\nmachine restart on resume\"). That commit was written before phylink\nexisted, and was intended to avoid crashing with consumer drivers which\ndon\u0027t use the PHY state machine - phylink always does, when using a PHY.\nBut phylink itself has historically not been developed with\nsuspend/resume in mind, and apparently not tested too much in that\nscenario, allowing this bug to exist unnoticed for so long. Plus, prior\nto the WARN_ON(), it would have likely been invisible.\n\nThis issue is not in fact restricted to type 2 DSA drivers (according to\nthe above ad-hoc classification), but can be extrapolated to any MAC\ndriver with phylink and MDIO-bus-managed PHY PM ops. DSA is just where\nthe issue was reported. Assuming mac_managed_pm is set correctly, a\nquick search indicates the following other drivers might be affected:\n\n$ grep -Zlr PHYLINK_NETDEV drivers/ | xargs -0 grep -L mac_managed_pm\ndrivers/net/ethernet/atheros/ag71xx.c\ndrivers/net/ethernet/microchip/sparx5/sparx5_main.c\ndrivers/net/ethernet/microchip/lan966x/lan966x_main.c\ndrivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c\ndrivers/net/ethernet/freescale/fs_enet/fs_enet-main.c\ndrivers/net/ethernet/freescale/dpaa/dpaa_eth.c\ndrivers/net/ethernet/freescale/ucc_geth.c\ndrivers/net/ethernet/freescale/enetc/enetc_pf_common.c\ndrivers/net/ethernet/marvell/mvpp2/mvpp2_main.c\ndrivers/net/ethernet/marvell/mvneta.c\ndrivers/net/ethernet/marvell/prestera/prestera_main.c\ndrivers/net/ethernet/mediatek/mtk_eth_soc.c\ndrivers/net/ethernet/altera/altera_tse_main.c\ndrivers/net/ethernet/wangxun/txgbe/txgbe_phy.c\ndrivers/net/ethernet/meta/fbnic/fbnic_phylink.c\ndrivers/net/ethernet/tehuti/tn40_phy.c\ndrivers/net/ethernet/mscc/ocelot_net.c\n\nMake the existing conditions dependent on the PHY device having a\nphydev-\u003ephy_link_change() implementation equal to the default\nphy_link_change() provided by phylib. Otherwise, we implicitly know that\nthe phydev has the phylink-provided phylink_phy_change() callback, and\nwhen phylink is used, the PHY state machine always needs to be stopped/\nstarted on the suspend/resume path. The code is structured as such that\nif phydev-\u003ephy_link_change() is absent, it is a matter of time until the\nkernel will crash - no need to further complicate the test.\n\nThus, for the situation where the PM is not managed b\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-37945"
},
{
"cve": "CVE-2025-37980",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix resource leak in blk_register_queue() error path\n\nWhen registering a queue fails after blk_mq_sysfs_register() is\nsuccessful but the function later encounters an error, we need\nto clean up the blk_mq_sysfs resources.\n\nAdd the missing blk_mq_sysfs_unregister() call in the error path\nto properly clean up these resources and prevent a memory leak.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-37980"
},
{
"cve": "CVE-2025-38058",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - raising mnt_count after umount(2) has verified that victim is not busy, but before it has set MNT_SYNC_UMOUNT; in that case __legitimize_mnt() doesn\u0027t see that it\u0027s safe to quietly undo mnt_count increment and leaves dropping the reference to caller, where it\u0027ll be a full-blown mntput(). Check under mount_lock is needed; leaving the current one done before taking that makes no sense - it\u0027s nowhere near common enough to bother with.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38058"
},
{
"cve": "CVE-2025-38063",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQ_PREFLUSH When a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush() generates a flush_bio with REQ_OP_WRITE | REQ_PREFLUSH | REQ_SYNC, which causes the flush_bio to be throttled by wbt_wait()",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38063"
},
{
"cve": "CVE-2025-38067",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseq_cs is non-zero The rseq_cs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault on return to user-space if the value stored in the rseq_cs field doesn\u0027t point to a valid struct rseq_cs. The correct solution to this would be to fail the rseq registration when the rseq_cs field is non-zero. However, some older versions of glibc will reuse the rseq area of previous threads without clearing the rseq_cs field and will also terminate the process if the rseq registration fails in a secondary thread. This wasn\u0027t caught in testing because in this case the leftover rseq_cs does point to a valid struct rseq_cs. What we can do is clear the rseq_cs field on registration when it\u0027s non-zero which will prevent segfaults on registration and won\u0027t break the glibc versions that reuse rseq areas on thread creation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38067"
},
{
"cve": "CVE-2025-38071",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblock_phys_alloc_range() At least with CONFIG_PHYSICAL_START=0x100000, if there is \u003c 4 MiB of contiguous free memory available at this point, the kernel will crash and burn because memblock_phys_alloc_range() returns 0 on failure, which leads memblock_phys_free() to throw the first 4 MiB of physical memory to the wolves. At a minimum it should fail gracefully with a meaningful diagnostic, but in fact everything seems to work fine without the weird reserve allocation",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38071"
},
{
"cve": "CVE-2025-38079",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38079"
},
{
"cve": "CVE-2025-38083",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 [1]: lock root [2]: qdisc_tree_flush_backlog() [3]: unlock root | | [5]: lock root | [6]: rehash | [7]: qdisc_tree_reduce_backlog() | [4]: qdisc_put() This can be abused to underflow a parent\u0027s qlen. Calling qdisc_purge_queue() instead of qdisc_tree_flush_backlog() should fix the race, because all packets will be purged from the qdisc before releasing the lock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38083"
},
{
"cve": "CVE-2025-38100",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: x86/iopl: Cure TIF_IO_BITMAP inconsistencies io_bitmap_exit() is invoked from exit_thread() when a task exists or when a fork fails. In the latter case the exit_thread() cleans up resources which were allocated during fork(). io_bitmap_exit() invokes task_update_io_bitmap(), which in turn ends up in tss_update_io_bitmap(). tss_update_io_bitmap() operates on the current task. If current has TIF_IO_BITMAP set, but no bitmap installed, tss_update_io_bitmap() crashes with a NULL pointer dereference. There are two issues, which lead to that problem: 1) io_bitmap_exit() should not invoke task_update_io_bitmap() when the task, which is cleaned up, is not the current task. That\u0027s a clear indicator for a cleanup after a failed fork(). 2) A task should not have TIF_IO_BITMAP set and neither a bitmap installed nor IOPL emulation level 3 activated. This happens when a kernel thread is created in the context of a user space thread, which has TIF_IO_BITMAP set as the thread flags are copied and the IO bitmap pointer is cleared. Other than in the failed fork() case this has no impact because kernel threads including IO workers never return to user space and therefore never invoke tss_update_io_bitmap(). Cure this by adding the missing cleanups and checks: 1) Prevent io_bitmap_exit() to invoke task_update_io_bitmap() if the to be cleaned up task is not the current task. 2) Clear TIF_IO_BITMAP in copy_thread() unconditionally. For user space forks it is set later, when the IO bitmap is inherited in io_bitmap_share(). For paranoia sake, add a warning into tss_update_io_bitmap() to catch the case, when that code is invoked with inconsistent state",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38100"
},
{
"cve": "CVE-2025-38111",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like \u0027mdio-tools\u0027 to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed to the ioctl and it accepts any mdio address. Currently there is support for 32 addresses in kernel via PHY_MAX_ADDR define, but it is possible to pass higher value than that via ioctl. While read/write operation should generally fail in this case, mdiobus provides stats array, where wrong address may allow out-of-bounds read/write. Fix that by adding address verification before read/write operation. While this excludes this access from any statistics, it improves security of read/write operation",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38111"
},
{
"cve": "CVE-2025-38124",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skb_segment after pull from frag_list Commit a1e40ac5b5e9 (\"net: gso: fix udp gso fraglist segmentation after pull from frag_list\") detected invalid geometry in frag_list skbs and redirects them from skb_segment_list to more robust skb_segment. But some packets with modified geometry can also hit bugs in that code",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38124"
},
{
"cve": "CVE-2025-38162",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: prevent overflow in lookup table allocation\n\nWhen calculating the lookup table size, ensure the following\nmultiplication does not overflow:\n\n- desc-\u003efield_len[] maximum value is U8_MAX multiplied by\n NFT_PIPAPO_GROUPS_PER_BYTE(f) that can be 2, worst case.\n- NFT_PIPAPO_BUCKETS(f-\u003ebb) is 2^8, worst case.\n- sizeof(unsigned long), from sizeof(*f-\u003elt), lt in\n struct nft_pipapo_field.\n\nThen, use check_mul_overflow() to multiply by bucket size and then use\ncheck_add_overflow() to the alignment for avx2 (if needed). Finally, add\nlt_size_check_overflow() helper and use it to consolidate this.\n\nWhile at it, replace leftover allocation using the GFP_KERNEL to\nGFP_KERNEL_ACCOUNT for consistency, in pipapo_resize().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38162"
},
{
"cve": "CVE-2025-38167",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdr_first_de() return value The hdr_first_de() function returns a pointer to a struct NTFS_DE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help manage potential errors consistently. Additionally, error handling for the return value already exists at other points where this function is called. Found by Linux Verification Center (linuxtesting.org) with SVACE",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38167"
},
{
"cve": "CVE-2025-38192",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: clear the dst when changing skb protocol\n\nA not-so-careful NAT46 BPF program can crash the kernel\nif it indiscriminately flips ingress packets from v4 to v6:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n ip6_rcv_core (net/ipv6/ip6_input.c:190:20)\n ipv6_rcv (net/ipv6/ip6_input.c:306:8)\n process_backlog (net/core/dev.c:6186:4)\n napi_poll (net/core/dev.c:6906:9)\n net_rx_action (net/core/dev.c:7028:13)\n do_softirq (kernel/softirq.c:462:3)\n netif_rx (net/core/dev.c:5326:3)\n dev_loopback_xmit (net/core/dev.c:4015:2)\n ip_mc_finish_output (net/ipv4/ip_output.c:363:8)\n NF_HOOK (./include/linux/netfilter.h:314:9)\n ip_mc_output (net/ipv4/ip_output.c:400:5)\n dst_output (./include/net/dst.h:459:9)\n ip_local_out (net/ipv4/ip_output.c:130:9)\n ip_send_skb (net/ipv4/ip_output.c:1496:8)\n udp_send_skb (net/ipv4/udp.c:1040:8)\n udp_sendmsg (net/ipv4/udp.c:1328:10)\n\nThe output interface has a 4-\u003e6 program attached at ingress.\nWe try to loop the multicast skb back to the sending socket.\nIngress BPF runs as part of netif_rx(), pushes a valid v6 hdr\nand changes skb-\u003eprotocol to v6. We enter ip6_rcv_core which\ntries to use skb_dst(). But the dst is still an IPv4 one left\nafter IPv4 mcast output.\n\nClear the dst in all BPF helpers which change the protocol.\nTry to preserve metadata dsts, those may carry non-routing\nmetadata.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38192"
},
{
"cve": "CVE-2025-38198",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: fbcon: Make sure modelist not set on unregistered console It looks like attempting to write to the \"store_modes\" sysfs node will run afoul of unregistered consoles: UBSAN: array-index-out-of-bounds in drivers/video/fbdev/core/fbcon.c:122:28 index -1 is out of range for type \u0027fb_info *[32]\u0027 ... fbcon_info_from_console+0x192/0x1a0 drivers/video/fbdev/core/fbcon.c:122 fbcon_new_modelist+0xbf/0x2d0 drivers/video/fbdev/core/fbcon.c:3048 fb_new_modelist+0x328/0x440 drivers/video/fbdev/core/fbmem.c:673 store_modes+0x1c9/0x3e0 drivers/video/fbdev/core/fbsysfs.c:113 dev_attr_store+0x55/0x80 drivers/base/core.c:2439 static struct fb_info *fbcon_registered_fb[FB_MAX]; ... static signed char con2fb_map[MAX_NR_CONSOLES]; ... static struct fb_info *fbcon_info_from_console(int console) ... return fbcon_registered_fb[con2fb_map[console]]; If con2fb_map contains a -1 things go wrong here. Instead, return NULL, as callers of fbcon_info_from_console() are trying to compare against existing \"info\" pointers, so error handling should kick in correctly",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38198"
},
{
"cve": "CVE-2025-38201",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38201"
},
{
"cve": "CVE-2025-38212",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipc: fix to protect IPCS lookups using RCU\r\n\r\nsyzbot reported that it discovered a use-after-free vulnerability, [0]\r\n\r\n[0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/\r\n\r\nidr_for_each() is protected by rwsem, but this is not enough. If it is\r\nnot protected by RCU read-critical region, when idr_for_each() calls\r\nradix_tree_node_free() through call_rcu() to free the radix_tree_node\r\nstructure, the node will be freed immediately, and when reading the next\r\nnode in radix_tree_for_each_slot(), the already freed memory may be read.\r\n\r\nTherefore, we need to add code to make sure that idr_for_each() is\r\nprotected within the RCU read-critical region when we call it in\r\nshm_destroy_orphaned().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38212"
},
{
"cve": "CVE-2025-38214",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var\r\n\r\nIf fb_add_videomode() in fb_set_var() fails to allocate memory for\r\nfb_videomode, later it may lead to a null-ptr dereference in\r\nfb_videomode_to_var(), as the fb_info is registered while not having the\r\nmode in modelist that is expected to be there, i.e. the one that is\r\ndescribed in fb_info-\u003evar.\r\n\r\n================================================================\r\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI\r\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\r\nCPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0\r\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\r\nRIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901\r\nCall Trace:\r\n display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929\r\n fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071\r\n resize_screen drivers/tty/vt/vt.c:1176 [inline]\r\n vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263\r\n fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720\r\n fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776\r\n do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128\r\n fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203\r\n vfs_ioctl fs/ioctl.c:48 [inline]\r\n __do_sys_ioctl fs/ioctl.c:753 [inline]\r\n __se_sys_ioctl fs/ioctl.c:739 [inline]\r\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739\r\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\r\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\r\n================================================================\r\n\r\nThe reason is that fb_info-\u003evar is being modified in fb_set_var(), and\r\nthen fb_videomode_to_var() is called. If it fails to add the mode to\r\nfb_info-\u003emodelist, fb_set_var() returns error, but does not restore the\r\nold value of fb_info-\u003evar. Restore fb_info-\u003evar on failure the same way\r\nit is done earlier in the function.\r\n\r\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38214"
},
{
"cve": "CVE-2025-38215",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var\r\n\r\nIf fb_add_videomode() in do_register_framebuffer() fails to allocate\r\nmemory for fb_videomode, it will later lead to a null-ptr dereference in\r\nfb_videomode_to_var(), as the fb_info is registered while not having the\r\nmode in modelist that is expected to be there, i.e. the one that is\r\ndescribed in fb_info-\u003evar.\r\n\r\n================================================================\r\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN NOPTI\r\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\r\nCPU: 1 PID: 30371 Comm: syz-executor.1 Not tainted 5.10.226-syzkaller #0\r\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\r\nRIP: 0010:fb_videomode_to_var+0x24/0x610 drivers/video/fbdev/core/modedb.c:901\r\nCall Trace:\r\n display_to_var+0x3a/0x7c0 drivers/video/fbdev/core/fbcon.c:929\r\n fbcon_resize+0x3e2/0x8f0 drivers/video/fbdev/core/fbcon.c:2071\r\n resize_screen drivers/tty/vt/vt.c:1176 [inline]\r\n vc_do_resize+0x53a/0x1170 drivers/tty/vt/vt.c:1263\r\n fbcon_modechanged+0x3ac/0x6e0 drivers/video/fbdev/core/fbcon.c:2720\r\n fbcon_update_vcs+0x43/0x60 drivers/video/fbdev/core/fbcon.c:2776\r\n do_fb_ioctl+0x6d2/0x740 drivers/video/fbdev/core/fbmem.c:1128\r\n fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1203\r\n vfs_ioctl fs/ioctl.c:48 [inline]\r\n __do_sys_ioctl fs/ioctl.c:753 [inline]\r\n __se_sys_ioctl fs/ioctl.c:739 [inline]\r\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:739\r\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\r\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\r\n================================================================\r\n\r\nEven though fbcon_init() checks beforehand if fb_match_mode() in\r\nvar_to_display() fails, it can not prevent the panic because fbcon_init()\r\ndoes not return error code. Considering this and the comment in the code\r\nabout fb_match_mode() returning NULL - \"This should not happen\" - it is\r\nbetter to prevent registering the fb_info if its mode was not set\r\nsuccessfully. Also move fb_add_videomode() closer to the beginning of\r\ndo_register_framebuffer() to avoid having to do the cleanup on fail.\r\n\r\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38215"
},
{
"cve": "CVE-2025-38222",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: inline: fix len overflow in ext4_prepare_inline_data\r\n\r\nWhen running the following code on an ext4 filesystem with inline_data\r\nfeature enabled, it will lead to the bug below.\r\n\r\n fd = open(\"file1\", O_RDWR | O_CREAT | O_TRUNC, 0666);\r\n ftruncate(fd, 30);\r\n pwrite(fd, \"a\", 1, (1UL \u003c\u003c 40) + 5UL);\r\n\r\nThat happens because write_begin will succeed as when\r\next4_generic_write_inline_data calls ext4_prepare_inline_data, pos + len\r\nwill be truncated, leading to ext4_prepare_inline_data parameter to be 6\r\ninstead of 0x10000000006.\r\n\r\nThen, later when write_end is called, we hit:\r\n\r\n BUG_ON(pos + len \u003e EXT4_I(inode)-\u003ei_inline_size);\r\n\r\nat ext4_write_inline_data.\r\n\r\nFix it by using a loff_t type for the len parameter in\r\next4_prepare_inline_data instead of an unsigned int.\r\n\r\n[ 44.545164] ------------[ cut here ]------------\r\n[ 44.545530] kernel BUG at fs/ext4/inline.c:240!\r\n[ 44.545834] Oops: invalid opcode: 0000 [#1] SMP NOPTI\r\n[ 44.546172] CPU: 3 UID: 0 PID: 343 Comm: test Not tainted 6.15.0-rc2-00003-g9080916f4863 #45 PREEMPT(full) 112853fcebfdb93254270a7959841d2c6aa2c8bb\r\n[ 44.546523] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\r\n[ 44.546523] RIP: 0010:ext4_write_inline_data+0xfe/0x100\r\n[ 44.546523] Code: 3c 0e 48 83 c7 48 48 89 de 5b 41 5c 41 5d 41 5e 41 5f 5d e9 e4 fa 43 01 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc 0f 0b \u003c0f\u003e 0b 0f 1f 44 00 00 55 41 57 41 56 41 55 41 54 53 48 83 ec 20 49\r\n[ 44.546523] RSP: 0018:ffffb342008b79a8 EFLAGS: 00010216\r\n[ 44.546523] RAX: 0000000000000001 RBX: ffff9329c579c000 RCX: 0000010000000006\r\n[ 44.546523] RDX: 000000000000003c RSI: ffffb342008b79f0 RDI: ffff9329c158e738\r\n[ 44.546523] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000\r\n[ 44.546523] R10: 00007ffffffff000 R11: ffffffff9bd0d910 R12: 0000006210000000\r\n[ 44.546523] R13: fffffc7e4015e700 R14: 0000010000000005 R15: ffff9329c158e738\r\n[ 44.546523] FS: 00007f4299934740(0000) GS:ffff932a60179000(0000) knlGS:0000000000000000\r\n[ 44.546523] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\n[ 44.546523] CR2: 00007f4299a1ec90 CR3: 0000000002886002 CR4: 0000000000770eb0\r\n[ 44.546523] PKRU: 55555554\r\n[ 44.546523] Call Trace:\r\n[ 44.546523] \u003cTASK\u003e\r\n[ 44.546523] ext4_write_inline_data_end+0x126/0x2d0\r\n[ 44.546523] generic_perform_write+0x17e/0x270\r\n[ 44.546523] ext4_buffered_write_iter+0xc8/0x170\r\n[ 44.546523] vfs_write+0x2be/0x3e0\r\n[ 44.546523] __x64_sys_pwrite64+0x6d/0xc0\r\n[ 44.546523] do_syscall_64+0x6a/0xf0\r\n[ 44.546523] ? __wake_up+0x89/0xb0\r\n[ 44.546523] ? xas_find+0x72/0x1c0\r\n[ 44.546523] ? next_uptodate_folio+0x317/0x330\r\n[ 44.546523] ? set_pte_range+0x1a6/0x270\r\n[ 44.546523] ? filemap_map_pages+0x6ee/0x840\r\n[ 44.546523] ? ext4_setattr+0x2fa/0x750\r\n[ 44.546523] ? do_pte_missing+0x128/0xf70\r\n[ 44.546523] ? security_inode_post_setattr+0x3e/0xd0\r\n[ 44.546523] ? ___pte_offset_map+0x19/0x100\r\n[ 44.546523] ? handle_mm_fault+0x721/0xa10\r\n[ 44.546523] ? do_user_addr_fault+0x197/0x730\r\n[ 44.546523] ? do_syscall_64+0x76/0xf0\r\n[ 44.546523] ? arch_exit_to_user_mode_prepare+0x1e/0x60\r\n[ 44.546523] ? irqentry_exit_to_user_mode+0x79/0x90\r\n[ 44.546523] entry_SYSCALL_64_after_hwframe+0x55/0x5d\r\n[ 44.546523] RIP: 0033:0x7f42999c6687\r\n[ 44.546523] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff\r\n[ 44.546523] RSP: 002b:00007ffeae4a7930 EFLAGS: 00000202 ORIG_RAX: 0000000000000012\r\n[ 44.546523] RAX: ffffffffffffffda RBX: 00007f4299934740 RCX: 00007f42999c6687\r\n[ 44.546523] RDX: 0000000000000001 RSI: 000055ea6149200f RDI: 0000000000000003\r\n[ 44.546523] RBP: 00007ffeae4a79a0 R08: 0000000000000000 R09: 0000000000000000\r\n[ 44.546523] R10: 0000010000000005 R11: 0000000000000202 R12: 0000\r\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38222"
},
{
"cve": "CVE-2025-38231",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfsd: Initialize ssc before laundromat_work to prevent NULL dereference\r\n\r\nIn nfs4_state_start_net(), laundromat_work may access nfsd_ssc through\r\nnfs4_laundromat -\u003e nfsd4_ssc_expire_umount. If nfsd_ssc isn\u0027t initialized,\r\nthis can cause NULL pointer dereference.\r\n\r\nNormally the delayed start of laundromat_work allows sufficient time for\r\nnfsd_ssc initialization to complete. However, when the kernel waits too\r\nlong for userspace responses (e.g. in nfs4_state_start_net -\u003e\r\nnfsd4_end_grace -\u003e nfsd4_record_grace_done -\u003e nfsd4_cld_grace_done -\u003e\r\ncld_pipe_upcall -\u003e __cld_pipe_upcall -\u003e wait_for_completion path), the\r\ndelayed work may start before nfsd_ssc initialization finishes.\r\n\r\nFix this by moving nfsd_ssc initialization before starting laundromat_work.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38231"
},
{
"cve": "CVE-2025-38236",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\naf_unix: Don\u0027t leave consecutive consumed OOB skbs.\r\n\r\nJann Horn reported a use-after-free in unix_stream_read_generic().\r\n\r\nThe following sequences reproduce the issue:\r\n\r\n $ python3\r\n from socket import *\r\n s1, s2 = socketpair(AF_UNIX, SOCK_STREAM)\r\n s1.send(b\u0027x\u0027, MSG_OOB)\r\n s2.recv(1, MSG_OOB) # leave a consumed OOB skb\r\n s1.send(b\u0027y\u0027, MSG_OOB)\r\n s2.recv(1, MSG_OOB) # leave a consumed OOB skb\r\n s1.send(b\u0027z\u0027, MSG_OOB)\r\n s2.recv(1) # recv \u0027z\u0027 illegally\r\n s2.recv(1, MSG_OOB) # access \u0027z\u0027 skb (use-after-free)\r\n\r\nEven though a user reads OOB data, the skb holding the data stays on\r\nthe recv queue to mark the OOB boundary and break the next recv().\r\n\r\nAfter the last send() in the scenario above, the sk2\u0027s recv queue has\r\n2 leading consumed OOB skbs and 1 real OOB skb.\r\n\r\nThen, the following happens during the next recv() without MSG_OOB\r\n\r\n 1. unix_stream_read_generic() peeks the first consumed OOB skb\r\n 2. manage_oob() returns the next consumed OOB skb\r\n 3. unix_stream_read_generic() fetches the next not-yet-consumed OOB skb\r\n 4. unix_stream_read_generic() reads and frees the OOB skb\r\n\r\n, and the last recv(MSG_OOB) triggers KASAN splat.\r\n\r\nThe 3. above occurs because of the SO_PEEK_OFF code, which does not\r\nexpect unix_skb_len(skb) to be 0, but this is true for such consumed\r\nOOB skbs.\r\n\r\n while (skip \u003e= unix_skb_len(skb)) {\r\n skip -= unix_skb_len(skb);\r\n skb = skb_peek_next(skb, \u0026sk-\u003esk_receive_queue);\r\n ...\r\n }\r\n\r\nIn addition to this use-after-free, there is another issue that\r\nioctl(SIOCATMARK) does not function properly with consecutive consumed\r\nOOB skbs.\r\n\r\nSo, nothing good comes out of such a situation.\r\n\r\nInstead of complicating manage_oob(), ioctl() handling, and the next\r\nECONNRESET fix by introducing a loop for consecutive consumed OOB skbs,\r\nlet\u0027s not leave such consecutive OOB unnecessarily.\r\n\r\nNow, while receiving an OOB skb in unix_stream_recv_urg(), if its\r\nprevious skb is a consumed OOB skb, it is freed.\r\n\r\n[0]:\r\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor (net/unix/af_unix.c:3027)\r\nRead of size 4 at addr ffff888106ef2904 by task python3/315\r\n\r\nCPU: 2 UID: 0 PID: 315 Comm: python3 Not tainted 6.16.0-rc1-00407-gec315832f6f9 #8 PREEMPT(voluntary)\r\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-4.fc42 04/01/2014\r\nCall Trace:\r\n \u003cTASK\u003e\r\n dump_stack_lvl (lib/dump_stack.c:122)\r\n print_report (mm/kasan/report.c:409 mm/kasan/report.c:521)\r\n kasan_report (mm/kasan/report.c:636)\r\n unix_stream_read_actor (net/unix/af_unix.c:3027)\r\n unix_stream_read_generic (net/unix/af_unix.c:2708 net/unix/af_unix.c:2847)\r\n unix_stream_recvmsg (net/unix/af_unix.c:3048)\r\n sock_recvmsg (net/socket.c:1063 (discriminator 20) net/socket.c:1085 (discriminator 20))\r\n __sys_recvfrom (net/socket.c:2278)\r\n __x64_sys_recvfrom (net/socket.c:2291 (discriminator 1) net/socket.c:2287 (discriminator 1) net/socket.c:2287 (discriminator 1))\r\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\r\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\r\nRIP: 0033:0x7f8911fcea06\r\nCode: 5d e8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 75 19 83 e2 39 83 fa 08 75 11 e8 26 ff ff ff 66 0f 1f 44 00 00 48 8b 45 10 0f 05 \u003c48\u003e 8b 5d f8 c9 c3 0f 1f 40 00 f3 0f 1e fa 55 48 89 e5 48 83 ec 08\r\nRSP: 002b:00007fffdb0dccb0 EFLAGS: 00000202 ORIG_RAX: 000000000000002d\r\nRAX: ffffffffffffffda RBX: 00007fffdb0dcdc8 RCX: 00007f8911fcea06\r\nRDX: 0000000000000001 RSI: 00007f8911a5e060 RDI: 0000000000000006\r\nRBP: 00007fffdb0dccd0 R08: 0000000000000000 R09: 0000000000000000\r\nR10: 0000000000000001 R11: 0000000000000202 R12: 00007f89119a7d20\r\nR13: ffffffffc4653600 R14: 0000000000000000 R15: 0000000000000000\r\n \u003c/TASK\u003e\r\n\r\nAllocated by task 315:\r\n kasan_save_stack (mm/kasan/common.c:48)\r\n kasan_save_track (mm/kasan/common.c:60 (discriminator 1) mm/kasan/common.c:69 (discriminator 1))\r\n __kasan_slab_alloc (mm/kasan/common.c:348)\r\n kmem_cache_alloc_\r\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38236"
},
{
"cve": "CVE-2025-38280",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbpf: Avoid __bpf_prog_ret0_warn when jit fails\r\n\r\nsyzkaller reported an issue:\r\n\r\nWARNING: CPU: 3 PID: 217 at kernel/bpf/core.c:2357 __bpf_prog_ret0_warn+0xa/0x20 kernel/bpf/core.c:2357\r\nModules linked in:\r\nCPU: 3 UID: 0 PID: 217 Comm: kworker/u32:6 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39\r\nRIP: 0010:__bpf_prog_ret0_warn+0xa/0x20 kernel/bpf/core.c:2357\r\nCall Trace:\r\n \u003cTASK\u003e\r\n bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline]\r\n __bpf_prog_run include/linux/filter.h:718 [inline]\r\n bpf_prog_run include/linux/filter.h:725 [inline]\r\n cls_bpf_classify+0x74a/0x1110 net/sched/cls_bpf.c:105\r\n ...\r\n\r\nWhen creating bpf program, \u0027fp-\u003ejit_requested\u0027 depends on bpf_jit_enable.\r\nThis issue is triggered because of CONFIG_BPF_JIT_ALWAYS_ON is not set\r\nand bpf_jit_enable is set to 1, causing the arch to attempt JIT the prog,\r\nbut jit failed due to FAULT_INJECTION. As a result, incorrectly\r\ntreats the program as valid, when the program runs it calls\r\n`__bpf_prog_ret0_warn` and triggers the WARN_ON_ONCE(1).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38280"
},
{
"cve": "CVE-2025-38285",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbpf: Fix WARN() in get_bpf_raw_tp_regs\r\n\r\nsyzkaller reported an issue:\r\n\r\nWARNING: CPU: 3 PID: 5971 at kernel/trace/bpf_trace.c:1861 get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861\r\nModules linked in:\r\nCPU: 3 UID: 0 PID: 5971 Comm: syz-executor205 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full)\r\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\r\nRIP: 0010:get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861\r\nRSP: 0018:ffffc90003636fa8 EFLAGS: 00010293\r\nRAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff81c6bc4c\r\nRDX: ffff888032efc880 RSI: ffffffff81c6bc83 RDI: 0000000000000005\r\nRBP: ffff88806a730860 R08: 0000000000000005 R09: 0000000000000003\r\nR10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000004\r\nR13: 0000000000000001 R14: ffffc90003637008 R15: 0000000000000900\r\nFS: 0000000000000000(0000) GS:ffff8880d6cdf000(0000) knlGS:0000000000000000\r\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nCR2: 00007f7baee09130 CR3: 0000000029f5a000 CR4: 0000000000352ef0\r\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\r\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\r\nCall Trace:\r\n \u003cTASK\u003e\r\n ____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1934 [inline]\r\n bpf_get_stack_raw_tp+0x24/0x160 kernel/trace/bpf_trace.c:1931\r\n bpf_prog_ec3b2eefa702d8d3+0x43/0x47\r\n bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline]\r\n __bpf_prog_run include/linux/filter.h:718 [inline]\r\n bpf_prog_run include/linux/filter.h:725 [inline]\r\n __bpf_trace_run kernel/trace/bpf_trace.c:2363 [inline]\r\n bpf_trace_run3+0x23f/0x5a0 kernel/trace/bpf_trace.c:2405\r\n __bpf_trace_mmap_lock_acquire_returned+0xfc/0x140 include/trace/events/mmap_lock.h:47\r\n __traceiter_mmap_lock_acquire_returned+0x79/0xc0 include/trace/events/mmap_lock.h:47\r\n __do_trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:47 [inline]\r\n trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:47 [inline]\r\n __mmap_lock_do_trace_acquire_returned+0x138/0x1f0 mm/mmap_lock.c:35\r\n __mmap_lock_trace_acquire_returned include/linux/mmap_lock.h:36 [inline]\r\n mmap_read_trylock include/linux/mmap_lock.h:204 [inline]\r\n stack_map_get_build_id_offset+0x535/0x6f0 kernel/bpf/stackmap.c:157\r\n __bpf_get_stack+0x307/0xa10 kernel/bpf/stackmap.c:483\r\n ____bpf_get_stack kernel/bpf/stackmap.c:499 [inline]\r\n bpf_get_stack+0x32/0x40 kernel/bpf/stackmap.c:496\r\n ____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1941 [inline]\r\n bpf_get_stack_raw_tp+0x124/0x160 kernel/trace/bpf_trace.c:1931\r\n bpf_prog_ec3b2eefa702d8d3+0x43/0x47\r\n\r\nTracepoint like trace_mmap_lock_acquire_returned may cause nested call\r\nas the corner case show above, which will be resolved with more general\r\nmethod in the future. As a result, WARN_ON_ONCE will be triggered. As\r\nAlexei suggested, remove the WARN_ON_ONCE first.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38285"
},
{
"cve": "CVE-2025-38312",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()\r\n\r\nIn fb_find_mode_cvt(), iff mode-\u003erefresh somehow happens to be 0x80000000,\r\ncvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It\u0027s\r\nthen passed to fb_cvt_hperiod(), where it\u0027s used as a divider -- division\r\nby 0 will result in kernel oops. Add a sanity check for cvt.f_refresh to\r\navoid such overflow...\r\n\r\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\r\nanalysis tool.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38312"
},
{
"cve": "CVE-2025-38342",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsoftware node: Correct a OOB check in software_node_get_reference_args()\r\n\r\nsoftware_node_get_reference_args() wants to get @index-th element, so\r\nthe property value requires at least \u0027(index + 1) * sizeof(*ref)\u0027 bytes\r\nbut that can not be guaranteed by current OOB check, and may cause OOB\r\nfor malformed property.\r\n\r\nFix by using as OOB check \u0027((index + 1) * sizeof(*ref) \u003e prop-\u003elength)\u0027.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38342"
},
{
"cve": "CVE-2025-38350",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Always pass notifications when child class becomes empty\n\nCertain classful qdiscs may invoke their classes\u0027 dequeue handler on an\nenqueue operation. This may unexpectedly empty the child qdisc and thus\nmake an in-flight class passive via qlen_notify(). Most qdiscs do not\nexpect such behaviour at this point in time and may re-activate the\nclass eventually anyways which will lead to a use-after-free.\n\nThe referenced fix commit attempted to fix this behavior for the HFSC\ncase by moving the backlog accounting around, though this turned out to\nbe incomplete since the parent\u0027s parent may run into the issue too.\nThe following reproducer demonstrates this use-after-free:\n\n tc qdisc add dev lo root handle 1: drr\n tc filter add dev lo parent 1: basic classid 1:1\n tc class add dev lo parent 1: classid 1:1 drr\n tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1\n tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0\n tc qdisc add dev lo parent 2:1 handle 3: netem\n tc qdisc add dev lo parent 3:1 handle 4: blackhole\n\n echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888\n tc class delete dev lo classid 1:1\n echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888\n\nSince backlog accounting issues leading to a use-after-frees on stale\nclass pointers is a recurring pattern at this point, this patch takes\na different approach. Instead of trying to fix the accounting, the patch\nensures that qdisc_tree_reduce_backlog always calls qlen_notify when\nthe child qdisc is empty. This solves the problem because deletion of\nqdiscs always involves a call to qdisc_reset() and / or\nqdisc_purge_queue() which ultimately resets its qlen to 0 thus causing\nthe following qdisc_tree_reduce_backlog() to report to the parent. Note\nthat this may call qlen_notify on passive classes multiple times. This\nis not a problem after the recent patch series that made all the\nclassful qdiscs qlen_notify() handlers idempotent.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38350"
},
{
"cve": "CVE-2025-38364",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmaple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate()\r\n\r\nTemporarily clear the preallocation flag when explicitly requesting\r\nallocations. Pre-existing allocations are already counted against the\r\nrequest through mas_node_count_gfp(), but the allocations will not happen\r\nif the MA_STATE_PREALLOC flag is set. This flag is meant to avoid\r\nre-allocating in bulk allocation mode, and to detect issues with\r\npreallocation calculations.\r\n\r\nThe MA_STATE_PREALLOC flag should also always be set on zero allocations\r\nso that detection of underflow allocations will print a WARN_ON() during\r\nconsumption.\r\n\r\nUser visible effect of this flaw is a WARN_ON() followed by a null pointer\r\ndereference when subsequent requests for larger number of nodes is\r\nignored, such as the vma merge retry in mmap_region() caused by drivers\r\naltering the vma flags (which happens in v6.6, at least)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38364"
},
{
"cve": "CVE-2025-38393",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nNFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN\r\n\r\nWe found a few different systems hung up in writeback waiting on the same\r\npage lock, and one task waiting on the NFS_LAYOUT_DRAIN bit in\r\npnfs_update_layout(), however the pnfs_layout_hdr\u0027s plh_outstanding count\r\nwas zero.\r\n\r\nIt seems most likely that this is another race between the waiter and waker\r\nsimilar to commit ed0172af5d6f (\"SUNRPC: Fix a race to wake a sync task\").\r\nFix it up by applying the advised barrier.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38393"
},
{
"cve": "CVE-2025-38400",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.\r\n\r\nsyzbot reported a warning below [1] following a fault injection in\r\nnfs_fs_proc_net_init(). [0]\r\n\r\nWhen nfs_fs_proc_net_init() fails, /proc/net/rpc/nfs is not removed.\r\n\r\nLater, rpc_proc_exit() tries to remove /proc/net/rpc, and the warning\r\nis logged as the directory is not empty.\r\n\r\nLet\u0027s handle the error of nfs_fs_proc_net_init() properly.\r\n\r\n[0]:\r\nFAULT_INJECTION: forcing a failure.\r\nname failslab, interval 1, probability 0, space 0, times 0\r\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\r\nCall Trace:\r\n \u003cTASK\u003e\r\n dump_stack_lvl (lib/dump_stack.c:123)\r\n should_fail_ex (lib/fault-inject.c:73 lib/fault-inject.c:174)\r\n should_failslab (mm/failslab.c:46)\r\n kmem_cache_alloc_noprof (mm/slub.c:4178 mm/slub.c:4204)\r\n __proc_create (fs/proc/generic.c:427)\r\n proc_create_reg (fs/proc/generic.c:554)\r\n proc_create_net_data (fs/proc/proc_net.c:120)\r\n nfs_fs_proc_net_init (fs/nfs/client.c:1409)\r\n nfs_net_init (fs/nfs/inode.c:2600)\r\n ops_init (net/core/net_namespace.c:138)\r\n setup_net (net/core/net_namespace.c:443)\r\n copy_net_ns (net/core/net_namespace.c:576)\r\n create_new_namespaces (kernel/nsproxy.c:110)\r\n unshare_nsproxy_namespaces (kernel/nsproxy.c:218 (discriminator 4))\r\n ksys_unshare (kernel/fork.c:3123)\r\n __x64_sys_unshare (kernel/fork.c:3190)\r\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\r\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\r\n \u003c/TASK\u003e\r\n\r\n[1]:\r\nremove_proc_entry: removing non-empty directory \u0027net/rpc\u0027, leaking at least \u0027nfs\u0027\r\n WARNING: CPU: 1 PID: 6120 at fs/proc/generic.c:727 remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\r\nModules linked in:\r\nCPU: 1 UID: 0 PID: 6120 Comm: syz.2.27 Not tainted 6.16.0-rc1-syzkaller-00010-g2c4a1f3fe03e #0 PREEMPT(full)\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\r\n RIP: 0010:remove_proc_entry+0x45e/0x530 fs/proc/generic.c:727\r\nCode: 3c 02 00 0f 85 85 00 00 00 48 8b 93 d8 00 00 00 4d 89 f0 4c 89 e9 48 c7 c6 40 ba a2 8b 48 c7 c7 60 b9 a2 8b e8 33 81 1d ff 90 \u003c0f\u003e 0b 90 90 e9 5f fe ff ff e8 04 69 5e ff 90 48 b8 00 00 00 00 00\r\nRSP: 0018:ffffc90003637b08 EFLAGS: 00010282\r\nRAX: 0000000000000000 RBX: ffff88805f534140 RCX: ffffffff817a92c8\r\nRDX: ffff88807da99e00 RSI: ffffffff817a92d5 RDI: 0000000000000001\r\nRBP: ffff888033431ac0 R08: 0000000000000001 R09: 0000000000000000\r\nR10: 0000000000000001 R11: 0000000000000001 R12: ffff888033431a00\r\nR13: ffff888033431ae4 R14: ffff888033184724 R15: dffffc0000000000\r\nFS: 0000555580328500(0000) GS:ffff888124a62000(0000) knlGS:0000000000000000\r\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nCR2: 00007f71733743e0 CR3: 000000007f618000 CR4: 00000000003526f0\r\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\r\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\r\nCall Trace:\r\n \u003cTASK\u003e\r\n sunrpc_exit_net+0x46/0x90 net/sunrpc/sunrpc_syms.c:76\r\n ops_exit_list net/core/net_namespace.c:200 [inline]\r\n ops_undo_list+0x2eb/0xab0 net/core/net_namespace.c:253\r\n setup_net+0x2e1/0x510 net/core/net_namespace.c:457\r\n copy_net_ns+0x2a6/0x5f0 net/core/net_namespace.c:574\r\n create_new_namespaces+0x3ea/0xa90 kernel/nsproxy.c:110\r\n unshare_nsproxy_namespaces+0xc0/0x1f0 kernel/nsproxy.c:218\r\n ksys_unshare+0x45b/0xa40 kernel/fork.c:3121\r\n __do_sys_unshare kernel/fork.c:3192 [inline]\r\n __se_sys_unshare kernel/fork.c:3190 [inline]\r\n __x64_sys_unshare+0x31/0x40 kernel/fork.c:3190\r\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\r\n do_syscall_64+0xcd/0x490 arch/x86/entry/syscall_64.c:94\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\nRIP: 0033:0x7fa1a6b8e929\r\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c\r\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38400"
},
{
"cve": "CVE-2025-38430",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfsd: nfsd4_spo_must_allow() must check this is a v4 compound request\r\n\r\nIf the request being processed is not a v4 compound request, then\r\nexamining the cstate can have undefined results.\r\n\r\nThis patch adds a check that the rpc procedure being executed\r\n(rq_procinfo) is the NFSPROC4_COMPOUND procedure.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38430"
},
{
"cve": "CVE-2025-38451",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmd/md-bitmap: fix GPF in bitmap_get_stats()\r\n\r\nThe commit message of commit 6ec1f0239485 (\"md/md-bitmap: fix stats\r\ncollection for external bitmaps\") states:\r\n\r\n Remove the external bitmap check as the statistics should be\r\n available regardless of bitmap storage location.\r\n\r\n Return -EINVAL only for invalid bitmap with no storage (neither in\r\n superblock nor in external file).\r\n\r\nBut, the code does not adhere to the above, as it does only check for\r\na valid super-block for \"internal\" bitmaps. Hence, we observe:\r\n\r\nOops: GPF, probably for non-canonical address 0x1cd66f1f40000028\r\nRIP: 0010:bitmap_get_stats+0x45/0xd0\r\nCall Trace:\r\n\r\n seq_read_iter+0x2b9/0x46a\r\n seq_read+0x12f/0x180\r\n proc_reg_read+0x57/0xb0\r\n vfs_read+0xf6/0x380\r\n ksys_read+0x6d/0xf0\r\n do_syscall_64+0x8c/0x1b0\r\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\r\n\r\nWe fix this by checking the existence of a super-block for both the\r\ninternal and external case.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38451"
},
{
"cve": "CVE-2025-38457",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: Abort __tc_modify_qdisc if parent class does not exist\r\n\r\nLion\u0027s patch [1] revealed an ancient bug in the qdisc API.\r\nWhenever a user creates/modifies a qdisc specifying as a parent another\r\nqdisc, the qdisc API will, during grafting, detect that the user is\r\nnot trying to attach to a class and reject. However grafting is\r\nperformed after qdisc_create (and thus the qdiscs\u0027 init callback) is\r\nexecuted. In qdiscs that eventually call qdisc_tree_reduce_backlog\r\nduring init or change (such as fq, hhf, choke, etc), an issue\r\narises. For example, executing the following commands:\r\n\r\nsudo tc qdisc add dev lo root handle a: htb default 2\r\nsudo tc qdisc add dev lo parent a: handle beef fq\r\n\r\nQdiscs such as fq, hhf, choke, etc unconditionally invoke\r\nqdisc_tree_reduce_backlog() in their control path init() or change() which\r\nthen causes a failure to find the child class; however, that does not stop\r\nthe unconditional invocation of the assumed child qdisc\u0027s qlen_notify with\r\na null class. All these qdiscs make the assumption that class is non-null.\r\n\r\nThe solution is ensure that qdisc_leaf() which looks up the parent\r\nclass, and is invoked prior to qdisc_create(), should return failure on\r\nnot finding the class.\r\nIn this patch, we leverage qdisc_leaf to return ERR_PTRs whenever the\r\nparentid doesn\u0027t correspond to a class, so that we can detect it\r\nearlier on and abort before qdisc_create is called.\r\n\r\n[1] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38457"
},
{
"cve": "CVE-2025-38465",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetlink: Fix wraparounds of sk-\u003esk_rmem_alloc.\r\n\r\nNetlink has this pattern in some places\r\n\r\n if (atomic_read(\u0026sk-\u003esk_rmem_alloc) \u003e sk-\u003esk_rcvbuf)\r\n \tatomic_add(skb-\u003etruesize, \u0026sk-\u003esk_rmem_alloc);\r\n\r\n, which has the same problem fixed by commit 5a465a0da13e (\"udp:\r\nFix multiple wraparounds of sk-\u003esk_rmem_alloc.\").\r\n\r\nFor example, if we set INT_MAX to SO_RCVBUFFORCE, the condition\r\nis always false as the two operands are of int.\r\n\r\nThen, a single socket can eat as many skb as possible until OOM\r\nhappens, and we can see multiple wraparounds of sk-\u003esk_rmem_alloc.\r\n\r\nLet\u0027s fix it by using atomic_add_return() and comparing the two\r\nvariables as unsigned int.\r\n\r\nBefore:\r\n [root@fedora ~]# ss -f netlink\r\n Recv-Q Send-Q Local Address:Port Peer Address:Port\r\n -1668710080 0 rtnl:nl_wraparound/293 *\r\n\r\nAfter:\r\n [root@fedora ~]# ss -f netlink\r\n Recv-Q Send-Q Local Address:Port Peer Address:Port\r\n 2147483072 0 rtnl:nl_wraparound/290 *\r\n ^\r\n `--- INT_MAX - 576",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38465"
},
{
"cve": "CVE-2025-38466",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nperf: Revert to requiring CAP_SYS_ADMIN for uprobes\r\n\r\nJann reports that uprobes can be used destructively when used in the\r\nmiddle of an instruction. The kernel only verifies there is a valid\r\ninstruction at the requested offset, but due to variable instruction\r\nlength cannot determine if this is an instruction as seen by the\r\nintended execution stream.\r\n\r\nAdditionally, Mark Rutland notes that on architectures that mix data\r\nin the text segment (like arm64), a similar things can be done if the\r\ndata word is \u0027mistaken\u0027 for an instruction.\r\n\r\nAs such, require CAP_SYS_ADMIN for uprobes.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38466"
},
{
"cve": "CVE-2025-38468",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree\r\n\r\nhtb_lookup_leaf has a BUG_ON that can trigger with the following:\r\n\r\ntc qdisc del dev lo root\r\ntc qdisc add dev lo root handle 1: htb default 1\r\ntc class add dev lo parent 1: classid 1:1 htb rate 64bit\r\ntc qdisc add dev lo parent 1:1 handle 2: netem\r\ntc qdisc add dev lo parent 2:1 handle 3: blackhole\r\nping -I lo -c1 -W0.001 127.0.0.1\r\n\r\nThe root cause is the following:\r\n\r\n1. htb_dequeue calls htb_dequeue_tree which calls the dequeue handler on\r\n the selected leaf qdisc\r\n2. netem_dequeue calls enqueue on the child qdisc\r\n3. blackhole_enqueue drops the packet and returns a value that is not\r\n just NET_XMIT_SUCCESS\r\n4. Because of this, netem_dequeue calls qdisc_tree_reduce_backlog, and\r\n since qlen is now 0, it calls htb_qlen_notify -\u003e htb_deactivate -\u003e\r\n htb_deactiviate_prios -\u003e htb_remove_class_from_row -\u003e htb_safe_rb_erase\r\n5. As this is the only class in the selected hprio rbtree,\r\n __rb_change_child in __rb_erase_augmented sets the rb_root pointer to\r\n NULL\r\n6. Because blackhole_dequeue returns NULL, netem_dequeue returns NULL,\r\n which causes htb_dequeue_tree to call htb_lookup_leaf with the same\r\n hprio rbtree, and fail the BUG_ON\r\n\r\nThe function graph for this scenario is shown here:\r\n 0) | htb_enqueue() {\r\n 0) + 13.635 us | netem_enqueue();\r\n 0) 4.719 us | htb_activate_prios();\r\n 0) # 2249.199 us | }\r\n 0) | htb_dequeue() {\r\n 0) 2.355 us | htb_lookup_leaf();\r\n 0) | netem_dequeue() {\r\n 0) + 11.061 us | blackhole_enqueue();\r\n 0) | qdisc_tree_reduce_backlog() {\r\n 0) | qdisc_lookup_rcu() {\r\n 0) 1.873 us | qdisc_match_from_root();\r\n 0) 6.292 us | }\r\n 0) 1.894 us | htb_search();\r\n 0) | htb_qlen_notify() {\r\n 0) 2.655 us | htb_deactivate_prios();\r\n 0) 6.933 us | }\r\n 0) + 25.227 us | }\r\n 0) 1.983 us | blackhole_dequeue();\r\n 0) + 86.553 us | }\r\n 0) # 2932.761 us | qdisc_warn_nonwc();\r\n 0) | htb_lookup_leaf() {\r\n 0) | BUG_ON();\r\n ------------------------------------------\r\n\r\nThe full original bug report can be seen here [1].\r\n\r\nWe can fix this just by returning NULL instead of the BUG_ON,\r\nas htb_dequeue_tree returns NULL when htb_lookup_leaf returns\r\nNULL.\r\n\r\n[1] https://lore.kernel.org/netdev/pF5XOOIim0IuEfhI-SOxTgRvNoDwuux7UHKnE_Y5-zVd4wmGvNk2ceHjKb8ORnzw0cGwfmVu42g9dL7XyJLf1NEzaztboTWcm0Ogxuojoeo=@willsroot.io/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38468"
},
{
"cve": "CVE-2025-38470",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime\r\n\r\nAssuming the \"rx-vlan-filter\" feature is enabled on a net device, the\r\n8021q module will automatically add or remove VLAN 0 when the net device\r\nis put administratively up or down, respectively. There are a couple of\r\nproblems with the above scheme.\r\n\r\nThe first problem is a memory leak that can happen if the \"rx-vlan-filter\"\r\nfeature is disabled while the device is running:\r\n\r\n # ip link add bond1 up type bond mode 0\r\n # ethtool -K bond1 rx-vlan-filter off\r\n # ip link del dev bond1\r\n\r\nWhen the device is put administratively down the \"rx-vlan-filter\"\r\nfeature is disabled, so the 8021q module will not remove VLAN 0 and the\r\nmemory will be leaked [1].\r\n\r\nAnother problem that can happen is that the kernel can automatically\r\ndelete VLAN 0 when the device is put administratively down despite not\r\nadding it when the device was put administratively up since during that\r\ntime the \"rx-vlan-filter\" feature was disabled. null-ptr-unref or\r\nbug_on[2] will be triggered by unregister_vlan_dev() for refcount\r\nimbalance if toggling filtering during runtime:\r\n\r\n$ ip link add bond0 type bond mode 0\r\n$ ip link add link bond0 name vlan0 type vlan id 0 protocol 802.1q\r\n$ ethtool -K bond0 rx-vlan-filter off\r\n$ ifconfig bond0 up\r\n$ ethtool -K bond0 rx-vlan-filter on\r\n$ ifconfig bond0 down\r\n$ ip link del vlan0\r\n\r\nRoot cause is as below:\r\nstep1: add vlan0 for real_dev, such as bond, team.\r\nregister_vlan_dev\r\n vlan_vid_add(real_dev,htons(ETH_P_8021Q),0) //refcnt=1\r\nstep2: disable vlan filter feature and enable real_dev\r\nstep3: change filter from 0 to 1\r\nvlan_device_event\r\n vlan_filter_push_vids\r\n ndo_vlan_rx_add_vid //No refcnt added to real_dev vlan0\r\nstep4: real_dev down\r\nvlan_device_event\r\n vlan_vid_del(dev, htons(ETH_P_8021Q), 0); //refcnt=0\r\n vlan_info_rcu_free //free vlan0\r\nstep5: delete vlan0\r\nunregister_vlan_dev\r\n BUG_ON(!vlan_info); //vlan_info is null\r\n\r\nFix both problems by noting in the VLAN info whether VLAN 0 was\r\nautomatically added upon NETDEV_UP and based on that decide whether it\r\nshould be deleted upon NETDEV_DOWN, regardless of the state of the\r\n\"rx-vlan-filter\" feature.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38470"
},
{
"cve": "CVE-2025-38471",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntls: always refresh the queue when reading sock\r\n\r\nAfter recent changes in net-next TCP compacts skbs much more\r\naggressively. This unearthed a bug in TLS where we may try\r\nto operate on an old skb when checking if all skbs in the\r\nqueue have matching decrypt state and geometry.\r\n\r\n BUG: KASAN: slab-use-after-free in tls_strp_check_rcv+0x898/0x9a0 [tls]\r\n (net/tls/tls_strp.c:436 net/tls/tls_strp.c:530 net/tls/tls_strp.c:544)\r\n Read of size 4 at addr ffff888013085750 by task tls/13529\r\n\r\n CPU: 2 UID: 0 PID: 13529 Comm: tls Not tainted 6.16.0-rc5-virtme\r\n Call Trace:\r\n kasan_report+0xca/0x100\r\n tls_strp_check_rcv+0x898/0x9a0 [tls]\r\n tls_rx_rec_wait+0x2c9/0x8d0 [tls]\r\n tls_sw_recvmsg+0x40f/0x1aa0 [tls]\r\n inet_recvmsg+0x1c3/0x1f0\r\n\r\nAlways reload the queue, fast path is to have the record in the queue\r\nwhen we wake, anyway (IOW the path going down \"if !strp-\u003estm.full_len\").",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38471"
},
{
"cve": "CVE-2025-38477",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\r\n\r\nA race condition can occur when \u0027agg\u0027 is modified in qfq_change_agg\r\n(called during qfq_enqueue) while other threads access it\r\nconcurrently. For example, qfq_dump_class may trigger a NULL\r\ndereference, and qfq_delete_class may cause a use-after-free.\r\n\r\nThis patch addresses the issue by:\r\n\r\n1. Moved qfq_destroy_class into the critical section.\r\n\r\n2. Added sch_tree_lock protection to qfq_dump_class and\r\nqfq_dump_class_stats.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38477"
},
{
"cve": "CVE-2025-38498",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_change_type(): refuse to operate on unmounted/not ours mounts\n\nEnsure that propagation settings can only be changed for mounts located\nin the caller\u0027s mount namespace. This change aligns permission checking\nwith the rest of mount(2).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38498"
},
{
"cve": "CVE-2025-38499",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns\r\n\r\nWhat we want is to verify there is that clone won\u0027t expose something\r\nhidden by a mount we wouldn\u0027t be able to undo. \"Wouldn\u0027t be able to undo\"\r\nmay be a result of MNT_LOCKED on a child, but it may also come from\r\nlacking admin rights in the userns of the namespace mount belongs to.\r\n\r\nclone_private_mnt() checks the former, but not the latter.\r\n\r\nThere\u0027s a number of rather confusing CAP_SYS_ADMIN checks in various\r\nuserns during the mount, especially with the new mount API; they serve\r\ndifferent purposes and in case of clone_private_mnt() they usually,\r\nbut not always end up covering the missing check mentioned above.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38499"
},
{
"cve": "CVE-2025-38614",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: Fix semi-unbounded recursion\n\nEnsure that epoll instances can never form a graph deeper than\nEP_MAX_NESTS+1 links.\n\nCurrently, ep_loop_check_proc() ensures that the graph is loop-free and\ndoes some recursion depth checks, but those recursion depth checks don\u0027t\nlimit the depth of the resulting tree for two reasons:\n\n - They don\u0027t look upwards in the tree.\n - If there are multiple downwards paths of different lengths, only one of\n the paths is actually considered for the depth check since commit\n 28d82dc1c4ed (\"epoll: limit paths\").\n\nEssentially, the current recursion depth check in ep_loop_check_proc() just\nserves to prevent it from recursing too deeply while checking for loops.\n\nA more thorough check is done in reverse_path_check() after the new graph\nedge has already been created; this checks, among other things, that no\npaths going upwards from any non-epoll file with a length of more than 5\nedges exist. However, this check does not apply to non-epoll files.\n\nAs a result, it is possible to recurse to a depth of at least roughly 500,\ntested on v6.15. (I am unsure if deeper recursion is possible; and this may\nhave changed with commit 8c44dac8add7 (\"eventpoll: Fix priority inversion\nproblem\").)\n\nTo fix it:\n\n1. In ep_loop_check_proc(), note the subtree depth of each visited node,\nand use subtree depths for the total depth calculation even when a subtree\nhas already been visited.\n2. Add ep_get_upwards_depth_proc() for similarly determining the maximum\ndepth of an upwards walk.\n3. In ep_loop_check(), use these values to limit the total path length\nbetween epoll nodes to EP_MAX_NESTS edges.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38614"
},
{
"cve": "CVE-2025-38685",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix vmalloc out-of-bounds write in fast_imageblit\n\nThis issue triggers when a userspace program does an ioctl\nFBIOPUT_CON2FBMAP by passing console number and frame buffer number.\nIdeally this maps console to frame buffer and updates the screen if\nconsole is visible.\n\nAs part of mapping it has to do resize of console according to frame\nbuffer info. if this resize fails and returns from vc_do_resize() and\ncontinues further. At this point console and new frame buffer are mapped\nand sets display vars. Despite failure still it continue to proceed\nupdating the screen at later stages where vc_data is related to previous\nframe buffer and frame buffer info and display vars are mapped to new\nframe buffer and eventully leading to out-of-bounds write in\nfast_imageblit(). This bheviour is excepted only when fg_console is\nequal to requested console which is a visible console and updates screen\nwith invalid struct references in fbcon_putcs().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38685"
},
{
"cve": "CVE-2025-38691",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npNFS: Fix uninited ptr deref in block/scsi layout\n\nThe error occurs on the third attempt to encode extents. When function\next_tree_prepare_commit() reallocates a larger buffer to retry encoding\nextents, the \"layoutupdate_pages\" page array is initialized only after the\nretry loop. But ext_tree_free_commitdata() is called on every iteration\nand tries to put pages in the array, thus dereferencing uninitialized\npointers.\n\nAn additional problem is that there is no limit on the maximum possible\nbuffer_size. When there are too many extents, the client may create a\nlayoutcommit that is larger than the maximum possible RPC size accepted\nby the server.\n\nDuring testing, we observed two typical scenarios. First, one memory page\nfor extents is enough when we work with small files, append data to the\nend of the file, or preallocate extents before writing. But when we fill\na new large file without preallocating, the number of extents can be huge,\nand counting the number of written extents in ext_tree_encode_commit()\ndoes not help much. Since this number increases even more between\nunlocking and locking of ext_tree, the reallocated buffer may not be\nlarge enough again and again.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38691"
},
{
"cve": "CVE-2025-38701",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: do not BUG when INLINE_DATA_FL lacks system.data xattr\n\nA syzbot fuzzed image triggered a BUG_ON in ext4_update_inline_data()\nwhen an inode had the INLINE_DATA_FL flag set but was missing the\nsystem.data extended attribute.\n\nSince this can happen due to a maiciouly fuzzed file system, we\nshouldn\u0027t BUG, but rather, report it as a corrupted file system.\n\nAdd similar replacements of BUG_ON with EXT4_ERROR_INODE() ii\next4_create_inline_data() and ext4_inline_data_truncate().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38701"
},
{
"cve": "CVE-2025-38702",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fix potential buffer overflow in do_register_framebuffer()\n\nThe current implementation may lead to buffer overflow when:\n1. Unregistration creates NULL gaps in registered_fb[]\n2. All array slots become occupied despite num_registered_fb \u003c FB_MAX\n3. The registration loop exceeds array bounds\n\nAdd boundary check to prevent registered_fb[FB_MAX] access.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38702"
},
{
"cve": "CVE-2025-38704",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu/nocb: Fix possible invalid rdp\u0027s-\u003enocb_cb_kthread pointer access\n\nIn the preparation stage of CPU online, if the corresponding\nthe rdp\u0027s-\u003enocb_cb_kthread does not exist, will be created,\nthere is a situation where the rdp\u0027s rcuop kthreads creation fails,\nand then de-offload this CPU\u0027s rdp, does not assign this CPU\u0027s\nrdp-\u003enocb_cb_kthread pointer, but this rdp\u0027s-\u003enocb_gp_rdp and\nrdp\u0027s-\u003erdp_gp-\u003enocb_gp_kthread is still valid.\n\nThis will cause the subsequent re-offload operation of this offline\nCPU, which will pass the conditional check and the kthread_unpark()\nwill access invalid rdp\u0027s-\u003enocb_cb_kthread pointer.\n\nThis commit therefore use rdp\u0027s-\u003enocb_gp_kthread instead of\nrdp_gp\u0027s-\u003enocb_gp_kthread for safety check.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38704"
},
{
"cve": "CVE-2025-38708",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrbd: add missing kref_get in handle_write_conflicts\n\nWith `two-primaries` enabled, DRBD tries to detect \"concurrent\" writes\nand handle write conflicts, so that even if you write to the same sector\nsimultaneously on both nodes, they end up with the identical data once\nthe writes are completed.\n\nIn handling \"superseeded\" writes, we forgot a kref_get,\nresulting in a premature drbd_destroy_device and use after free,\nand further to kernel crashes with symptoms.\n\nRelevance: No one should use DRBD as a random data generator, and apparently\nall users of \"two-primaries\" handle concurrent writes correctly on layer up.\nThat is cluster file systems use some distributed lock manager,\nand live migration in virtualization environments stops writes on one node\nbefore starting writes on the other node.\n\nWhich means that other than for \"test cases\",\nthis code path is never taken in real life.\n\nFYI, in DRBD 9, things are handled differently nowadays. We still detect\n\"write conflicts\", but no longer try to be smart about them.\nWe decided to disconnect hard instead: upper layers must not submit concurrent\nwrites. If they do, that\u0027s their fault.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38708"
},
{
"cve": "CVE-2025-38721",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: fix refcount leak on table dump\n\nThere is a reference count leak in ctnetlink_dump_table():\n if (res \u003c 0) {\n nf_conntrack_get(\u0026ct-\u003ect_general); // HERE\n cb-\u003eargs[1] = (unsigned long)ct;\n ...\n\nWhile its very unlikely, its possible that ct == last.\nIf this happens, then the refcount of ct was already incremented.\nThis 2nd increment is never undone.\n\nThis prevents the conntrack object from being released, which in turn\nkeeps prevents cnet-\u003ecount from dropping back to 0.\n\nThis will then block the netns dismantle (or conntrack rmmod) as\nnf_conntrack_cleanup_net_list() will wait forever.\n\nThis can be reproduced by running conntrack_resize.sh selftest in a loop.\nIt takes ~20 minutes for me on a preemptible kernel on average before\nI see a runaway kworker spinning in nf_conntrack_cleanup_net_list.\n\nOne fix would to change this to:\n if (res \u003c 0) {\n\t\tif (ct != last)\n\t nf_conntrack_get(\u0026ct-\u003ect_general);\n\nBut this reference counting isn\u0027t needed in the first place.\nWe can just store a cookie value instead.\n\nA followup patch will do the same for ctnetlink_exp_dump_table,\nit looks to me as if this has the same problem and like\nctnetlink_dump_table, we only need a \u0027skip hint\u0027, not the actual\nobject so we can apply the same cookie strategy there as well.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38721"
},
{
"cve": "CVE-2025-38724",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()\n\nLei Lu recently reported that nfsd4_setclientid_confirm() did not check\nthe return value from get_client_locked(). a SETCLIENTID_CONFIRM could\nrace with a confirmed client expiring and fail to get a reference. That\ncould later lead to a UAF.\n\nFix this by getting a reference early in the case where there is an\nextant confirmed client. If that fails then treat it as if there were no\nconfirmed client found at all.\n\nIn the case where the unconfirmed client is expiring, just fail and\nreturn the result from get_client_locked().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38724"
},
{
"cve": "CVE-2025-38727",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: avoid infinite retry looping in netlink_unicast()\n\nnetlink_attachskb() checks for the socket\u0027s read memory allocation\nconstraints. Firstly, it has:\n\n rmem \u003c READ_ONCE(sk-\u003esk_rcvbuf)\n\nto check if the just increased rmem value fits into the socket\u0027s receive\nbuffer. If not, it proceeds and tries to wait for the memory under:\n\n rmem + skb-\u003etruesize \u003e READ_ONCE(sk-\u003esk_rcvbuf)\n\nThe checks don\u0027t cover the case when skb-\u003etruesize + sk-\u003esk_rmem_alloc is\nequal to sk-\u003esk_rcvbuf. Thus the function neither successfully accepts\nthese conditions, nor manages to reschedule the task - and is called in\nretry loop for indefinite time which is caught as:\n\n rcu: INFO: rcu_sched self-detected stall on CPU\n rcu: 0-....: (25999 ticks this GP) idle=ef2/1/0x4000000000000000 softirq=262269/262269 fqs=6212\n (t=26000 jiffies g=230833 q=259957)\n NMI backtrace for cpu 0\n CPU: 0 PID: 22 Comm: kauditd Not tainted 5.10.240 #68\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc42 04/01/2014\n Call Trace:\n \u003cIRQ\u003e\n dump_stack lib/dump_stack.c:120\n nmi_cpu_backtrace.cold lib/nmi_backtrace.c:105\n nmi_trigger_cpumask_backtrace lib/nmi_backtrace.c:62\n rcu_dump_cpu_stacks kernel/rcu/tree_stall.h:335\n rcu_sched_clock_irq.cold kernel/rcu/tree.c:2590\n update_process_times kernel/time/timer.c:1953\n tick_sched_handle kernel/time/tick-sched.c:227\n tick_sched_timer kernel/time/tick-sched.c:1399\n __hrtimer_run_queues kernel/time/hrtimer.c:1652\n hrtimer_interrupt kernel/time/hrtimer.c:1717\n __sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113\n asm_call_irq_on_stack arch/x86/entry/entry_64.S:808\n \u003c/IRQ\u003e\n\n netlink_attachskb net/netlink/af_netlink.c:1234\n netlink_unicast net/netlink/af_netlink.c:1349\n kauditd_send_queue kernel/audit.c:776\n kauditd_thread kernel/audit.c:897\n kthread kernel/kthread.c:328\n ret_from_fork arch/x86/entry/entry_64.S:304\n\nRestore the original behavior of the check which commit in Fixes\naccidentally missed when restructuring the code.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-38727"
},
{
"cve": "CVE-2025-39683",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Limit access to parser-\u003ebuffer when trace_get_user failed\n\nWhen the length of the string written to set_ftrace_filter exceeds\nFTRACE_BUFF_MAX, the following KASAN alarm will be triggered:\n\nBUG: KASAN: slab-out-of-bounds in strsep+0x18c/0x1b0\nRead of size 1 at addr ffff0000d00bd5ba by task ash/165\n\nCPU: 1 UID: 0 PID: 165 Comm: ash Not tainted 6.16.0-g6bcdbd62bd56-dirty\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x34/0x50 (C)\n dump_stack_lvl+0xa0/0x158\n print_address_description.constprop.0+0x88/0x398\n print_report+0xb0/0x280\n kasan_report+0xa4/0xf0\n __asan_report_load1_noabort+0x20/0x30\n strsep+0x18c/0x1b0\n ftrace_process_regex.isra.0+0x100/0x2d8\n ftrace_regex_release+0x484/0x618\n __fput+0x364/0xa58\n ____fput+0x28/0x40\n task_work_run+0x154/0x278\n do_notify_resume+0x1f0/0x220\n el0_svc+0xec/0xf0\n el0t_64_sync_handler+0xa0/0xe8\n el0t_64_sync+0x1ac/0x1b0\n\nThe reason is that trace_get_user will fail when processing a string\nlonger than FTRACE_BUFF_MAX, but not set the end of parser-\u003ebuffer to 0.\nThen an OOB access will be triggered in ftrace_regex_release-\u003e\nftrace_process_regex-\u003estrsep-\u003estrpbrk. We can solve this problem by\nlimiting access to parser-\u003ebuffer when trace_get_user failed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39683"
},
{
"cve": "CVE-2025-39689",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Also allocate and copy hash for reading of filter files\n\nCurrently the reader of set_ftrace_filter and set_ftrace_notrace just adds\nthe pointer to the global tracer hash to its iterator. Unlike the writer\nthat allocates a copy of the hash, the reader keeps the pointer to the\nfilter hashes. This is problematic because this pointer is static across\nfunction calls that release the locks that can update the global tracer\nhashes. This can cause UAF and similar bugs.\n\nAllocate and copy the hash for reading the filter files like it is done\nfor the writers. This not only fixes UAF bugs, but also makes the code a\nbit simpler as it doesn\u0027t have to differentiate when to free the\niterator\u0027s hash between writers and readers.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39689"
},
{
"cve": "CVE-2025-39697",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a race when updating an existing write\n\nAfter nfs_lock_and_join_requests() tests for whether the request is\nstill attached to the mapping, nothing prevents a call to\nnfs_inode_remove_request() from succeeding until we actually lock the\npage group.\nThe reason is that whoever called nfs_inode_remove_request() doesn\u0027t\nnecessarily have a lock on the page group head.\n\nSo in order to avoid races, let\u0027s take the page group lock earlier in\nnfs_lock_and_join_requests(), and hold it across the removal of the\nrequest in nfs_inode_remove_request().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39697"
},
{
"cve": "CVE-2025-39724",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: 8250: fix panic due to PSLVERR\n\nWhen the PSLVERR_RESP_EN parameter is set to 1, the device generates\nan error response if an attempt is made to read an empty RBR (Receive\nBuffer Register) while the FIFO is enabled.\n\nIn serial8250_do_startup(), calling serial_port_out(port, UART_LCR,\nUART_LCR_WLEN8) triggers dw8250_check_lcr(), which invokes\ndw8250_force_idle() and serial8250_clear_and_reinit_fifos(). The latter\nfunction enables the FIFO via serial_out(p, UART_FCR, p-\u003efcr).\nExecution proceeds to the serial_port_in(port, UART_RX).\nThis satisfies the PSLVERR trigger condition.\n\nWhen another CPU (e.g., using printk()) is accessing the UART (UART\nis busy), the current CPU fails the check (value \u0026 ~UART_LCR_SPAR) ==\n(lcr \u0026 ~UART_LCR_SPAR) in dw8250_check_lcr(), causing it to enter\ndw8250_force_idle().\n\nPut serial_port_out(port, UART_LCR, UART_LCR_WLEN8) under the port-\u003elock\nto fix this issue.\n\nPanic backtrace:\n[ 0.442336] Oops - unknown exception [#1]\n[ 0.442343] epc : dw8250_serial_in32+0x1e/0x4a\n[ 0.442351] ra : serial8250_do_startup+0x2c8/0x88e\n...\n[ 0.442416] console_on_rootfs+0x26/0x70",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39724"
},
{
"cve": "CVE-2025-39748",
"cwe": {
"id": "CWE-478",
"name": "Missing Default Case in Multiple Condition Expression"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Forget ranges when refining tnum after JSET\n\nSyzbot reported a kernel warning due to a range invariant violation on\nthe following BPF program.\n\n 0: call bpf_get_netns_cookie\n 1: if r0 == 0 goto \u003cexit\u003e\n 2: if r0 \u0026 Oxffffffff goto \u003cexit\u003e\n\nThe issue is on the path where we fall through both jumps.\n\nThat path is unreachable at runtime: after insn 1, we know r0 != 0, but\nwith the sign extension on the jset, we would only fallthrough insn 2\nif r0 == 0. Unfortunately, is_branch_taken() isn\u0027t currently able to\nfigure this out, so the verifier walks all branches. The verifier then\nrefines the register bounds using the second condition and we end\nup with inconsistent bounds on this unreachable path:\n\n 1: if r0 == 0 goto \u003cexit\u003e\n r0: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0xffffffffffffffff)\n 2: if r0 \u0026 0xffffffff goto \u003cexit\u003e\n r0 before reg_bounds_sync: u64=[0x1, 0xffffffffffffffff] var_off=(0, 0)\n r0 after reg_bounds_sync: u64=[0x1, 0] var_off=(0, 0)\n\nImproving the range refinement for JSET to cover all cases is tricky. We\nalso don\u0027t expect many users to rely on JSET given LLVM doesn\u0027t generate\nthose instructions. So instead of improving the range refinement for\nJSETs, Eduard suggested we forget the ranges whenever we\u0027re narrowing\ntnums after a JSET. This patch implements that approach.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39748"
},
{
"cve": "CVE-2025-39756",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Prevent file descriptor table allocations exceeding INT_MAX\n\nWhen sysctl_nr_open is set to a very high value (for example, 1073741816\nas set by systemd), processes attempting to use file descriptors near\nthe limit can trigger massive memory allocation attempts that exceed\nINT_MAX, resulting in a WARNING in mm/slub.c:\n\n WARNING: CPU: 0 PID: 44 at mm/slub.c:5027 __kvmalloc_node_noprof+0x21a/0x288\n\nThis happens because kvmalloc_array() and kvmalloc() check if the\nrequested size exceeds INT_MAX and emit a warning when the allocation is\nnot flagged with __GFP_NOWARN.\n\nSpecifically, when nr_open is set to 1073741816 (0x3ffffff8) and a\nprocess calls dup2(oldfd, 1073741880), the kernel attempts to allocate:\n- File descriptor array: 1073741880 * 8 bytes = 8,589,935,040 bytes\n- Multiple bitmaps: ~400MB\n- Total allocation size: \u003e 8GB (exceeding INT_MAX = 2,147,483,647)\n\nReproducer:\n1. Set /proc/sys/fs/nr_open to 1073741816:\n # echo 1073741816 \u003e /proc/sys/fs/nr_open\n\n2. Run a program that uses a high file descriptor:\n #include \u003cunistd.h\u003e\n #include \u003csys/resource.h\u003e\n\n int main() {\n struct rlimit rlim = {1073741824, 1073741824};\n setrlimit(RLIMIT_NOFILE, \u0026rlim);\n dup2(2, 1073741880); // Triggers the warning\n return 0;\n }\n\n3. Observe WARNING in dmesg at mm/slub.c:5027\n\nsystemd commit a8b627a introduced automatic bumping of fs.nr_open to the\nmaximum possible value. The rationale was that systems with memory\ncontrol groups (memcg) no longer need separate file descriptor limits\nsince memory is properly accounted. However, this change overlooked\nthat:\n\n1. The kernel\u0027s allocation functions still enforce INT_MAX as a maximum\n size regardless of memcg accounting\n2. Programs and tests that legitimately test file descriptor limits can\n inadvertently trigger massive allocations\n3. The resulting allocations (\u003e8GB) are impractical and will always fail\n\nsystemd\u0027s algorithm starts with INT_MAX and keeps halving the value\nuntil the kernel accepts it. On most systems, this results in nr_open\nbeing set to 1073741816 (0x3ffffff8), which is just under 1GB of file\ndescriptors.\n\nWhile processes rarely use file descriptors near this limit in normal\noperation, certain selftests (like\ntools/testing/selftests/core/unshare_test.c) and programs that test file\ndescriptor limits can trigger this issue.\n\nFix this by adding a check in alloc_fdtable() to ensure the requested\nallocation size does not exceed INT_MAX. This causes the operation to\nfail with -EMFILE instead of triggering a kernel warning and avoids the\nimpractical \u003e8GB memory allocation request.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39756"
},
{
"cve": "CVE-2025-39764",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: remove refcounting in expectation dumpers\n\nSame pattern as previous patch: do not keep the expectation object\nalive via refcount, only store a cookie value and then use that\nas the skip hint for dump resumption.\n\nAFAICS this has the same issue as the one resolved in the conntrack\ndumper, when we do\n if (!refcount_inc_not_zero(\u0026exp-\u003euse))\n\nto increment the refcount, there is a chance that exp == last, which\ncauses a double-increment of the refcount and subsequent memory leak.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39764"
},
{
"cve": "CVE-2025-39770",
"cwe": {
"id": "CWE-573",
"name": "Improper Following of Specification by Caller"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM\n\nWhen performing Generic Segmentation Offload (GSO) on an IPv6 packet that\ncontains extension headers, the kernel incorrectly requests checksum offload\nif the egress device only advertises NETIF_F_IPV6_CSUM feature, which has\na strict contract: it supports checksum offload only for plain TCP or UDP\nover IPv6 and explicitly does not support packets with extension headers.\nThe current GSO logic violates this contract by failing to disable the feature\nfor packets with extension headers, such as those used in GREoIPv6 tunnels.\n\nThis violation results in the device being asked to perform an operation\nit cannot support, leading to a `skb_warn_bad_offload` warning and a collapse\nof network throughput. While device TSO/USO is correctly bypassed in favor\nof software GSO for these packets, the GSO stack must be explicitly told not\nto request checksum offload.\n\nMask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4\nin gso_features_check if the IPv6 header contains extension headers to compute\nchecksum in software.\n\nThe exception is a BIG TCP extension, which, as stated in commit\n68e068cabd2c6c53 (\"net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\"):\n\"The feature is only enabled on devices that support BIG TCP TSO.\nThe header is only present for PF_PACKET taps like tcpdump,\nand not transmitted by physical devices.\"\n\nkernel log output (truncated):\nWARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140\n...\nCall Trace:\n \u003cTASK\u003e\n skb_checksum_help+0x12a/0x1f0\n validate_xmit_skb+0x1a3/0x2d0\n validate_xmit_skb_list+0x4f/0x80\n sch_direct_xmit+0x1a2/0x380\n __dev_xmit_skb+0x242/0x670\n __dev_queue_xmit+0x3fc/0x7f0\n ip6_finish_output2+0x25e/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel]\n ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre]\n dev_hard_start_xmit+0x63/0x1c0\n __dev_queue_xmit+0x6d0/0x7f0\n ip6_finish_output2+0x214/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n inet6_csk_xmit+0xeb/0x150\n __tcp_transmit_skb+0x555/0xa80\n tcp_write_xmit+0x32a/0xe90\n tcp_sendmsg_locked+0x437/0x1110\n tcp_sendmsg+0x2f/0x50\n...\nskb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e\nskb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00\nskb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00\nskb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00\nskb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9\nskb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01\nskb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39770"
},
{
"cve": "CVE-2025-39773",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix soft lockup in br_multicast_query_expired()\n\nWhen set multicast_query_interval to a large value, the local variable\n\u0027time\u0027 in br_multicast_send_query() may overflow. If the time is smaller\nthan jiffies, the timer will expire immediately, and then call mod_timer()\nagain, which creates a loop and may trigger the following soft lockup\nissue.\n\n watchdog: BUG: soft lockup - CPU#1 stuck for 221s! [rb_consumer:66]\n CPU: 1 UID: 0 PID: 66 Comm: rb_consumer Not tainted 6.16.0+ #259 PREEMPT(none)\n Call Trace:\n \u003cIRQ\u003e\n __netdev_alloc_skb+0x2e/0x3a0\n br_ip6_multicast_alloc_query+0x212/0x1b70\n __br_multicast_send_query+0x376/0xac0\n br_multicast_send_query+0x299/0x510\n br_multicast_query_expired.constprop.0+0x16d/0x1b0\n call_timer_fn+0x3b/0x2a0\n __run_timers+0x619/0x950\n run_timer_softirq+0x11c/0x220\n handle_softirqs+0x18e/0x560\n __irq_exit_rcu+0x158/0x1a0\n sysvec_apic_timer_interrupt+0x76/0x90\n \u003c/IRQ\u003e\n\nThis issue can be reproduced with:\n ip link add br0 type bridge\n echo 1 \u003e /sys/class/net/br0/bridge/multicast_querier\n echo 0xffffffffffffffff \u003e\n \t/sys/class/net/br0/bridge/multicast_query_interval\n ip link set dev br0 up\n\nThe multicast_startup_query_interval can also cause this issue. Similar to\nthe commit 99b40610956a (\"net: bridge: mcast: add and enforce query\ninterval minimum\"), add check for the query interval maximum to fix this\nissue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39773"
},
{
"cve": "CVE-2025-39783",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: Fix configfs group list head handling\n\nDoing a list_del() on the epf_group field of struct pci_epf_driver in\npci_epf_remove_cfs() is not correct as this field is a list head, not\na list entry. This list_del() call triggers a KASAN warning when an\nendpoint function driver which has a configfs attribute group is torn\ndown:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in pci_epf_remove_cfs+0x17c/0x198\nWrite of size 8 at addr ffff00010f4a0d80 by task rmmod/319\n\nCPU: 3 UID: 0 PID: 319 Comm: rmmod Not tainted 6.16.0-rc2 #1 NONE\nHardware name: Radxa ROCK 5B (DT)\nCall trace:\nshow_stack+0x2c/0x84 (C)\ndump_stack_lvl+0x70/0x98\nprint_report+0x17c/0x538\nkasan_report+0xb8/0x190\n__asan_report_store8_noabort+0x20/0x2c\npci_epf_remove_cfs+0x17c/0x198\npci_epf_unregister_driver+0x18/0x30\nnvmet_pci_epf_cleanup_module+0x24/0x30 [nvmet_pci_epf]\n__arm64_sys_delete_module+0x264/0x424\ninvoke_syscall+0x70/0x260\nel0_svc_common.constprop.0+0xac/0x230\ndo_el0_svc+0x40/0x58\nel0_svc+0x48/0xdc\nel0t_64_sync_handler+0x10c/0x138\nel0t_64_sync+0x198/0x19c\n...\n\nRemove this incorrect list_del() call from pci_epf_remove_cfs().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39783"
},
{
"cve": "CVE-2025-39787",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: mdt_loader: Ensure we don\u0027t read past the ELF header\n\nWhen the MDT loader is used in remoteproc, the ELF header is sanitized\nbeforehand, but that\u0027s not necessary the case for other clients.\n\nValidate the size of the firmware buffer to ensure that we don\u0027t read\npast the end as we iterate over the header. e_phentsize and e_shentsize\nare validated as well, to ensure that the assumptions about step size in\nthe traversal are valid.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39787"
},
{
"cve": "CVE-2025-39795",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid possible overflow for chunk_sectors check in blk_stack_limits()\n\nIn blk_stack_limits(), we check that the t-\u003echunk_sectors value is a\nmultiple of the t-\u003ephysical_block_size value.\n\nHowever, by finding the chunk_sectors value in bytes, we may overflow\nthe unsigned int which holds chunk_sectors, so change the check to be\nbased on sectors.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39795"
},
{
"cve": "CVE-2025-39798",
"cwe": {
"id": "CWE-273",
"name": "Improper Check for Dropped Privileges"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix the setting of capabilities when automounting a new filesystem\n\nCapabilities cannot be inherited when we cross into a new filesystem.\nThey need to be reset to the minimal defaults, and then probed for\nagain.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39798"
},
{
"cve": "CVE-2025-39866",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: writeback: fix use-after-free in __mark_inode_dirty()\n\nAn use-after-free issue occurred when __mark_inode_dirty() get the\nbdi_writeback that was in the progress of switching.\n\nCPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1\n......\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __mark_inode_dirty+0x124/0x418\nlr : __mark_inode_dirty+0x118/0x418\nsp : ffffffc08c9dbbc0\n........\nCall trace:\n __mark_inode_dirty+0x124/0x418\n generic_update_time+0x4c/0x60\n file_modified+0xcc/0xd0\n ext4_buffered_write_iter+0x58/0x124\n ext4_file_write_iter+0x54/0x704\n vfs_write+0x1c0/0x308\n ksys_write+0x74/0x10c\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x114\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x40/0xe4\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x194/0x198\n\nRoot cause is:\n\nsystemd-random-seed kworker\n----------------------------------------------------------------------\n___mark_inode_dirty inode_switch_wbs_work_fn\n\n spin_lock(\u0026inode-\u003ei_lock);\n inode_attach_wb\n locked_inode_to_wb_and_lock_list\n get inode-\u003ei_wb\n spin_unlock(\u0026inode-\u003ei_lock);\n spin_lock(\u0026wb-\u003elist_lock)\n spin_lock(\u0026inode-\u003ei_lock)\n inode_io_list_move_locked\n spin_unlock(\u0026wb-\u003elist_lock)\n spin_unlock(\u0026inode-\u003ei_lock)\n spin_lock(\u0026old_wb-\u003elist_lock)\n inode_do_switch_wbs\n spin_lock(\u0026inode-\u003ei_lock)\n inode-\u003ei_wb = new_wb\n spin_unlock(\u0026inode-\u003ei_lock)\n spin_unlock(\u0026old_wb-\u003elist_lock)\n wb_put_many(old_wb, nr_switched)\n cgwb_release\n old wb released\n wb_wakeup_delayed() accesses wb,\n then trigger the use-after-free\n issue\n\nFix this race condition by holding inode spinlock until\nwb_wakeup_delayed() finished.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39866"
},
{
"cve": "CVE-2025-39929",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path\n\nDuring tests of another unrelated patch I was able to trigger this\nerror: Objects remaining on __kmem_cache_shutdown()",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39929"
},
{
"cve": "CVE-2025-39931",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Set merge to zero early in af_alg_sendmsg\n\nIf an error causes af_alg_sendmsg to abort, ctx-\u003emerge may contain\na garbage value from the previous loop. This may then trigger a\ncrash on the next entry into af_alg_sendmsg when it attempts to do\na merge that can\u0027t be done.\n\nFix this by setting ctx-\u003emerge to zero near the start of the loop.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39931"
},
{
"cve": "CVE-2025-39977",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Prevent use-after-free during requeue-PI\n\nsyzbot managed to trigger the following race:\n\n T1 T2\n\n futex_wait_requeue_pi()\n futex_do_wait()\n schedule()\n futex_requeue()\n futex_proxy_trylock_atomic()\n futex_requeue_pi_prepare()\n requeue_pi_wake_futex()\n futex_requeue_pi_complete()\n /* preempt */\n\n * timeout/ signal wakes T1 *\n\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\n futex_hash_put()\n // back to userland, on stack futex_q is garbage\n\n /* back */\n wake_up_state(q-\u003etask, TASK_NORMAL);\n\nIn this scenario futex_wait_requeue_pi() is able to leave without using\nfutex_q::lock_ptr for synchronization.\n\nThis can be prevented by reading futex_q::task before updating the\nfutex_q::requeue_state. A reference on the task_struct is not needed\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\nimplies a RCU read section.\n\nEven if T1 terminates immediately after, the task_struct will remain valid\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\nfutex_requeue_pi_complete() is enough because it ensures that the variable\nis read before the state is updated.\n\nRead futex_q::task before updating the requeue state, use it for the\nfollowing wakeup.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-40022",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Fix incorrect boolean values in af_alg_ctx\n\nCommit 1b34cbbf4f01 (\"crypto: af_alg - Disallow concurrent writes in\naf_alg_sendmsg\") changed some fields from bool to 1-bit bitfields of\ntype u32.\n\nHowever, some assignments to these fields, specifically \u0027more\u0027 and\n\u0027merge\u0027, assign values greater than 1. These relied on C\u0027s implicit\nconversion to bool, such that zero becomes false and nonzero becomes\ntrue.\n\nWith a 1-bit bitfields of type u32 instead, mod 2 of the value is taken\ninstead, resulting in 0 being assigned in some cases when 1 was intended.\n\nFix this by restoring the bool type.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-40022"
},
{
"cve": "CVE-2025-40135",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU in ip6_xmit()\n\nUse RCU in ip6_xmit() in order to use dst_dev_rcu() to prevent\npossible UAF.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-40135"
},
{
"cve": "CVE-2025-40219",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/IOV: Fix race between SR-IOV enable/disable and hotplug\n\nCommit 05703271c3cd (\"PCI/IOV: Add PCI rescan-remove locking when\nenabling/disabling SR-IOV\") tried to fix a race between the VF removal\ninside sriov_del_vfs() and concurrent hot unplug by taking the PCI\nrescan/remove lock in sriov_del_vfs(). Similarly the PCI rescan/remove lock\nwas also taken in sriov_add_vfs() to protect addition of VFs.\n\nThis approach however causes deadlock on trying to remove PFs with SR-IOV\nenabled because PFs disable SR-IOV during removal and this removal happens\nunder the PCI rescan/remove lock. So the original fix had to be reverted.\n\nInstead of taking the PCI rescan/remove lock in sriov_add_vfs() and\nsriov_del_vfs(), fix the race that occurs with SR-IOV enable and disable vs\nhotplug higher up in the callchain by taking the lock in\nsriov_numvfs_store() before calling into the driver\u0027s sriov_configure()\ncallback.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-40219"
},
{
"cve": "CVE-2025-40261",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: nvme-fc: Ensure -\u003eioerr_work is cancelled in nvme_fc_delete_ctrl()\n\nnvme_fc_delete_assocation() waits for pending I/O to complete before\nreturning, and an error can cause -\u003eioerr_work to be queued after\ncancel_work_sync() had been called. Move the call to cancel_work_sync() to\nbe after nvme_fc_delete_association() to ensure -\u003eioerr_work is not running\nwhen the nvme_fc_ctrl object is freed. Otherwise the following can occur:\n\n[ 1135.911754] list_del corruption, ff2d24c8093f31f8-\u003enext is NULL\n[ 1135.917705] ------------[ cut here ]------------\n[ 1135.922336] kernel BUG at lib/list_debug.c:52!\n[ 1135.926784] Oops: invalid opcode: 0000 [#1] SMP NOPTI\n[ 1135.931851] CPU: 48 UID: 0 PID: 726 Comm: kworker/u449:23 Kdump: loaded Not tainted 6.12.0 #1 PREEMPT(voluntary)\n[ 1135.943490] Hardware name: Dell Inc. PowerEdge R660/0HGTK9, BIOS 2.5.4 01/16/2025\n[ 1135.950969] Workqueue: 0x0 (nvme-wq)\n[ 1135.954673] RIP: 0010:__list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1135.961041] Code: c7 c7 98 68 72 94 e8 26 45 fe ff 0f 0b 48 c7 c7 70 68 72 94 e8 18 45 fe ff 0f 0b 48 89 fe 48 c7 c7 80 69 72 94 e8 07 45 fe ff \u003c0f\u003e 0b 48 89 d1 48 c7 c7 a0 6a 72 94 48 89 c2 e8 f3 44 fe ff 0f 0b\n[ 1135.979788] RSP: 0018:ff579b19482d3e50 EFLAGS: 00010046\n[ 1135.985015] RAX: 0000000000000033 RBX: ff2d24c8093f31f0 RCX: 0000000000000000\n[ 1135.992148] RDX: 0000000000000000 RSI: ff2d24d6bfa1d0c0 RDI: ff2d24d6bfa1d0c0\n[ 1135.999278] RBP: ff2d24c8093f31f8 R08: 0000000000000000 R09: ffffffff951e2b08\n[ 1136.006413] R10: ffffffff95122ac8 R11: 0000000000000003 R12: ff2d24c78697c100\n[ 1136.013546] R13: fffffffffffffff8 R14: 0000000000000000 R15: ff2d24c78697c0c0\n[ 1136.020677] FS: 0000000000000000(0000) GS:ff2d24d6bfa00000(0000) knlGS:0000000000000000\n[ 1136.028765] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1136.034510] CR2: 00007fd207f90b80 CR3: 000000163ea22003 CR4: 0000000000f73ef0\n[ 1136.041641] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1136.048776] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 1136.055910] PKRU: 55555554\n[ 1136.058623] Call Trace:\n[ 1136.061074] \u003cTASK\u003e\n[ 1136.063179] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.067540] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 1136.071898] ? move_linked_works+0x4a/0xa0\n[ 1136.075998] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.081744] ? __die_body.cold+0x8/0x12\n[ 1136.085584] ? die+0x2e/0x50\n[ 1136.088469] ? do_trap+0xca/0x110\n[ 1136.091789] ? do_error_trap+0x65/0x80\n[ 1136.095543] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.101289] ? exc_invalid_op+0x50/0x70\n[ 1136.105127] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.110874] ? asm_exc_invalid_op+0x1a/0x20\n[ 1136.115059] ? __list_del_entry_valid_or_report.cold+0xf/0x6f\n[ 1136.120806] move_linked_works+0x4a/0xa0\n[ 1136.124733] worker_thread+0x216/0x3a0\n[ 1136.128485] ? __pfx_worker_thread+0x10/0x10\n[ 1136.132758] kthread+0xfa/0x240\n[ 1136.135904] ? __pfx_kthread+0x10/0x10\n[ 1136.139657] ret_from_fork+0x31/0x50\n[ 1136.143236] ? __pfx_kthread+0x10/0x10\n[ 1136.146988] ret_from_fork_asm+0x1a/0x30\n[ 1136.150915] \u003c/TASK\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-40261"
},
{
"cve": "CVE-2025-46836",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package do not properly validate the structure of /proc files when showing interfaces. `get_name()` in `interface.c` copies interface labels from `/proc/net/dev` into a fixed 16-byte stack buffer without bounds checking, leading to possible arbitrary code execution or crash. The known attack path does not require privilege but also does not provide privilege escalation in this scenario. A patch is available and expected to be part of version 2.20.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-46836"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-59375"
},
{
"cve": "CVE-2025-66382",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "description",
"text": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-66382"
},
{
"cve": "CVE-2025-68206",
"cwe": {
"id": "CWE-166",
"name": "Improper Handling of Missing Special Element"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: add seqadj extension for natted connections\n\nSequence adjustment may be required for FTP traffic with PASV/EPSV modes.\ndue to need to re-write packet payload (IP, port) on the ftp control\nconnection. This can require changes to the TCP length and expected\nseq / ack_seq.\n\nThe easiest way to reproduce this issue is with PASV mode.\nExample ruleset:\ntable inet ftp_nat {\n ct helper ftp_helper {\n type \"ftp\" protocol tcp\n l3proto inet\n }\n\n chain prerouting {\n type filter hook prerouting priority 0; policy accept;\n tcp dport 21 ct state new ct helper set \"ftp_helper\"\n }\n}\ntable ip nat {\n chain prerouting {\n type nat hook prerouting priority -100; policy accept;\n tcp dport 21 dnat ip prefix to ip daddr map {\n\t\t\t192.168.100.1 : 192.168.13.2/32 }\n }\n\n chain postrouting {\n type nat hook postrouting priority 100 ; policy accept;\n tcp sport 21 snat ip prefix to ip saddr map {\n\t\t\t192.168.13.2 : 192.168.100.1/32 }\n }\n}\n\nNote that the ftp helper gets assigned *after* the dnat setup.\n\nThe inverse (nat after helper assign) is handled by an existing\ncheck in nf_nat_setup_info() and will not show the problem.\n\nTopoloy:\n\n +-------------------+ +----------------------------------+\n | FTP: 192.168.13.2 | \u003c-\u003e | NAT: 192.168.13.3, 192.168.100.1 |\n +-------------------+ +----------------------------------+\n |\n +-----------------------+\n | Client: 192.168.100.2 |\n +-----------------------+\n\nftp nat changes do not work as expected in this case:\nConnected to 192.168.100.1.\n[..]\nftp\u003e epsv\nEPSV/EPRT on IPv4 off.\nftp\u003e ls\n227 Entering passive mode (192,168,100,1,209,129).\n421 Service not available, remote server has closed connection.\n\nKernel logs:\nMissing nfct_seqadj_ext_add() setup call\nWARNING: CPU: 1 PID: 0 at net/netfilter/nf_conntrack_seqadj.c:41\n[..]\n __nf_nat_mangle_tcp_packet+0x100/0x160 [nf_nat]\n nf_nat_ftp+0x142/0x280 [nf_nat_ftp]\n help+0x4d1/0x880 [nf_conntrack_ftp]\n nf_confirm+0x122/0x2e0 [nf_conntrack]\n nf_hook_slow+0x3c/0xb0\n ..\n\nFix this by adding the required extension when a conntrack helper is assigned\nto a connection that has a nat binding.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-68206"
},
{
"cve": "CVE-2025-68265",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix admin request_queue lifetime\n\nThe namespaces can access the controller\u0027s admin request_queue, and\nstale references on the namespaces may exist after tearing down the\ncontroller. Ensure the admin request_queue is active by moving the\ncontroller\u0027s \u0027put\u0027 to after all controller references have been released\nto ensure no one is can access the request_queue. This fixes a reported\nuse-after-free bug:\n\n BUG: KASAN: slab-use-after-free in blk_queue_enter+0x41c/0x4a0\n Read of size 8 at addr ffff88c0a53819f8 by task nvme/3287\n CPU: 67 UID: 0 PID: 3287 Comm: nvme Tainted: G E 6.13.2-ga1582f1a031e #15\n Tainted: [E]=UNSIGNED_MODULE\n Hardware name: Jabil /EGS 2S MB1, BIOS 1.00 06/18/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4f/0x60\n print_report+0xc4/0x620\n ? _raw_spin_lock_irqsave+0x70/0xb0\n ? _raw_read_unlock_irqrestore+0x30/0x30\n ? blk_queue_enter+0x41c/0x4a0\n kasan_report+0xab/0xe0\n ? blk_queue_enter+0x41c/0x4a0\n blk_queue_enter+0x41c/0x4a0\n ? __irq_work_queue_local+0x75/0x1d0\n ? blk_queue_start_drain+0x70/0x70\n ? irq_work_queue+0x18/0x20\n ? vprintk_emit.part.0+0x1cc/0x350\n ? wake_up_klogd_work_func+0x60/0x60\n blk_mq_alloc_request+0x2b7/0x6b0\n ? __blk_mq_alloc_requests+0x1060/0x1060\n ? __switch_to+0x5b7/0x1060\n nvme_submit_user_cmd+0xa9/0x330\n nvme_user_cmd.isra.0+0x240/0x3f0\n ? force_sigsegv+0xe0/0xe0\n ? nvme_user_cmd64+0x400/0x400\n ? vfs_fileattr_set+0x9b0/0x9b0\n ? cgroup_update_frozen_flag+0x24/0x1c0\n ? cgroup_leave_frozen+0x204/0x330\n ? nvme_ioctl+0x7c/0x2c0\n blkdev_ioctl+0x1a8/0x4d0\n ? blkdev_common_ioctl+0x1930/0x1930\n ? fdget+0x54/0x380\n __x64_sys_ioctl+0x129/0x190\n do_syscall_64+0x5b/0x160\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x7f765f703b0b\n Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d dd 52 0f 00 f7 d8 64 89 01 48\n RSP: 002b:00007ffe2cefe808 EFLAGS: 00000202 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007ffe2cefe860 RCX: 00007f765f703b0b\n RDX: 00007ffe2cefe860 RSI: 00000000c0484e41 RDI: 0000000000000003\n RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000000\n R10: 00007f765f611d50 R11: 0000000000000202 R12: 0000000000000003\n R13: 00000000c0484e41 R14: 0000000000000001 R15: 00007ffe2cefea60\n \u003c/TASK\u003e",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-68265"
},
{
"cve": "CVE-2025-71161",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-verity: disable recursive forward error correction\n\nThere are two problems with the recursive correction:\n\n1. It may cause denial-of-service. In fec_read_bufs, there is a loop that\nhas 253 iterations. For each iteration, we may call verity_hash_for_block\nrecursively. There is a limit of 4 nested recursions - that means that\nthere may be at most 253^4 (4 billion) iterations. Red Hat QE team\nactually created an image that pushes dm-verity to this limit - and this\nimage just makes the udev-worker process get stuck in the \u0027D\u0027 state.\n\n2. It doesn\u0027t work. In fec_read_bufs we store data into the variable\n\"fio-\u003ebufs\", but fio bufs is shared between recursive invocations, if\n\"verity_hash_for_block\" invoked correction recursively, it would\noverwrite partially filled fio-\u003ebufs.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-71161"
},
{
"cve": "CVE-2025-71221",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()\n\nAdd proper locking in mmp_pdma_residue() to prevent use-after-free when\naccessing descriptor list and descriptor contents.\n\nThe race occurs when multiple threads call tx_status() while the tasklet\non another CPU is freeing completed descriptors:\n\nCPU 0 CPU 1\n----- -----\nmmp_pdma_tx_status()\nmmp_pdma_residue()\n -\u003e NO LOCK held\n list_for_each_entry(sw, ..)\n DMA interrupt\n dma_do_tasklet()\n -\u003e spin_lock(\u0026desc_lock)\n list_move(sw-\u003enode, ...)\n spin_unlock(\u0026desc_lock)\n | dma_pool_free(sw) \u003c- FREED!\n -\u003e access sw-\u003edesc \u003c- UAF!\n\nThis issue can be reproduced when running dmatest on the same channel with\nmultiple threads (threads_per_chan \u003e 1).\n\nFix by protecting the chain_running list iteration and descriptor access\nwith the chan-\u003edesc_lock spinlock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-71221"
},
{
"cve": "CVE-2025-71265",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata\n\nWe found an infinite loop bug in the ntfs3 file system that can lead to a\nDenial-of-Service (DoS) condition.\n\nA malformed NTFS image can cause an infinite loop when an attribute header\nindicates an empty run list, while directory entries reference it as\ncontaining actual data. In NTFS, setting evcn=-1 with svcn=0 is a valid way\nto represent an empty run list, and run_unpack() correctly handles this by\nchecking if evcn + 1 equals svcn and returning early without parsing any run\ndata. However, this creates a problem when there is metadata inconsistency,\nwhere the attribute header claims to be empty (evcn=-1) but the caller\nexpects to read actual data. When run_unpack() immediately returns success\nupon seeing this condition, it leaves the runs_tree uninitialized with\nrun-\u003eruns as a NULL. The calling function attr_load_runs_range() assumes\nthat a successful return means that the runs were loaded and sets clen to 0,\nexpecting the next run_lookup_entry() call to succeed. Because runs_tree\nremains uninitialized, run_lookup_entry() continues to fail, and the loop\nincrements vcn by zero (vcn += 0), leading to an infinite loop.\n\nThis patch adds a retry counter to detect when run_lookup_entry() fails\nconsecutively after attr_load_runs_vcn(). If the run is still not found on\nthe second attempt, it indicates corrupted metadata and returns -EINVAL,\npreventing the Denial-of-Service (DoS) vulnerability.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-71265"
},
{
"cve": "CVE-2025-71266",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: ntfs3: check return value of indx_find to avoid infinite loop\n\nWe found an infinite loop bug in the ntfs3 file system that can lead to a\nDenial-of-Service (DoS) condition.\n\nA malformed dentry in the ntfs3 filesystem can cause the kernel to hang\nduring the lookup operations. By setting the HAS_SUB_NODE flag in an\nINDEX_ENTRY within a directory\u0027s INDEX_ALLOCATION block and manipulating the\nVCN pointer, an attacker can cause the indx_find() function to repeatedly\nread the same block, allocating 4 KB of memory each time. The kernel lacks\nVCN loop detection and depth limits, causing memory exhaustion and an OOM\ncrash.\n\nThis patch adds a return value check for fnd_push() to prevent a memory\nexhaustion vulnerability caused by infinite loops. When the index exceeds the\nsize of the fnd-\u003enodes array, fnd_push() returns -EINVAL. The indx_find()\nfunction checks this return value and stops processing, preventing further\nmemory allocation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-71266"
},
{
"cve": "CVE-2025-71267",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST\n\nWe found an infinite loop bug in the ntfs3 file system that can lead to a\nDenial-of-Service (DoS) condition.\n\nA malformed NTFS image can cause an infinite loop when an ATTR_LIST attribute\nindicates a zero data size while the driver allocates memory for it.\n\nWhen ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set\nto zero, it still allocates memory because of al_aligned(0). This creates an\ninconsistent state where ni-\u003eattr_list.size is zero, but ni-\u003eattr_list.le is\nnon-null. This causes ni_enum_attr_ex to incorrectly assume that no attribute\nlist exists and enumerates only the primary MFT record. When it finds\nATTR_LIST, the code reloads it and restarts the enumeration, repeating\nindefinitely. The mount operation never completes, hanging the kernel thread.\n\nThis patch adds validation to ensure that data_size is non-zero before memory\nallocation. When a zero-sized ATTR_LIST is detected, the function returns\n-EINVAL, preventing a DoS vulnerability.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2025-71267"
},
{
"cve": "CVE-2026-3904",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "description",
"text": "Calling NSS-backed functions that support caching via nscd may call the \nnscd client side code and in the GNU C Library version 2.36 under high \nload on x86_64 systems, the client may call memcmp on inputs that are \nconcurrently modified by other processes or threads and crash.\n\n\n\n\nThe nscd client in the GNU C Library uses the memcmp function with \ninputs that may be concurrently modified by another thread, potentially \nresulting in spurious cache misses, which in itself is not a security \nissue.\u00a0 However in the GNU C Library version 2.36 an optimized \nimplementation of memcmp was introduced for x86_64 which could crash \nwhen invoked with such undefined behaviour, turning this into a \npotential crash of the nscd client and the application that uses it. \nThis implementation was backported to the 2.35 branch, making the nscd \nclient in that branch vulnerable as well.\u00a0 Subsequently, the fix for \nthis issue was backported to all vulnerable branches in the GNU C \nLibrary repository.\n\n\nIt is advised that distributions that may have cherry-picked the memcpy \nSSE2 optimization in their copy of the GNU C Library, also apply the fix \nto avoid the potential crash in the nscd client.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-3904"
},
{
"cve": "CVE-2026-4046",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application.\n\n\n\nThis vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-4046"
},
{
"cve": "CVE-2026-4437",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library\u0027s DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-4437"
},
{
"cve": "CVE-2026-4438",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library\u0027s DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-4438"
},
{
"cve": "CVE-2026-5435",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-5435"
},
{
"cve": "CVE-2026-5450",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Calling the scanf family of functions with a %mc (malloc\u0027d character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-5450"
},
{
"cve": "CVE-2026-5928",
"cwe": {
"id": "CWE-127",
"name": "Buffer Under-read"
},
"notes": [
{
"category": "description",
"text": "Calling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially resulting in unintentional disclosure of neighboring data in the heap, or a program crash.\n\nA bug in the wide character pushback implementation (_IO_wdefault_pbackfail in libio/wgenops.c) causes ungetwc() to operate on the regular character buffer (fp-\u003e_IO_read_ptr) instead of the actual wide-stream read pointer (fp-\u003e_wide_data-\u003e_IO_read_ptr). The program crash may happen in cases where fp-\u003e_IO_read_ptr is not initialized and hence points to NULL. The buffer under-read requires a special situation where the input character encoding is such that there are overlaps between single byte representations and multibyte representations in that encoding, resulting in spurious matches. The spurious match case is not possible in the standard Unicode character sets.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-5928"
},
{
"cve": "CVE-2026-6238",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory.\n\nThese functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-6238"
},
{
"cve": "CVE-2026-23100",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix hugetlb_pmd_shared()\n\nPatch series \"mm/hugetlb: fixes for PMD table sharing (incl. using\nmmu_gather)\", v3.\n\nOne functional fix, one performance regression fix, and two related\ncomment fixes.\n\nI cleaned up my prototype I recently shared [1] for the performance fix,\ndeferring most of the cleanups I had in the prototype to a later point. \nWhile doing that I identified the other things.\n\nThe goal of this patch set is to be backported to stable trees \"fairly\"\neasily. At least patch #1 and #4.\n\nPatch #1 fixes hugetlb_pmd_shared() not detecting any sharing\nPatch #2 + #3 are simple comment fixes that patch #4 interacts with.\nPatch #4 is a fix for the reported performance regression due to excessive\nIPI broadcasts during fork()+exit().\n\nThe last patch is all about TLB flushes, IPIs and mmu_gather.\nRead: complicated\n\nThere are plenty of cleanups in the future to be had + one reasonable\noptimization on x86. But that\u0027s all out of scope for this series.\n\nRuntime tested, with a focus on fixing the performance regression using\nthe original reproducer [2] on x86.\n\n\nThis patch (of 4):\n\nWe switched from (wrongly) using the page count to an independent shared\ncount. Now, shared page tables have a refcount of 1 (excluding\nspeculative references) and instead use ptdesc-\u003ept_share_count to identify\nsharing.\n\nWe didn\u0027t convert hugetlb_pmd_shared(), so right now, we would never\ndetect a shared PMD table as such, because sharing/unsharing no longer\ntouches the refcount of a PMD table.\n\nPage migration, like mbind() or migrate_pages() would allow for migrating\nfolios mapped into such shared PMD tables, even though the folios are not\nexclusive. In smaps we would account them as \"private\" although they are\n\"shared\", and we would be wrongly setting the PM_MMAP_EXCLUSIVE in the\npagemap interface.\n\nFix it by properly using ptdesc_pmd_is_shared() in hugetlb_pmd_shared().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23100"
},
{
"cve": "CVE-2026-23111",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate()\n\nnft_map_catchall_activate() has an inverted element activity check\ncompared to its non-catchall counterpart nft_mapelem_activate() and\ncompared to what is logically required.\n\nnft_map_catchall_activate() is called from the abort path to re-activate\ncatchall map elements that were deactivated during a failed transaction.\nIt should skip elements that are already active (they don\u0027t need\nre-activation) and process elements that are inactive (they need to be\nrestored). Instead, the current code does the opposite: it skips inactive\nelements and processes active ones.\n\nCompare the non-catchall activate callback, which is correct:\n\n nft_mapelem_activate():\n if (nft_set_elem_active(ext, iter-\u003egenmask))\n return 0; /* skip active, process inactive */\n\nWith the buggy catchall version:\n\n nft_map_catchall_activate():\n if (!nft_set_elem_active(ext, genmask))\n continue; /* skip inactive, process active */\n\nThe consequence is that when a DELSET operation is aborted,\nnft_setelem_data_activate() is never called for the catchall element.\nFor NFT_GOTO verdict elements, this means nft_data_hold() is never\ncalled to restore the chain-\u003euse reference count. Each abort cycle\npermanently decrements chain-\u003euse. Once chain-\u003euse reaches zero,\nDELCHAIN succeeds and frees the chain while catchall verdict elements\nstill reference it, resulting in a use-after-free.\n\nThis is exploitable for local privilege escalation from an unprivileged\nuser via user namespaces + nftables on distributions that enable\nCONFIG_USER_NS and CONFIG_NF_TABLES.\n\nFix by removing the negation so the check matches nft_mapelem_activate():\nskip active elements, process inactive ones.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23111"
},
{
"cve": "CVE-2026-23113",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop\n\nCurrently this is checked before running the pending work. Normally this\nis quite fine, as work items either end up blocking (which will create a\nnew worker for other items), or they complete fairly quickly. But syzbot\nreports an issue where io-wq takes seemingly forever to exit, and with a\nbit of debugging, this turns out to be because it queues a bunch of big\n(2GB - 4096b) reads with a /dev/msr* file. Since this file type doesn\u0027t\nsupport -\u003eread_iter(), loop_rw_iter() ends up handling them. Each read\nreturns 16MB of data read, which takes 20 (!!) seconds. With a bunch of\nthese pending, processing the whole chain can take a long time. Easily\nlonger than the syzbot uninterruptible sleep timeout of 140 seconds.\nThis then triggers a complaint off the io-wq exit path:\n\nINFO: task syz.4.135:6326 blocked for more than 143 seconds.\n Not tainted syzkaller #0\n Blocked by coredump.\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:syz.4.135 state:D stack:26824 pid:6326 tgid:6324 ppid:5957 task_flags:0x400548 flags:0x00080000\nCall Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5256 [inline]\n __schedule+0x1139/0x6150 kernel/sched/core.c:6863\n __schedule_loop kernel/sched/core.c:6945 [inline]\n schedule+0xe7/0x3a0 kernel/sched/core.c:6960\n schedule_timeout+0x257/0x290 kernel/time/sleep_timeout.c:75\n do_wait_for_common kernel/sched/completion.c:100 [inline]\n __wait_for_common+0x2fc/0x4e0 kernel/sched/completion.c:121\n io_wq_exit_workers io_uring/io-wq.c:1328 [inline]\n io_wq_put_and_exit+0x271/0x8a0 io_uring/io-wq.c:1356\n io_uring_clean_tctx+0x10d/0x190 io_uring/tctx.c:203\n io_uring_cancel_generic+0x69c/0x9a0 io_uring/cancel.c:651\n io_uring_files_cancel include/linux/io_uring.h:19 [inline]\n do_exit+0x2ce/0x2bd0 kernel/exit.c:911\n do_group_exit+0xd3/0x2a0 kernel/exit.c:1112\n get_signal+0x2671/0x26d0 kernel/signal.c:3034\n arch_do_signal_or_restart+0x8f/0x7e0 arch/x86/kernel/signal.c:337\n __exit_to_user_mode_loop kernel/entry/common.c:41 [inline]\n exit_to_user_mode_loop+0x8c/0x540 kernel/entry/common.c:75\n __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]\n syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]\n do_syscall_64+0x4ee/0xf80 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fa02738f749\nRSP: 002b:00007fa0281ae0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca\nRAX: fffffffffffffe00 RBX: 00007fa0275e6098 RCX: 00007fa02738f749\nRDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa0275e6098\nRBP: 00007fa0275e6090 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fa0275e6128 R14: 00007fff14e4fcb0 R15: 00007fff14e4fd98\n\nThere\u0027s really nothing wrong here, outside of processing these reads\nwill take a LONG time. However, we can speed up the exit by checking the\nIO_WQ_BIT_EXIT inside the io_worker_handle_work() loop, as syzbot will\nexit the ring after queueing up all of these reads. Then once the first\nitem is processed, io-wq will simply cancel the rest. That should avoid\nsyzbot running into this complaint again.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23113"
},
{
"cve": "CVE-2026-23154",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix segmentation of forwarding fraglist GRO\n\nThis patch enhances GSO segment handling by properly checking\nthe SKB_GSO_DODGY flag for frag_list GSO packets, addressing\nlow throughput issues observed when a station accesses IPv4\nservers via hotspots with an IPv6-only upstream interface.\n\nSpecifically, it fixes a bug in GSO segmentation when forwarding\nGRO packets containing a frag_list. The function skb_segment_list\ncannot correctly process GRO skbs that have been converted by XLAT,\nsince XLAT only translates the header of the head skb. Consequently,\nskbs in the frag_list may remain untranslated, resulting in protocol\ninconsistencies and reduced throughput.\n\nTo address this, the patch explicitly sets the SKB_GSO_DODGY flag\nfor GSO packets in XLAT\u0027s IPv4/IPv6 protocol translation helpers\n(bpf_skb_proto_4_to_6 and bpf_skb_proto_6_to_4). This marks GSO\npackets as potentially modified after protocol translation. As a\nresult, GSO segmentation will avoid using skb_segment_list and\ninstead falls back to skb_segment for packets with the SKB_GSO_DODGY\nflag. This ensures that only safe and fully translated frag_list\npackets are processed by skb_segment_list, resolving protocol\ninconsistencies and improving throughput when forwarding GRO packets\nconverted by XLAT.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23154"
},
{
"cve": "CVE-2026-23204",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_u32: use skb_header_pointer_careful()\n\nskb_header_pointer() does not fully validate negative @offset values.\n\nUse skb_header_pointer_careful() instead.\n\nGangMin Kim provided a report and a repro fooling u32_classify():\n\nBUG: KASAN: slab-out-of-bounds in u32_classify+0x1180/0x11b0\nnet/sched/cls_u32.c:221",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23204"
},
{
"cve": "CVE-2026-23231",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: fix use-after-free in nf_tables_addchain()\n\nnf_tables_addchain() publishes the chain to table-\u003echains via\nlist_add_tail_rcu() (in nft_chain_add()) before registering hooks.\nIf nf_tables_register_hook() then fails, the error path calls\nnft_chain_del() (list_del_rcu()) followed by nf_tables_chain_destroy()\nwith no RCU grace period in between.\n\nThis creates two use-after-free conditions:\n\n 1) Control-plane: nf_tables_dump_chains() traverses table-\u003echains\n under rcu_read_lock(). A concurrent dump can still be walking\n the chain when the error path frees it.\n\n 2) Packet path: for NFPROTO_INET, nf_register_net_hook() briefly\n installs the IPv4 hook before IPv6 registration fails. Packets\n entering nft_do_chain() via the transient IPv4 hook can still be\n dereferencing chain-\u003eblob_gen_X when the error path frees the\n chain.\n\nAdd synchronize_rcu() between nft_chain_del() and the chain destroy\nso that all RCU readers -- both dump threads and in-flight packet\nevaluation -- have finished before the chain is freed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23231"
},
{
"cve": "CVE-2026-23242",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/siw: Fix potential NULL pointer dereference in header processing\n\nIf siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(),\nqp-\u003erx_fpdu can be NULL. The error path in siw_tcp_rx_data()\ndereferences qp-\u003erx_fpdu-\u003emore_ddp_segs without checking, which\nmay lead to a NULL pointer deref. Only check more_ddp_segs when\nrx_fpdu is present.\n\nKASAN splat:\n[ 101.384271] KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]\n[ 101.385869] RIP: 0010:siw_tcp_rx_data+0x13ad/0x1e50",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23242"
},
{
"cve": "CVE-2026-23243",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umad: Reject negative data_len in ib_umad_write\n\nib_umad_write computes data_len from user-controlled count and the\nMAD header sizes. With a mismatched user MAD header size and RMPP\nheader length, data_len can become negative and reach ib_create_send_mad().\nThis can make the padding calculation exceed the segment size and trigger\nan out-of-bounds memset in alloc_send_rmpp_list().\n\nAdd an explicit check to reject negative data_len before creating the\nsend buffer.\n\nKASAN splat:\n[ 211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0\n[ 211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102\n[ 211.365867] ib_create_send_mad+0xa01/0x11b0\n[ 211.365887] ib_umad_write+0x853/0x1c80",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23243"
},
{
"cve": "CVE-2026-23245",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_gate: snapshot parameters with RCU on replace\n\nThe gate action can be replaced while the hrtimer callback or dump path is\nwalking the schedule list.\n\nConvert the parameters to an RCU-protected snapshot and swap updates under\ntcf_lock, freeing the previous snapshot via call_rcu(). When REPLACE omits\nthe entry list, preserve the existing schedule so the effective state is\nunchanged.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23245"
},
{
"cve": "CVE-2026-23270",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks\n\nAs Paolo said earlier [1]:\n\n\"Since the blamed commit below, classify can return TC_ACT_CONSUMED while\nthe current skb being held by the defragmentation engine. As reported by\nGangMin Kim, if such packet is that may cause a UaF when the defrag engine\nlater on tries to tuch again such packet.\"\n\nact_ct was never meant to be used in the egress path, however some users\nare attaching it to egress today [2]. Attempting to reach a middle\nground, we noticed that, while most qdiscs are not handling\nTC_ACT_CONSUMED, clsact/ingress qdiscs are. With that in mind, we\naddress the issue by only allowing act_ct to bind to clsact/ingress\nqdiscs and shared blocks. That way it\u0027s still possible to attach act_ct to\negress (albeit only with clsact).\n\n[1] https://lore.kernel.org/netdev/674b8cbfc385c6f37fb29a1de08d8fe5c2b0fbee.1771321118.git.pabeni@redhat.com/\n[2] https://lore.kernel.org/netdev/cc6bfb4a-4a2b-42d8-b9ce-7ef6644fb22b@ovn.org/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23270"
},
{
"cve": "CVE-2026-23271",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix __perf_event_overflow() vs perf_remove_from_context() race\n\nMake sure that __perf_event_overflow() runs with IRQs disabled for all\npossible callchains. Specifically the software events can end up running\nit with only preemption disabled.\n\nThis opens up a race vs perf_event_exit_event() and friends that will go\nand free various things the overflow path expects to be present, like\nthe BPF program.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23271"
},
{
"cve": "CVE-2026-23273",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacvlan: observe an RCU grace period in macvlan_common_newlink() error path\n\nvalis reported that a race condition still happens after my prior patch.\n\nmacvlan_common_newlink() might have made @dev visible before\ndetecting an error, and its caller will directly call free_netdev(dev).\n\nWe must respect an RCU period, either in macvlan or the core networking\nstack.\n\nAfter adding a temporary mdelay(1000) in macvlan_forward_source_one()\nto open the race window, valis repro was:\n\nip link add p1 type veth peer p2\nip link set address 00:00:00:00:00:20 dev p1\nip link set up dev p1\nip link set up dev p2\nip link add mv0 link p2 type macvlan mode source\n\n(ip link add invalid% link p2 type macvlan mode source macaddr add\n00:00:00:00:00:20 \u0026) ; sleep 0.5 ; ping -c1 -I p1 1.2.3.4\nPING 1.2.3.4 (1.2.3.4): 56 data bytes\nRTNETLINK answers: Invalid argument\n\nBUG: KASAN: slab-use-after-free in macvlan_forward_source\n(drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nRead of size 8 at addr ffff888016bb89c0 by task e/175\n\nCPU: 1 UID: 1000 PID: 175 Comm: e Not tainted 6.19.0-rc8+ #33 NONE\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n\u003cIRQ\u003e\ndump_stack_lvl (lib/dump_stack.c:123)\nprint_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nkasan_report (mm/kasan/report.c:597)\n? macvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\nmacvlan_forward_source (drivers/net/macvlan.c:408 drivers/net/macvlan.c:444)\n? tasklet_init (kernel/softirq.c:983)\nmacvlan_handle_frame (drivers/net/macvlan.c:501)\n\nAllocated by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\n__kasan_kmalloc (mm/kasan/common.c:419)\n__kvmalloc_node_noprof (./include/linux/kasan.h:263 mm/slub.c:5657\nmm/slub.c:7140)\nalloc_netdev_mqs (net/core/dev.c:12012)\nrtnl_create_link (net/core/rtnetlink.c:3648)\nrtnl_newlink (net/core/rtnetlink.c:3830 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)\n\nFreed by task 169:\nkasan_save_stack (mm/kasan/common.c:58)\nkasan_save_track (./arch/x86/include/asm/current.h:25\nmm/kasan/common.c:70 mm/kasan/common.c:79)\nkasan_save_free_info (mm/kasan/generic.c:587)\n__kasan_slab_free (mm/kasan/common.c:287)\nkfree (mm/slub.c:6674 mm/slub.c:6882)\nrtnl_newlink (net/core/rtnetlink.c:3845 net/core/rtnetlink.c:3957\nnet/core/rtnetlink.c:4072)\nrtnetlink_rcv_msg (net/core/rtnetlink.c:6958)\nnetlink_rcv_skb (net/netlink/af_netlink.c:2550)\nnetlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\nnetlink_sendmsg (net/netlink/af_netlink.c:1894)\n__sys_sendto (net/socket.c:727 net/socket.c:742 net/socket.c:2206)\n__x64_sys_sendto (net/socket.c:2209)\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:131)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23273"
},
{
"cve": "CVE-2026-23274",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels\n\nIDLETIMER revision 0 rules reuse existing timers by label and always call\nmod_timer() on timer-\u003etimer.\n\nIf the label was created first by revision 1 with XT_IDLETIMER_ALARM,\nthe object uses alarm timer semantics and timer-\u003etimer is never initialized.\nReusing that object from revision 0 causes mod_timer() on an uninitialized\ntimer_list, triggering debugobjects warnings and possible panic when\npanic_on_warn=1.\n\nFix this by rejecting revision 0 rule insertion when an existing timer with\nthe same label is of ALARM type.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23274"
},
{
"cve": "CVE-2026-23277",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit\n\nteql_master_xmit() calls netdev_start_xmit(skb, slave) to transmit\nthrough slave devices, but does not update skb-\u003edev to the slave device\nbeforehand.\n\nWhen a gretap tunnel is a TEQL slave, the transmit path reaches\niptunnel_xmit() which saves dev = skb-\u003edev (still pointing to teql0\nmaster) and later calls iptunnel_xmit_stats(dev, pkt_len). This\nfunction does:\n\n get_cpu_ptr(dev-\u003etstats)\n\nSince teql_master_setup() does not set dev-\u003epcpu_stat_type to\nNETDEV_PCPU_STAT_TSTATS, the core network stack never allocates tstats\nfor teql0, so dev-\u003etstats is NULL. get_cpu_ptr(NULL) computes\nNULL + __per_cpu_offset[cpu], resulting in a page fault.\n\n BUG: unable to handle page fault for address: ffff8880e6659018\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 68bc067 P4D 68bc067 PUD 0\n Oops: Oops: 0002 [#1] SMP KASAN PTI\n RIP: 0010:iptunnel_xmit (./include/net/ip_tunnels.h:664 net/ipv4/ip_tunnel_core.c:89)\n Call Trace:\n \u003cTASK\u003e\n ip_tunnel_xmit (net/ipv4/ip_tunnel.c:847)\n __gre_xmit (net/ipv4/ip_gre.c:478)\n gre_tap_xmit (net/ipv4/ip_gre.c:779)\n teql_master_xmit (net/sched/sch_teql.c:319)\n dev_hard_start_xmit (net/core/dev.c:3887)\n sch_direct_xmit (net/sched/sch_generic.c:347)\n __dev_queue_xmit (net/core/dev.c:4802)\n neigh_direct_output (net/core/neighbour.c:1660)\n ip_finish_output2 (net/ipv4/ip_output.c:237)\n __ip_finish_output.part.0 (net/ipv4/ip_output.c:315)\n ip_mc_output (net/ipv4/ip_output.c:369)\n ip_send_skb (net/ipv4/ip_output.c:1508)\n udp_send_skb (net/ipv4/udp.c:1195)\n udp_sendmsg (net/ipv4/udp.c:1485)\n inet_sendmsg (net/ipv4/af_inet.c:859)\n __sys_sendto (net/socket.c:2206)\n\nFix this by setting skb-\u003edev = slave before calling\nnetdev_start_xmit(), so that tunnel xmit functions see the correct\nslave device with properly allocated tstats.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23277"
},
{
"cve": "CVE-2026-23284",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()\n\nReset eBPF program pointer to old_prog and do not decrease its ref-count\nif mtk_open routine in mtk_xdp_setup() fails.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23284"
},
{
"cve": "CVE-2026-23287",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/sifive-plic: Fix frozen interrupt due to affinity setting\n\nPLIC ignores interrupt completion message for disabled interrupt, explained\nby the specification:\n\n The PLIC signals it has completed executing an interrupt handler by\n writing the interrupt ID it received from the claim to the\n claim/complete register. The PLIC does not check whether the completion\n ID is the same as the last claim ID for that target. If the completion\n ID does not match an interrupt source that is currently enabled for\n the target, the completion is silently ignored.\n\nThis caused problems in the past, because an interrupt can be disabled\nwhile still being handled and plic_irq_eoi() had no effect. That was fixed\nby checking if the interrupt is disabled, and if so enable it, before\nsending the completion message. That check is done with irqd_irq_disabled().\n\nHowever, that is not sufficient because the enable bit for the handling\nhart can be zero despite irqd_irq_disabled(d) being false. This can happen\nwhen affinity setting is changed while a hart is still handling the\ninterrupt.\n\nThis problem is easily reproducible by dumping a large file to uart (which\ngenerates lots of interrupts) and at the same time keep changing the uart\ninterrupt\u0027s affinity setting. The uart port becomes frozen almost\ninstantaneously.\n\nFix this by checking PLIC\u0027s enable bit instead of irqd_irq_disabled().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23287"
},
{
"cve": "CVE-2026-23290",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: pegasus: validate USB endpoints\n\nThe pegasus driver should validate that the device it is probing has the\nproper number and types of USB endpoints it is expecting before it binds\nto it. If a malicious device were to not have the same urbs the driver\nwill crash later on when it blindly accesses these endpoints.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23290"
},
{
"cve": "CVE-2026-23293",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled\n\nWhen booting with the \u0027ipv6.disable=1\u0027 parameter, the nd_tbl is never\ninitialized because inet6_init() exits before ndisc_init() is called\nwhich initializes it. If an IPv6 packet is injected into the interface,\nroute_shortcircuit() is called and a NULL pointer dereference happens on\nneigh_lookup().\n\n BUG: kernel NULL pointer dereference, address: 0000000000000380\n Oops: Oops: 0000 [#1] SMP NOPTI\n [...]\n RIP: 0010:neigh_lookup+0x20/0x270\n [...]\n Call Trace:\n \u003cTASK\u003e\n vxlan_xmit+0x638/0x1ef0 [vxlan]\n dev_hard_start_xmit+0x9e/0x2e0\n __dev_queue_xmit+0xbee/0x14e0\n packet_sendmsg+0x116f/0x1930\n __sys_sendto+0x1f5/0x200\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0x12f/0x1590\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFix this by adding an early check on route_shortcircuit() when protocol\nis ETH_P_IPV6. Note that ipv6_mod_enabled() cannot be used here because\nVXLAN can be built-in even when IPv6 is built as a module.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23293"
},
{
"cve": "CVE-2026-23300",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop\n\nWhen a standalone IPv6 nexthop object is created with a loopback device\n(e.g., \"ip -6 nexthop add id 100 dev lo\"), fib6_nh_init() misclassifies\nit as a reject route. This is because nexthop objects have no destination\nprefix (fc_dst=::), causing fib6_is_reject() to match any loopback\nnexthop. The reject path skips fib_nh_common_init(), leaving\nnhc_pcpu_rth_output unallocated. If an IPv4 route later references this\nnexthop, __mkroute_output() dereferences NULL nhc_pcpu_rth_output and\npanics.\n\nSimplify the check in fib6_nh_init() to only match explicit reject\nroutes (RTF_REJECT) instead of using fib6_is_reject(). The loopback\npromotion heuristic in fib6_is_reject() is handled separately by\nip6_route_info_create_nh(). After this change, the three cases behave\nas follows:\n\n1. Explicit reject route (\"ip -6 route add unreachable 2001:db8::/64\"):\n RTF_REJECT is set, enters reject path, skips fib_nh_common_init().\n No behavior change.\n\n2. Implicit loopback reject route (\"ip -6 route add 2001:db8::/32 dev lo\"):\n RTF_REJECT is not set, takes normal path, fib_nh_common_init() is\n called. ip6_route_info_create_nh() still promotes it to reject\n afterward. nhc_pcpu_rth_output is allocated but unused, which is\n harmless.\n\n3. Standalone nexthop object (\"ip -6 nexthop add id 100 dev lo\"):\n RTF_REJECT is not set, takes normal path, fib_nh_common_init() is\n called. nhc_pcpu_rth_output is properly allocated, fixing the crash\n when IPv4 routes reference this nexthop.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23300"
},
{
"cve": "CVE-2026-23304",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()\n\nl3mdev_master_dev_rcu() can return NULL when the slave device is being\nun-slaved from a VRF. All other callers deal with this, but we lost\nthe fallback to loopback in ip6_rt_pcpu_alloc() -\u003e ip6_rt_get_dev_rcu()\nwith commit 4832c30d5458 (\"net: ipv6: put host and anycast routes on\ndevice with address\").\n\n KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f]\n RIP: 0010:ip6_rt_pcpu_alloc (net/ipv6/route.c:1418)\n Call Trace:\n ip6_pol_route (net/ipv6/route.c:2318)\n fib6_rule_lookup (net/ipv6/fib6_rules.c:115)\n ip6_route_output_flags (net/ipv6/route.c:2607)\n vrf_process_v6_outbound (drivers/net/vrf.c:437)\n\nI was tempted to rework the un-slaving code to clear the flag first\nand insert synchronize_rcu() before we remove the upper. But looks like\nthe explicit fallback to loopback_dev is an established pattern.\nAnd I guess avoiding the synchronize_rcu() is nice, too.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23304"
},
{
"cve": "CVE-2026-23319",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim\n\nThe root cause of this bug is that when \u0027bpf_link_put\u0027 reduces the\nrefcount of \u0027shim_link-\u003elink.link\u0027 to zero, the resource is considered\nreleased but may still be referenced via \u0027tr-\u003eprogs_hlist\u0027 in\n\u0027cgroup_shim_find\u0027. The actual cleanup of \u0027tr-\u003eprogs_hlist\u0027 in\n\u0027bpf_shim_tramp_link_release\u0027 is deferred. During this window, another\nprocess can cause a use-after-free via \u0027bpf_trampoline_link_cgroup_shim\u0027.\n\nBased on Martin KaFai Lau\u0027s suggestions, I have created a simple patch.\n\nTo fix this:\n Add an atomic non-zero check in \u0027bpf_trampoline_link_cgroup_shim\u0027.\n Only increment the refcount if it is not already zero.\n\nTesting:\n I verified the fix by adding a delay in\n \u0027bpf_shim_tramp_link_release\u0027 to make the bug easier to trigger:\n\nstatic void bpf_shim_tramp_link_release(struct bpf_link *link)\n{\n\t/* ... */\n\tif (!shim_link-\u003etrampoline)\n\t\treturn;\n\n+\tmsleep(100);\n\tWARN_ON_ONCE(bpf_trampoline_unlink_prog(\u0026shim_link-\u003elink,\n\t\tshim_link-\u003etrampoline, NULL));\n\tbpf_trampoline_put(shim_link-\u003etrampoline);\n}\n\nBefore the patch, running a PoC easily reproduced the crash(almost 100%)\nwith a call trace similar to KaiyanM\u0027s report.\nAfter the patch, the bug no longer occurs even after millions of\niterations.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23319"
},
{
"cve": "CVE-2026-23321",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: in-kernel: always mark signal+subflow endp as used\n\nSyzkaller managed to find a combination of actions that was generating\nthis warning:\n\n msk-\u003epm.local_addr_used == 0\n WARNING: net/mptcp/pm_kernel.c:1071 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline], CPU#1: syz.2.17/961\n WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline], CPU#1: syz.2.17/961\n WARNING: net/mptcp/pm_kernel.c:1071 at mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210, CPU#1: syz.2.17/961\n Modules linked in:\n CPU: 1 UID: 0 PID: 961 Comm: syz.2.17 Not tainted 6.19.0-08368-gfafda3b4b06b #22 PREEMPT(full)\n Hardware name: QEMU Ubuntu 25.10 PC v2 (i440FX + PIIX, + 10.1 machine, 1996), BIOS 1.17.0-debian-1.17.0-1build1 04/01/2014\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_kernel.c:1071 [inline]\n RIP: 0010:mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_kernel.c:1103 [inline]\n RIP: 0010:mptcp_pm_nl_del_addr_doit+0x81d/0x8f0 net/mptcp/pm_kernel.c:1210\n Code: 89 c5 e8 46 30 6f fe e9 21 fd ff ff 49 83 ed 80 e8 38 30 6f fe 4c 89 ef be 03 00 00 00 e8 db 49 df fe eb ac e8 24 30 6f fe 90 \u003c0f\u003e 0b 90 e9 1d ff ff ff e8 16 30 6f fe eb 05 e8 0f 30 6f fe e8 9a\n RSP: 0018:ffffc90001663880 EFLAGS: 00010293\n RAX: ffffffff82de1a6c RBX: 0000000000000000 RCX: ffff88800722b500\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffff8880158b22d0 R08: 0000000000010425 R09: ffffffffffffffff\n R10: ffffffff82de18ba R11: 0000000000000000 R12: ffff88800641a640\n R13: ffff8880158b1880 R14: ffff88801ec3c900 R15: ffff88800641a650\n FS: 00005555722c3500(0000) GS:ffff8880f909d000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f66346e0f60 CR3: 000000001607c000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit+0x117/0x180 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x3a8/0x3f0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16d/0x240 net/netlink/af_netlink.c:2550\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x3e9/0x4c0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x4aa/0x5b0 net/netlink/af_netlink.c:1894\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg+0xc9/0xf0 net/socket.c:742\n ____sys_sendmsg+0x272/0x3b0 net/socket.c:2592\n ___sys_sendmsg+0x2de/0x320 net/socket.c:2646\n __sys_sendmsg net/socket.c:2678 [inline]\n __do_sys_sendmsg net/socket.c:2683 [inline]\n __se_sys_sendmsg net/socket.c:2681 [inline]\n __x64_sys_sendmsg+0x110/0x1a0 net/socket.c:2681\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x143/0x440 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f66346f826d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007ffc83d8bdc8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6634985fa0 RCX: 00007f66346f826d\n RDX: 00000000040000b0 RSI: 0000200000000740 RDI: 0000000000000007\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6634985fa8\n R13: 00007f6634985fac R14: 0000000000000000 R15: 0000000000001770\n \u003c/TASK\u003e\n\nThe actions that caused that seem to be:\n\n - Set the MPTCP subflows limit to 0\n - Create an MPTCP endpoint with both the \u0027signal\u0027 and \u0027subflow\u0027 flags\n - Create a new MPTCP connection from a different address: an ADD_ADDR\n linked to the MPTCP endpoint will be sent (\u0027signal\u0027 flag), but no\n subflows is initiated (\u0027subflow\u0027 flag)\n - Remove the MPTCP endpoint\n\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23321"
},
{
"cve": "CVE-2026-23335",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()\n\nstruct irdma_create_ah_resp { // 8 bytes, no padding\n __u32 ah_id; // offset 0 - SET (uresp.ah_id = ah-\u003esc_ah.ah_info.ah_idx)\n __u8 rsvd[4]; // offset 4 - NEVER SET \u003c- LEAK\n};\n\nrsvd[4]: 4 bytes of stack memory leaked unconditionally. Only ah_id is assigned before ib_respond_udata().\n\nThe reserved members of the structure were not zeroed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23335"
},
{
"cve": "CVE-2026-23340",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs\n\nWhen shrinking the number of real tx queues,\nnetif_set_real_num_tx_queues() calls qdisc_reset_all_tx_gt() to flush\nqdiscs for queues which will no longer be used.\n\nqdisc_reset_all_tx_gt() currently serializes qdisc_reset() with\nqdisc_lock(). However, for lockless qdiscs, the dequeue path is\nserialized by qdisc_run_begin/end() using qdisc-\u003eseqlock instead, so\nqdisc_reset() can run concurrently with __qdisc_run() and free skbs\nwhile they are still being dequeued, leading to UAF.\n\nThis can easily be reproduced on e.g. virtio-net by imposing heavy\ntraffic while frequently changing the number of queue pairs:\n\n iperf3 -ub0 -c $peer -t 0 \u0026\n while :; do\n ethtool -L eth0 combined 1\n ethtool -L eth0 combined 2\n done\n\nWith KASAN enabled, this leads to reports like:\n\n BUG: KASAN: slab-use-after-free in __qdisc_run+0x133f/0x1760\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n __qdisc_run+0x133f/0x1760\n __dev_queue_xmit+0x248f/0x3550\n ip_finish_output2+0xa42/0x2110\n ip_output+0x1a7/0x410\n ip_send_skb+0x2e6/0x480\n udp_send_skb+0xb0a/0x1590\n udp_sendmsg+0x13c9/0x1fc0\n ...\n \u003c/TASK\u003e\n\n Allocated by task 1270 on cpu 5 at 44.558414s:\n ...\n alloc_skb_with_frags+0x84/0x7c0\n sock_alloc_send_pskb+0x69a/0x830\n __ip_append_data+0x1b86/0x48c0\n ip_make_skb+0x1e8/0x2b0\n udp_sendmsg+0x13a6/0x1fc0\n ...\n\n Freed by task 1306 on cpu 3 at 44.558445s:\n ...\n kmem_cache_free+0x117/0x5e0\n pfifo_fast_reset+0x14d/0x580\n qdisc_reset+0x9e/0x5f0\n netif_set_real_num_tx_queues+0x303/0x840\n virtnet_set_channels+0x1bf/0x260 [virtio_net]\n ethnl_set_channels+0x684/0xae0\n ethnl_default_set_doit+0x31a/0x890\n ...\n\nSerialize qdisc_reset_all_tx_gt() against the lockless dequeue path by\ntaking qdisc-\u003eseqlock for TCQ_F_NOLOCK qdiscs, matching the\nserialization model already used by dev_reset_queue().\n\nAdditionally clear QDISC_STATE_NON_EMPTY after reset so the qdisc state\nreflects an empty queue, avoiding needless re-scheduling.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23340"
},
{
"cve": "CVE-2026-23343",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxdp: produce a warning when calculated tailroom is negative\n\nMany ethernet drivers report xdp Rx queue frag size as being the same as\nDMA write size. However, the only user of this field, namely\nbpf_xdp_frags_increase_tail(), clearly expects a truesize.\n\nSuch difference leads to unspecific memory corruption issues under certain\ncircumstances, e.g. in ixgbevf maximum DMA write size is 3 KB, so when\nrunning xskxceiver\u0027s XDP_ADJUST_TAIL_GROW_MULTI_BUFF, 6K packet fully uses\nall DMA-writable space in 2 buffers. This would be fine, if only\nrxq-\u003efrag_size was properly set to 4K, but value of 3K results in a\nnegative tailroom, because there is a non-zero page offset.\n\nWe are supposed to return -EINVAL and be done with it in such case, but due\nto tailroom being stored as an unsigned int, it is reported to be somewhere\nnear UINT_MAX, resulting in a tail being grown, even if the requested\noffset is too much (it is around 2K in the abovementioned test). This later\nleads to all kinds of unspecific calltraces.\n\n[ 7340.337579] xskxceiver[1440]: segfault at 1da718 ip 00007f4161aeac9d sp 00007f41615a6a00 error 6\n[ 7340.338040] xskxceiver[1441]: segfault at 7f410000000b ip 00000000004042b5 sp 00007f415bffecf0 error 4\n[ 7340.338179] in libc.so.6[61c9d,7f4161aaf000+160000]\n[ 7340.339230] in xskxceiver[42b5,400000+69000]\n[ 7340.340300] likely on CPU 6 (core 0, socket 6)\n[ 7340.340302] Code: ff ff 01 e9 f4 fe ff ff 0f 1f 44 00 00 4c 39 f0 74 73 31 c0 ba 01 00 00 00 f0 0f b1 17 0f 85 ba 00 00 00 49 8b 87 88 00 00 00 \u003c4c\u003e 89 70 08 eb cc 0f 1f 44 00 00 48 8d bd f0 fe ff ff 89 85 ec fe\n[ 7340.340888] likely on CPU 3 (core 0, socket 3)\n[ 7340.345088] Code: 00 00 00 ba 00 00 00 00 be 00 00 00 00 89 c7 e8 31 ca ff ff 89 45 ec 8b 45 ec 85 c0 78 07 b8 00 00 00 00 eb 46 e8 0b c8 ff ff \u003c8b\u003e 00 83 f8 69 74 24 e8 ff c7 ff ff 8b 00 83 f8 0b 74 18 e8 f3 c7\n[ 7340.404334] Oops: general protection fault, probably for non-canonical address 0x6d255010bdffc: 0000 [#1] SMP NOPTI\n[ 7340.405972] CPU: 7 UID: 0 PID: 1439 Comm: xskxceiver Not tainted 6.19.0-rc1+ #21 PREEMPT(lazy)\n[ 7340.408006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-5.fc42 04/01/2014\n[ 7340.409716] RIP: 0010:lookup_swap_cgroup_id+0x44/0x80\n[ 7340.410455] Code: 83 f8 1c 73 39 48 ba ff ff ff ff ff ff ff 03 48 8b 04 c5 20 55 fa bd 48 21 d1 48 89 ca 83 e1 01 48 d1 ea c1 e1 04 48 8d 04 90 \u003c8b\u003e 00 48 83 c4 10 d3 e8 c3 cc cc cc cc 31 c0 e9 98 b7 dd 00 48 89\n[ 7340.412787] RSP: 0018:ffffcc5c04f7f6d0 EFLAGS: 00010202\n[ 7340.413494] RAX: 0006d255010bdffc RBX: ffff891f477895a8 RCX: 0000000000000010\n[ 7340.414431] RDX: 0001c17e3fffffff RSI: 00fa070000000000 RDI: 000382fc7fffffff\n[ 7340.415354] RBP: 00fa070000000000 R08: ffffcc5c04f7f8f8 R09: ffffcc5c04f7f7d0\n[ 7340.416283] R10: ffff891f4c1a7000 R11: ffffcc5c04f7f9c8 R12: ffffcc5c04f7f7d0\n[ 7340.417218] R13: 03ffffffffffffff R14: 00fa06fffffffe00 R15: ffff891f47789500\n[ 7340.418229] FS: 0000000000000000(0000) GS:ffff891ffdfaa000(0000) knlGS:0000000000000000\n[ 7340.419489] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 7340.420286] CR2: 00007f415bfffd58 CR3: 0000000103f03002 CR4: 0000000000772ef0\n[ 7340.421237] PKRU: 55555554\n[ 7340.421623] Call Trace:\n[ 7340.421987] \u003cTASK\u003e\n[ 7340.422309] ? softleaf_from_pte+0x77/0xa0\n[ 7340.422855] swap_pte_batch+0xa7/0x290\n[ 7340.423363] zap_nonpresent_ptes.constprop.0.isra.0+0xd1/0x270\n[ 7340.424102] zap_pte_range+0x281/0x580\n[ 7340.424607] zap_pmd_range.isra.0+0xc9/0x240\n[ 7340.425177] unmap_page_range+0x24d/0x420\n[ 7340.425714] unmap_vmas+0xa1/0x180\n[ 7340.426185] exit_mmap+0xe1/0x3b0\n[ 7340.426644] __mmput+0x41/0x150\n[ 7340.427098] exit_mm+0xb1/0x110\n[ 7340.427539] do_exit+0x1b2/0x460\n[ 7340.427992] do_group_exit+0x2d/0xc0\n[ 7340.428477] get_signal+0x79d/0x7e0\n[ 7340.428957] arch_do_signal_or_restart+0x34/0x100\n[ 7340.429571] exit_to_user_mode_loop+0x8e/0x4c0\n[ 7340.430159] do_syscall_64+0x188/\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23343"
},
{
"cve": "CVE-2026-23351",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: split gc into unlink and reclaim phase\n\nYiming Qian reports Use-after-free in the pipapo set type:\n Under a large number of expired elements, commit-time GC can run for a very\n long time in a non-preemptible context, triggering soft lockup warnings and\n RCU stall reports (local denial of service).\n\nWe must split GC in an unlink and a reclaim phase.\n\nWe cannot queue elements for freeing until pointers have been swapped.\nExpired elements are still exposed to both the packet path and userspace\ndumpers via the live copy of the data structure.\n\ncall_rcu() does not protect us: dump operations or element lookups starting\nafter call_rcu has fired can still observe the free\u0027d element, unless the\ncommit phase has made enough progress to swap the clone and live pointers\nbefore any new reader has picked up the old version.\n\nThis a similar approach as done recently for the rbtree backend in commit\n35f83a75529a (\"netfilter: nft_set_rbtree: don\u0027t gc elements on insert\").",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23351"
},
{
"cve": "CVE-2026-23359",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stack-out-of-bounds write in devmap\n\nget_upper_ifindexes() iterates over all upper devices and writes their\nindices into an array without checking bounds.\n\nAlso the callers assume that the max number of upper devices is\nMAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack,\nbut that assumption is not correct and the number of upper devices could\nbe larger than MAX_NEST_DEV (e.g., many macvlans), causing a\nstack-out-of-bounds write.\n\nAdd a max parameter to get_upper_ifindexes() to avoid the issue.\nWhen there are too many upper devices, return -EOVERFLOW and abort the\nredirect.\n\nTo reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with\nan XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS.\nThen send a packet to the device to trigger the XDP redirect path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23359"
},
{
"cve": "CVE-2026-23365",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: kalmia: validate USB endpoints\n\nThe kalmia driver should validate that the device it is probing has the\nproper number and types of USB endpoints it is expecting before it binds\nto it. If a malicious device were to not have the same urbs the driver\nwill crash later on when it blindly accesses these endpoints.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23365"
},
{
"cve": "CVE-2026-23368",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: register phy led_triggers during probe to avoid AB-BA deadlock\n\nThere is an AB-BA deadlock when both LEDS_TRIGGER_NETDEV and\nLED_TRIGGER_PHY are enabled:\n\n[ 1362.049207] [\u003c8054e4b8\u003e] led_trigger_register+0x5c/0x1fc \u003c-- Trying to get lock \"triggers_list_lock\" via down_write(\u0026triggers_list_lock);\n[ 1362.054536] [\u003c80662830\u003e] phy_led_triggers_register+0xd0/0x234\n[ 1362.060329] [\u003c8065e200\u003e] phy_attach_direct+0x33c/0x40c\n[ 1362.065489] [\u003c80651fc4\u003e] phylink_fwnode_phy_connect+0x15c/0x23c\n[ 1362.071480] [\u003c8066ee18\u003e] mtk_open+0x7c/0xba0\n[ 1362.075849] [\u003c806d714c\u003e] __dev_open+0x280/0x2b0\n[ 1362.080384] [\u003c806d7668\u003e] __dev_change_flags+0x244/0x24c\n[ 1362.085598] [\u003c806d7698\u003e] dev_change_flags+0x28/0x78\n[ 1362.090528] [\u003c807150e4\u003e] dev_ioctl+0x4c0/0x654 \u003c-- Hold lock \"rtnl_mutex\" by calling rtnl_lock();\n[ 1362.094985] [\u003c80694360\u003e] sock_ioctl+0x2f4/0x4e0\n[ 1362.099567] [\u003c802e9c4c\u003e] sys_ioctl+0x32c/0xd8c\n[ 1362.104022] [\u003c80014504\u003e] syscall_common+0x34/0x58\n\nHere LED_TRIGGER_PHY is registering LED triggers during phy_attach\nwhile holding RTNL and then taking triggers_list_lock.\n\n[ 1362.191101] [\u003c806c2640\u003e] register_netdevice_notifier+0x60/0x168 \u003c-- Trying to get lock \"rtnl_mutex\" via rtnl_lock();\n[ 1362.197073] [\u003c805504ac\u003e] netdev_trig_activate+0x194/0x1e4\n[ 1362.202490] [\u003c8054e28c\u003e] led_trigger_set+0x1d4/0x360 \u003c-- Hold lock \"triggers_list_lock\" by down_read(\u0026triggers_list_lock);\n[ 1362.207511] [\u003c8054eb38\u003e] led_trigger_write+0xd8/0x14c\n[ 1362.212566] [\u003c80381d98\u003e] sysfs_kf_bin_write+0x80/0xbc\n[ 1362.217688] [\u003c8037fcd8\u003e] kernfs_fop_write_iter+0x17c/0x28c\n[ 1362.223174] [\u003c802cbd70\u003e] vfs_write+0x21c/0x3c4\n[ 1362.227712] [\u003c802cc0c4\u003e] ksys_write+0x78/0x12c\n[ 1362.232164] [\u003c80014504\u003e] syscall_common+0x34/0x58\n\nHere LEDS_TRIGGER_NETDEV is being enabled on an LED. It first takes\ntriggers_list_lock and then RTNL. A classical AB-BA deadlock.\n\nphy_led_triggers_registers() does not require the RTNL, it does not\nmake any calls into the network stack which require protection. There\nis also no requirement the PHY has been attached to a MAC, the\ntriggers only make use of phydev state. This allows the call to\nphy_led_triggers_registers() to be placed elsewhere. PHY probe() and\nrelease() don\u0027t hold RTNL, so solving the AB-BA deadlock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23368"
},
{
"cve": "CVE-2026-23370",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-wmi-sysman: Don\u0027t hex dump plaintext password data\n\nset_new_password() hex dumps the entire buffer, which contains plaintext\npassword data, including current and new passwords. Remove the hex dump\nto avoid leaking credentials.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23370"
},
{
"cve": "CVE-2026-23378",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ife: Fix metalist update behavior\n\nWhenever an ife action replace changes the metalist, instead of\nreplacing the old data on the metalist, the current ife code is appending\nthe new metadata. Aside from being innapropriate behavior, this may lead\nto an unbounded addition of metadata to the metalist which might cause an\nout of bounds error when running the encode op:\n\n[ 138.423369][ C1] ==================================================================\n[ 138.424317][ C1] BUG: KASAN: slab-out-of-bounds in ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.424906][ C1] Write of size 4 at addr ffff8880077f4ffe by task ife_out_out_bou/255\n[ 138.425778][ C1] CPU: 1 UID: 0 PID: 255 Comm: ife_out_out_bou Not tainted 7.0.0-rc1-00169-gfbdfa8da05b6 #624 PREEMPT(full)\n[ 138.425795][ C1] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n[ 138.425800][ C1] Call Trace:\n[ 138.425804][ C1] \u003cIRQ\u003e\n[ 138.425808][ C1] dump_stack_lvl (lib/dump_stack.c:122)\n[ 138.425828][ C1] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n[ 138.425839][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 138.425844][ C1] ? __virt_addr_valid (./arch/x86/include/asm/preempt.h:95 (discriminator 1) ./include/linux/rcupdate.h:975 (discriminator 1) ./include/linux/mmzone.h:2207 (discriminator 1) arch/x86/mm/physaddr.c:54 (discriminator 1))\n[ 138.425853][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.425859][ C1] kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:597)\n[ 138.425868][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.425878][ C1] kasan_check_range (mm/kasan/generic.c:186 (discriminator 1) mm/kasan/generic.c:200 (discriminator 1))\n[ 138.425884][ C1] __asan_memset (mm/kasan/shadow.c:84 (discriminator 2))\n[ 138.425889][ C1] ife_tlv_meta_encode (net/ife/ife.c:168)\n[ 138.425893][ C1] ? ife_tlv_meta_encode (net/ife/ife.c:171)\n[ 138.425898][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 138.425903][ C1] ife_encode_meta_u16 (net/sched/act_ife.c:57)\n[ 138.425910][ C1] ? __pfx_do_raw_spin_lock (kernel/locking/spinlock_debug.c:114)\n[ 138.425916][ C1] ? __asan_memcpy (mm/kasan/shadow.c:105 (discriminator 3))\n[ 138.425921][ C1] ? __pfx_ife_encode_meta_u16 (net/sched/act_ife.c:45)\n[ 138.425927][ C1] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 138.425931][ C1] tcf_ife_act (net/sched/act_ife.c:847 net/sched/act_ife.c:879)\n\nTo solve this issue, fix the replace behavior by adding the metalist to\nthe ife rcu data structure.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23378"
},
{
"cve": "CVE-2026-23379",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: fix divide by zero in the offload path\n\nOffloading ETS requires computing each class\u0027 WRR weight: this is done by\naveraging over the sums of quanta as \u0027q_sum\u0027 and \u0027q_psum\u0027. Using unsigned\nint, the same integer size as the individual DRR quanta, can overflow and\neven cause division by zero, like it happened in the following splat:\n\n Oops: divide error: 0000 [#1] SMP PTI\n CPU: 13 UID: 0 PID: 487 Comm: tc Tainted: G E 6.19.0-virtme #45 PREEMPT(full)\n Tainted: [E]=UNSIGNED_MODULE\n Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets]\n Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 \u003c41\u003e f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44\n RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246\n RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660\n RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe\n R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000\n FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ets_qdisc_change+0x870/0xf40 [sch_ets]\n qdisc_create+0x12b/0x540\n tc_modify_qdisc+0x6d7/0xbd0\n rtnetlink_rcv_msg+0x168/0x6b0\n netlink_rcv_skb+0x5c/0x110\n netlink_unicast+0x1d6/0x2b0\n netlink_sendmsg+0x22e/0x470\n ____sys_sendmsg+0x38a/0x3c0\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x111/0xf80\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f440b81c77e\n Code: 4d 89 d8 e8 d4 bc 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 \u003cc9\u003e c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa\n RSP: 002b:00007fff951e4c10 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000000000481820 RCX: 00007f440b81c77e\n RDX: 0000000000000000 RSI: 00007fff951e4cd0 RDI: 0000000000000003\n RBP: 00007fff951e4c20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff951f4fa8\n R13: 00000000699ddede R14: 00007f440bb01000 R15: 0000000000486980\n \u003c/TASK\u003e\n Modules linked in: sch_ets(E) netdevsim(E)\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:ets_offload_change+0x11f/0x290 [sch_ets]\n Code: e4 45 31 ff eb 03 41 89 c7 41 89 cb 89 ce 83 f9 0f 0f 87 b7 00 00 00 45 8b 08 31 c0 45 01 cc 45 85 c9 74 09 41 6b c4 64 31 d2 \u003c41\u003e f7 f2 89 c2 44 29 fa 45 89 df 41 83 fb 0f 0f 87 c7 00 00 00 44\n RSP: 0018:ffffd0a180d77588 EFLAGS: 00010246\n RAX: 00000000ffffff38 RBX: ffff8d3d482ca000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffd0a180d77660\n RBP: ffffd0a180d77690 R08: ffff8d3d482ca2d8 R09: 00000000fffffffe\n R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffffe\n R13: ffff8d3d472f2000 R14: 0000000000000003 R15: 0000000000000000\n FS: 00007f440b6c2740(0000) GS:ffff8d3dc9803000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000003cdd2000 CR3: 0000000007b58002 CR4: 0000000000172ef0\n Kernel panic - not syncing: Fatal exception\n Kernel Offset: 0x30000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)\n ---[ end Kernel panic - not syncing: Fatal exception ]---\n\nFix this using 64-bit integers for \u0027q_sum\u0027 and \u0027q_psum\u0027.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23379"
},
{
"cve": "CVE-2026-23381",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix nd_tbl NULL dereference when IPv6 is disabled\n\nWhen booting with the \u0027ipv6.disable=1\u0027 parameter, the nd_tbl is never\ninitialized because inet6_init() exits before ndisc_init() is called\nwhich initializes it. Then, if neigh_suppress is enabled and an ICMPv6\nNeighbor Discovery packet reaches the bridge, br_do_suppress_nd() will\ndereference ipv6_stub-\u003end_tbl which is NULL, passing it to\nneigh_lookup(). This causes a kernel NULL pointer dereference.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000268\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n [...]\n RIP: 0010:neigh_lookup+0x16/0xe0\n [...]\n Call Trace:\n \u003cIRQ\u003e\n ? neigh_lookup+0x16/0xe0\n br_do_suppress_nd+0x160/0x290 [bridge]\n br_handle_frame_finish+0x500/0x620 [bridge]\n br_handle_frame+0x353/0x440 [bridge]\n __netif_receive_skb_core.constprop.0+0x298/0x1110\n __netif_receive_skb_one_core+0x3d/0xa0\n process_backlog+0xa0/0x140\n __napi_poll+0x2c/0x170\n net_rx_action+0x2c4/0x3a0\n handle_softirqs+0xd0/0x270\n do_softirq+0x3f/0x60\n\nFix this by replacing IS_ENABLED(IPV6) call with ipv6_mod_enabled() in\nthe callers. This is in essence disabling NS/NA suppression when IPv6 is\ndisabled.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23381"
},
{
"cve": "CVE-2026-23391",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_CT: drop pending enqueued packets on template removal\n\nTemplates refer to objects that can go away while packets are sitting in\nnfqueue refer to:\n\n- helper, this can be an issue on module removal.\n- timeout policy, nfnetlink_cttimeout might remove it.\n\nThe use of templates with zone and event cache filter are safe, since\nthis just copies values.\n\nFlush these enqueued packets in case the template rule gets removed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23391"
},
{
"cve": "CVE-2026-23392",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: release flowtable after rcu grace period on error\n\nCall synchronize_rcu() after unregistering the hooks from error path,\nsince a hook that already refers to this flowtable can be already\nregistered, exposing this flowtable to packet path and nfnetlink_hook\ncontrol plane.\n\nThis error path is rare, it should only happen by reaching the maximum\nnumber hooks or by failing to set up to hardware offload, just call\nsynchronize_rcu().\n\nThere is a check for already used device hooks by different flowtable\nthat could result in EEXIST at this late stage. The hook parser can be\nupdated to perform this check earlier to this error path really becomes\nrarely exercised.\n\nUncovered by KASAN reported as use-after-free from nfnetlink_hook path\nwhen dumping hooks.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23392"
},
{
"cve": "CVE-2026-23397",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfnetlink_osf: validate individual option lengths in fingerprints\n\nnfnl_osf_add_callback() validates opt_num bounds and string\nNUL-termination but does not check individual option length fields.\nA zero-length option causes nf_osf_match_one() to enter the option\nmatching loop even when foptsize sums to zero, which matches packets\nwith no TCP options where ctx-\u003eoptp is NULL:\n\n Oops: general protection fault\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n nf_osf_match (net/netfilter/nfnetlink_osf.c:227)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:293)\n nf_hook_slow (net/netfilter/core.c:623)\n ip_local_deliver (net/ipv4/ip_input.c:262)\n ip_rcv (net/ipv4/ip_input.c:573)\n\nAdditionally, an MSS option (kind=2) with length \u003c 4 causes\nout-of-bounds reads when nf_osf_match_one() unconditionally accesses\noptp[2] and optp[3] for MSS value extraction. While RFC 9293\nsection 3.2 specifies that the MSS option is always exactly 4\nbytes (Kind=2, Length=4), the check uses \"\u003c 4\" rather than\n\"!= 4\" because lengths greater than 4 do not cause memory\nsafety issues -- the buffer is guaranteed to be at least\nfoptsize bytes by the ctx-\u003eoptsize == foptsize check.\n\nReject fingerprints where any option has zero length, or where an MSS\noption has length less than 4, at add time rather than trusting these\nvalues in the packet matching hot path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23397"
},
{
"cve": "CVE-2026-23398",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: fix NULL pointer dereference in icmp_tag_validation()\n\nicmp_tag_validation() unconditionally dereferences the result of\nrcu_dereference(inet_protos[proto]) without checking for NULL.\nThe inet_protos[] array is sparse -- only about 15 of 256 protocol\nnumbers have registered handlers. When ip_no_pmtu_disc is set to 3\n(hardened PMTU mode) and the kernel receives an ICMP Fragmentation\nNeeded error with a quoted inner IP header containing an unregistered\nprotocol number, the NULL dereference causes a kernel panic in\nsoftirq context.\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]\n RIP: 0010:icmp_unreach (net/ipv4/icmp.c:1085 net/ipv4/icmp.c:1143)\n Call Trace:\n \u003cIRQ\u003e\n icmp_rcv (net/ipv4/icmp.c:1527)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (net/ipv4/ip_input.c:242)\n ip_local_deliver (net/ipv4/ip_input.c:262)\n ip_rcv (net/ipv4/ip_input.c:573)\n __netif_receive_skb_one_core (net/core/dev.c:6164)\n process_backlog (net/core/dev.c:6628)\n handle_softirqs (kernel/softirq.c:561)\n \u003c/IRQ\u003e\n\nAdd a NULL check before accessing icmp_strict_tag_validation. If the\nprotocol has no registered handler, return false since it cannot\nperform strict tag validation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23398"
},
{
"cve": "CVE-2026-23414",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: Purge async_hold in tls_decrypt_async_wait()\n\nThe async_hold queue pins encrypted input skbs while\nthe AEAD engine references their scatterlist data. Once\ntls_decrypt_async_wait() returns, every AEAD operation\nhas completed and the engine no longer references those\nskbs, so they can be freed unconditionally.\n\nA subsequent patch adds batch async decryption to\ntls_sw_read_sock(), introducing a new call site that\nmust drain pending AEAD operations and release held\nskbs. Move __skb_queue_purge(\u0026ctx-\u003easync_hold) into\ntls_decrypt_async_wait() so the purge is centralized\nand every caller -- recvmsg\u0027s drain path, the -EBUSY\nfallback in tls_do_decryption(), and the new read_sock\nbatch path -- releases held skbs on synchronization\nwithout each site managing the purge independently.\n\nThis fixes a leak when tls_strp_msg_hold() fails part-way through,\nafter having added some cloned skbs to the async_hold\nqueue. tls_decrypt_sg() will then call tls_decrypt_async_wait() to\nprocess all pending decrypts, and drop back to synchronous mode, but\ntls_sw_recvmsg() only flushes the async_hold queue when one record has\nbeen processed in \"fully-async\" mode, which may not be the case here.\n\n[pabeni@redhat.com: added leak comment]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23414"
},
{
"cve": "CVE-2026-23422",
"cwe": {
"id": "CWE-392",
"name": "Missing Report of Error Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpaa2-switch: Fix interrupt storm after receiving bad if_id in IRQ handler\n\nCommit 31a7a0bbeb00 (\"dpaa2-switch: add bounds check for if_id in IRQ\nhandler\") introduces a range check for if_id to avoid an out-of-bounds\naccess. If an out-of-bounds if_id is detected, the interrupt status is\nnot cleared. This may result in an interrupt storm.\n\nClear the interrupt status after detecting an out-of-bounds if_id to avoid\nthe problem.\n\nFound by an experimental AI code review agent at Google.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23422"
},
{
"cve": "CVE-2026-23434",
"cwe": {
"id": "CWE-820",
"name": "Missing Synchronization"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: serialize lock/unlock against other NAND operations\n\nnand_lock() and nand_unlock() call into chip-\u003eops.lock_area/unlock_area\nwithout holding the NAND device lock. On controllers that implement\nSET_FEATURES via multiple low-level PIO commands, these can race with\nconcurrent UBI/UBIFS background erase/write operations that hold the\ndevice lock, resulting in cmd_pending conflicts on the NAND controller.\n\nAdd nand_get_device()/nand_release_device() around the lock/unlock\noperations to serialize them against all other NAND controller access.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23434"
},
{
"cve": "CVE-2026-23438",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: guard flow control update with global_tx_fc in buffer switching\n\nmvpp2_bm_switch_buffers() unconditionally calls\nmvpp2_bm_pool_update_priv_fc() when switching between per-cpu and\nshared buffer pool modes. This function programs CM3 flow control\nregisters via mvpp2_cm3_read()/mvpp2_cm3_write(), which dereference\npriv-\u003ecm3_base without any NULL check.\n\nWhen the CM3 SRAM resource is not present in the device tree (the\nthird reg entry added by commit 60523583b07c (\"dts: marvell: add CM3\nSRAM memory to cp11x ethernet device tree\")), priv-\u003ecm3_base remains\nNULL and priv-\u003eglobal_tx_fc is false. Any operation that triggers\nmvpp2_bm_switch_buffers(), for example an MTU change that crosses\nthe jumbo frame threshold, will crash:\n\n Unable to handle kernel NULL pointer dereference at\n virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n pc : readl+0x0/0x18\n lr : mvpp2_cm3_read.isra.0+0x14/0x20\n Call trace:\n readl+0x0/0x18\n mvpp2_bm_pool_update_fc+0x40/0x12c\n mvpp2_bm_pool_update_priv_fc+0x94/0xd8\n mvpp2_bm_switch_buffers.isra.0+0x80/0x1c0\n mvpp2_change_mtu+0x140/0x380\n __dev_set_mtu+0x1c/0x38\n dev_set_mtu_ext+0x78/0x118\n dev_set_mtu+0x48/0xa8\n dev_ifsioc+0x21c/0x43c\n dev_ioctl+0x2d8/0x42c\n sock_ioctl+0x314/0x378\n\nEvery other flow control call site in the driver already guards\nhardware access with either priv-\u003eglobal_tx_fc or port-\u003etx_fc.\nmvpp2_bm_switch_buffers() is the only place that omits this check.\n\nAdd the missing priv-\u003eglobal_tx_fc guard to both the disable and\nre-enable calls in mvpp2_bm_switch_buffers(), consistent with the\nrest of the driver.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23438"
},
{
"cve": "CVE-2026-23439",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n\n\nWhen CONFIG_IPV6 is disabled, the udp_sock_create6() function returns 0\n(success) without actually creating a socket. Callers such as\nfou_create() then proceed to dereference the uninitialized socket\npointer, resulting in a NULL pointer dereference.\n\nThe captured NULL deref crash:\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n RIP: 0010:fou_nl_add_doit (net/ipv4/fou_core.c:590 net/ipv4/fou_core.c:764)\n [...]\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit.constprop.0 (net/netlink/genetlink.c:1114)\n genl_rcv_msg (net/netlink/genetlink.c:1194 net/netlink/genetlink.c:1209)\n [...]\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sock_sendmsg (net/socket.c:727 (discriminator 1) net/socket.c:742 (discriminator 1))\n __sys_sendto (./include/linux/file.h:62 (discriminator 1) ./include/linux/file.h:83 (discriminator 1) net/socket.c:2183 (discriminator 1))\n __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1))\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (net/arch/x86/entry/entry_64.S:130)\n\nThis patch makes udp_sock_create6 return -EPFNOSUPPORT instead, so\ncallers correctly take their error paths. There is only one caller of\nthe vulnerable function and only privileged users can trigger it.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23439"
},
{
"cve": "CVE-2026-23446",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: aqc111: Do not perform PM inside suspend callback\n\nsyzbot reports \"task hung in rpm_resume\"\n\nThis is caused by aqc111_suspend calling\nthe PM variant of its write_cmd routine.\n\nThe simplified call trace looks like this:\n\nrpm_suspend()\n usb_suspend_both() - here udev-\u003edev.power.runtime_status == RPM_SUSPENDING\n aqc111_suspend() - called for the usb device interface\n aqc111_write32_cmd()\n usb_autopm_get_interface()\n pm_runtime_resume_and_get()\n rpm_resume() - here we call rpm_resume() on our parent\n rpm_resume() - Here we wait for a status change that will never happen.\n\nAt this point we block another task which holds\nrtnl_lock and locks up the whole networking stack.\n\nFix this by replacing the write_cmd calls with their _nopm variants",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23446"
},
{
"cve": "CVE-2026-23449",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: teql: Fix double-free in teql_master_xmit\n\nWhenever a TEQL devices has a lockless Qdisc as root, qdisc_reset should\nbe called using the seq_lock to avoid racing with the datapath. Failure\nto do so may cause crashes like the following:\n\n[ 238.028993][ T318] BUG: KASAN: double-free in skb_release_data (net/core/skbuff.c:1139)\n[ 238.029328][ T318] Free of addr ffff88810c67ec00 by task poc_teql_uaf_ke/318\n[ 238.029749][ T318]\n[ 238.029900][ T318] CPU: 3 UID: 0 PID: 318 Comm: poc_teql_ke Not tainted 7.0.0-rc3-00149-ge5b31d988a41 #704 PREEMPT(full)\n[ 238.029906][ T318] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011\n[ 238.029910][ T318] Call Trace:\n[ 238.029913][ T318] \u003cTASK\u003e\n[ 238.029916][ T318] dump_stack_lvl (lib/dump_stack.c:122)\n[ 238.029928][ T318] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n[ 238.029940][ T318] ? skb_release_data (net/core/skbuff.c:1139)\n[ 238.029944][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n...\n[ 238.029957][ T318] ? skb_release_data (net/core/skbuff.c:1139)\n[ 238.029969][ T318] kasan_report_invalid_free (mm/kasan/report.c:221 mm/kasan/report.c:563)\n[ 238.029979][ T318] ? skb_release_data (net/core/skbuff.c:1139)\n[ 238.029989][ T318] check_slab_allocation (mm/kasan/common.c:231)\n[ 238.029995][ T318] kmem_cache_free (mm/slub.c:2637 (discriminator 1) mm/slub.c:6168 (discriminator 1) mm/slub.c:6298 (discriminator 1))\n[ 238.030004][ T318] skb_release_data (net/core/skbuff.c:1139)\n...\n[ 238.030025][ T318] sk_skb_reason_drop (net/core/skbuff.c:1256)\n[ 238.030032][ T318] pfifo_fast_reset (./include/linux/ptr_ring.h:171 ./include/linux/ptr_ring.h:309 ./include/linux/skb_array.h:98 net/sched/sch_generic.c:827)\n[ 238.030039][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n...\n[ 238.030054][ T318] qdisc_reset (net/sched/sch_generic.c:1034)\n[ 238.030062][ T318] teql_destroy (./include/linux/spinlock.h:395 net/sched/sch_teql.c:157)\n[ 238.030071][ T318] __qdisc_destroy (./include/net/pkt_sched.h:328 net/sched/sch_generic.c:1077)\n[ 238.030077][ T318] qdisc_graft (net/sched/sch_api.c:1062 net/sched/sch_api.c:1053 net/sched/sch_api.c:1159)\n[ 238.030089][ T318] ? __pfx_qdisc_graft (net/sched/sch_api.c:1091)\n[ 238.030095][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 238.030102][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 238.030106][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221)\n[ 238.030114][ T318] tc_get_qdisc (net/sched/sch_api.c:1529 net/sched/sch_api.c:1556)\n...\n[ 238.072958][ T318] Allocated by task 303 on cpu 5 at 238.026275s:\n[ 238.073392][ T318] kasan_save_stack (mm/kasan/common.c:58)\n[ 238.073884][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5))\n[ 238.074230][ T318] __kasan_slab_alloc (mm/kasan/common.c:369)\n[ 238.074578][ T318] kmem_cache_alloc_node_noprof (./include/linux/kasan.h:253 mm/slub.c:4542 mm/slub.c:4869 mm/slub.c:4921)\n[ 238.076091][ T318] kmalloc_reserve (net/core/skbuff.c:616 (discriminator 107))\n[ 238.076450][ T318] __alloc_skb (net/core/skbuff.c:713)\n[ 238.076834][ T318] alloc_skb_with_frags (./include/linux/skbuff.h:1383 net/core/skbuff.c:6763)\n[ 238.077178][ T318] sock_alloc_send_pskb (net/core/sock.c:2997)\n[ 238.077520][ T318] packet_sendmsg (net/packet/af_packet.c:2926 net/packet/af_packet.c:3019 net/packet/af_packet.c:3108)\n[ 238.081469][ T318]\n[ 238.081870][ T318] Freed by task 299 on cpu 1 at 238.028496s:\n[ 238.082761][ T318] kasan_save_stack (mm/kasan/common.c:58)\n[ 238.083481][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5))\n[ 238.085348][ T318] kasan_save_free_info (mm/kasan/generic.c:587 (discriminator 1))\n[ 238.085900][ T318] __kasan_slab_free (mm/\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23449"
},
{
"cve": "CVE-2026-23450",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock()\n\nSyzkaller reported a panic in smc_tcp_syn_recv_sock() [1].\n\nsmc_tcp_syn_recv_sock() is called in the TCP receive path\n(softirq) via icsk_af_ops-\u003esyn_recv_sock on the clcsock (TCP\nlistening socket). It reads sk_user_data to get the smc_sock\npointer. However, when the SMC listen socket is being closed\nconcurrently, smc_close_active() sets clcsock-\u003esk_user_data\nto NULL under sk_callback_lock, and then the smc_sock itself\ncan be freed via sock_put() in smc_release().\n\nThis leads to two issues:\n\n1) NULL pointer dereference: sk_user_data is NULL when\n accessed.\n2) Use-after-free: sk_user_data is read as non-NULL, but the\n smc_sock is freed before its fields (e.g., queued_smc_hs,\n ori_af_ops) are accessed.\n\nThe race window looks like this (the syzkaller crash [1]\ntriggers via the SYN cookie path: tcp_get_cookie_sock() -\u003e\nsmc_tcp_syn_recv_sock(), but the normal tcp_check_req() path\nhas the same race):\n\n CPU A (softirq) CPU B (process ctx)\n\n tcp_v4_rcv()\n TCP_NEW_SYN_RECV:\n sk = req-\u003ersk_listener\n sock_hold(sk)\n /* No lock on listener */\n smc_close_active():\n write_lock_bh(cb_lock)\n sk_user_data = NULL\n write_unlock_bh(cb_lock)\n ...\n smc_clcsock_release()\n sock_put(smc-\u003esk) x2\n -\u003e smc_sock freed!\n tcp_check_req()\n smc_tcp_syn_recv_sock():\n smc = user_data(sk)\n -\u003e NULL or dangling\n smc-\u003equeued_smc_hs\n -\u003e crash!\n\nNote that the clcsock and smc_sock are two independent objects\nwith separate refcounts. TCP stack holds a reference on the\nclcsock, which keeps it alive, but this does NOT prevent the\nsmc_sock from being freed.\n\nFix this by using RCU and refcount_inc_not_zero() to safely\naccess smc_sock. Since smc_tcp_syn_recv_sock() is called in\nthe TCP three-way handshake path, taking read_lock_bh on\nsk_callback_lock is too heavy and would not survive a SYN\nflood attack. Using rcu_read_lock() is much more lightweight.\n\n- Set SOCK_RCU_FREE on the SMC listen socket so that\n smc_sock freeing is deferred until after the RCU grace\n period. This guarantees the memory is still valid when\n accessed inside rcu_read_lock().\n- Use rcu_read_lock() to protect reading sk_user_data.\n- Use refcount_inc_not_zero(\u0026smc-\u003esk.sk_refcnt) to pin the\n smc_sock. If the refcount has already reached zero (close\n path completed), it returns false and we bail out safely.\n\nNote: smc_hs_congested() has a similar lockless read of\nsk_user_data without rcu_read_lock(), but it only checks for\nNULL and accesses the global smc_hs_wq, never dereferencing\nany smc_sock field, so it is not affected.\n\nReproducer was verified with mdelay injection and smc_run,\nthe issue no longer occurs with this patch applied.\n\n[1] https://syzkaller.appspot.com/bug?extid=827ae2bfb3a3529333e9",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23450"
},
{
"cve": "CVE-2026-23452",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: runtime: Fix a race condition related to device removal\n\nThe following code in pm_runtime_work() may dereference the dev-\u003eparent\npointer after the parent device has been freed:\n\n\t/* Maybe the parent is now able to suspend. */\n\tif (parent \u0026\u0026 !parent-\u003epower.ignore_children) {\n\t\tspin_unlock(\u0026dev-\u003epower.lock);\n\n\t\tspin_lock(\u0026parent-\u003epower.lock);\n\t\trpm_idle(parent, RPM_ASYNC);\n\t\tspin_unlock(\u0026parent-\u003epower.lock);\n\n\t\tspin_lock(\u0026dev-\u003epower.lock);\n\t}\n\nFix this by inserting a flush_work() call in pm_runtime_remove().\n\nWithout this patch blktest block/001 triggers the following complaint\nsporadically:\n\nBUG: KASAN: slab-use-after-free in lock_acquire+0x70/0x160\nRead of size 1 at addr ffff88812bef7198 by task kworker/u553:1/3081\nWorkqueue: pm pm_runtime_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x61/0x80\n print_address_description.constprop.0+0x8b/0x310\n print_report+0xfd/0x1d7\n kasan_report+0xd8/0x1d0\n __kasan_check_byte+0x42/0x60\n lock_acquire.part.0+0x38/0x230\n lock_acquire+0x70/0x160\n _raw_spin_lock+0x36/0x50\n rpm_suspend+0xc6a/0xfe0\n rpm_idle+0x578/0x770\n pm_runtime_work+0xee/0x120\n process_one_work+0xde3/0x1410\n worker_thread+0x5eb/0xfe0\n kthread+0x37b/0x480\n ret_from_fork+0x6cb/0x920\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nAllocated by task 4314:\n kasan_save_stack+0x2a/0x50\n kasan_save_track+0x18/0x40\n kasan_save_alloc_info+0x3d/0x50\n __kasan_kmalloc+0xa0/0xb0\n __kmalloc_noprof+0x311/0x990\n scsi_alloc_target+0x122/0xb60 [scsi_mod]\n __scsi_scan_target+0x101/0x460 [scsi_mod]\n scsi_scan_channel+0x179/0x1c0 [scsi_mod]\n scsi_scan_host_selected+0x259/0x2d0 [scsi_mod]\n store_scan+0x2d2/0x390 [scsi_mod]\n dev_attr_store+0x43/0x80\n sysfs_kf_write+0xde/0x140\n kernfs_fop_write_iter+0x3ef/0x670\n vfs_write+0x506/0x1470\n ksys_write+0xfd/0x230\n __x64_sys_write+0x76/0xc0\n x64_sys_call+0x213/0x1810\n do_syscall_64+0xee/0xfc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nFreed by task 4314:\n kasan_save_stack+0x2a/0x50\n kasan_save_track+0x18/0x40\n kasan_save_free_info+0x3f/0x50\n __kasan_slab_free+0x67/0x80\n kfree+0x225/0x6c0\n scsi_target_dev_release+0x3d/0x60 [scsi_mod]\n device_release+0xa3/0x220\n kobject_cleanup+0x105/0x3a0\n kobject_put+0x72/0xd0\n put_device+0x17/0x20\n scsi_device_dev_release+0xacf/0x12c0 [scsi_mod]\n device_release+0xa3/0x220\n kobject_cleanup+0x105/0x3a0\n kobject_put+0x72/0xd0\n put_device+0x17/0x20\n scsi_device_put+0x7f/0xc0 [scsi_mod]\n sdev_store_delete+0xa5/0x120 [scsi_mod]\n dev_attr_store+0x43/0x80\n sysfs_kf_write+0xde/0x140\n kernfs_fop_write_iter+0x3ef/0x670\n vfs_write+0x506/0x1470\n ksys_write+0xfd/0x230\n __x64_sys_write+0x76/0xc0\n x64_sys_call+0x213/0x1810",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23452"
},
{
"cve": "CVE-2026-23454",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown\n\nA potential race condition exists in mana_hwc_destroy_channel() where\nhwc-\u003ecaller_ctx is freed before the HWC\u0027s Completion Queue (CQ) and\nEvent Queue (EQ) are destroyed. This allows an in-flight CQ interrupt\nhandler to dereference freed memory, leading to a use-after-free or\nNULL pointer dereference in mana_hwc_handle_resp().\n\nmana_smc_teardown_hwc() signals the hardware to stop but does not\nsynchronize against IRQ handlers already executing on other CPUs. The\nIRQ synchronization only happens in mana_hwc_destroy_cq() via\nmana_gd_destroy_eq() -\u003e mana_gd_deregister_irq(). Since this runs\nafter kfree(hwc-\u003ecaller_ctx), a concurrent mana_hwc_rx_event_handler()\ncan dereference freed caller_ctx (and rxq-\u003emsg_buf) in\nmana_hwc_handle_resp().\n\nFix this by reordering teardown to reverse-of-creation order: destroy\nthe TX/RX work queues and CQ/EQ before freeing hwc-\u003ecaller_ctx. This\nensures all in-flight interrupt handlers complete before the memory they\naccess is freed.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23454"
},
{
"cve": "CVE-2026-23455",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_h323: check for zero length in DecodeQ931()\n\nIn DecodeQ931(), the UserUserIE code path reads a 16-bit length from\nthe packet, then decrements it by 1 to skip the protocol discriminator\nbyte before passing it to DecodeH323_UserInformation(). If the encoded\nlength is 0, the decrement wraps to -1, which is then passed as a\nlarge value to the decoder, leading to an out-of-bounds read.\n\nAdd a check to ensure len is positive after the decrement.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23455"
},
{
"cve": "CVE-2026-23456",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case\n\nIn decode_int(), the CONS case calls get_bits(bs, 2) to read a length\nvalue, then calls get_uint(bs, len) without checking that len bytes\nremain in the buffer. The existing boundary check only validates the\n2 bits for get_bits(), not the subsequent 1-4 bytes that get_uint()\nreads. This allows a malformed H.323/RAS packet to cause a 1-4 byte\nslab-out-of-bounds read.\n\nAdd a boundary check for len bytes after get_bits() and before\nget_uint().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23456"
},
{
"cve": "CVE-2026-23457",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp()\n\nsip_help_tcp() parses the SIP Content-Length header with\nsimple_strtoul(), which returns unsigned long, but stores the result in\nunsigned int clen. On 64-bit systems, values exceeding UINT_MAX are\nsilently truncated before computing the SIP message boundary.\n\nFor example, Content-Length 4294967328 (2^32 + 32) is truncated to 32,\ncausing the parser to miscalculate where the current message ends. The\nloop then treats trailing data in the TCP segment as a second SIP\nmessage and processes it through the SDP parser.\n\nFix this by changing clen to unsigned long to match the return type of\nsimple_strtoul(), and reject Content-Length values that exceed the\nremaining TCP payload length.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23457"
},
{
"cve": "CVE-2026-23458",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct()\n\nctnetlink_dump_exp_ct() stores a conntrack pointer in cb-\u003edata for the\nnetlink dump callback ctnetlink_exp_ct_dump_table(), but drops the\nconntrack reference immediately after netlink_dump_start(). When the\ndump spans multiple rounds, the second recvmsg() triggers the dump\ncallback which dereferences the now-freed conntrack via nfct_help(ct),\nleading to a use-after-free on ct-\u003eext.\n\nThe bug is that the netlink_dump_control has no .start or .done\ncallbacks to manage the conntrack reference across dump rounds. Other\ndump functions in the same file (e.g. ctnetlink_get_conntrack) properly\nuse .start/.done callbacks for this purpose.\n\nFix this by adding .start and .done callbacks that hold and release the\nconntrack reference for the duration of the dump, and move the\nnfct_help() call after the cb-\u003eargs[0] early-return check in the dump\ncallback to avoid dereferencing ct-\u003eext unnecessarily.\n\n BUG: KASAN: slab-use-after-free in ctnetlink_exp_ct_dump_table+0x4f/0x2e0\n Read of size 8 at addr ffff88810597ebf0 by task ctnetlink_poc/133\n\n CPU: 1 UID: 0 PID: 133 Comm: ctnetlink_poc Not tainted 7.0.0-rc2+ #3 PREEMPTLAZY\n Call Trace:\n \u003cTASK\u003e\n ctnetlink_exp_ct_dump_table+0x4f/0x2e0\n netlink_dump+0x333/0x880\n netlink_recvmsg+0x3e2/0x4b0\n ? aa_sk_perm+0x184/0x450\n sock_recvmsg+0xde/0xf0\n\n Allocated by task 133:\n kmem_cache_alloc_noprof+0x134/0x440\n __nf_conntrack_alloc+0xa8/0x2b0\n ctnetlink_create_conntrack+0xa1/0x900\n ctnetlink_new_conntrack+0x3cf/0x7d0\n nfnetlink_rcv_msg+0x48e/0x510\n netlink_rcv_skb+0xc9/0x1f0\n nfnetlink_rcv+0xdb/0x220\n netlink_unicast+0x3ec/0x590\n netlink_sendmsg+0x397/0x690\n __sys_sendmsg+0xf4/0x180\n\n Freed by task 0:\n slab_free_after_rcu_debug+0xad/0x1e0\n rcu_core+0x5c3/0x9c0",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23458"
},
{
"cve": "CVE-2026-23463",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: fix race condition in qman_destroy_fq\n\nWhen QMAN_FQ_FLAG_DYNAMIC_FQID is set, there\u0027s a race condition between\nfq_table[fq-\u003eidx] state and freeing/allocating from the pool and\nWARN_ON(fq_table[fq-\u003eidx]) in qman_create_fq() gets triggered.\n\nIndeed, we can have:\n Thread A Thread B\n qman_destroy_fq() qman_create_fq()\n qman_release_fqid()\n qman_shutdown_fq()\n gen_pool_free()\n -- At this point, the fqid is available again --\n qman_alloc_fqid()\n -- so, we can get the just-freed fqid in thread B --\n fq-\u003efqid = fqid;\n fq-\u003eidx = fqid * 2;\n WARN_ON(fq_table[fq-\u003eidx]);\n fq_table[fq-\u003eidx] = fq;\n fq_table[fq-\u003eidx] = NULL;\n\nAnd adding some logs between qman_release_fqid() and\nfq_table[fq-\u003eidx] = NULL makes the WARN_ON() trigger a lot more.\n\nTo prevent that, ensure that fq_table[fq-\u003eidx] is set to NULL before\ngen_pool_free() is called by using smp_wmb().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23463"
},
{
"cve": "CVE-2026-23474",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: Avoid boot crash in RedBoot partition table parser\n\nGiven CONFIG_FORTIFY_SOURCE=y and a recent compiler,\ncommit 439a1bcac648 (\"fortify: Use __builtin_dynamic_object_size() when\navailable\") produces the warning below and an oops.\n\n Searching for RedBoot partition table in 50000000.flash at offset 0x7e0000\n ------------[ cut here ]------------\n WARNING: lib/string_helpers.c:1035 at 0xc029e04c, CPU#0: swapper/0/1\n memcmp: detected buffer overflow: 15 byte read of buffer size 14\n Modules linked in:\n CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.19.0 #1 NONE\n\nAs Kees said, \"\u0027names\u0027 is pointing to the final \u0027namelen\u0027 many bytes\nof the allocation ... \u0027namelen\u0027 could be basically any length at all.\nThis fortify warning looks legit to me -- this code used to be reading\nbeyond the end of the allocation.\"\n\nSince the size of the dynamic allocation is calculated with strlen()\nwe can use strcmp() instead of memcmp() and remain within bounds.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23474"
},
{
"cve": "CVE-2026-23475",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix statistics allocation\n\nThe controller per-cpu statistics is not allocated until after the\ncontroller has been registered with driver core, which leaves a window\nwhere accessing the sysfs attributes can trigger a NULL-pointer\ndereference.\n\nFix this by moving the statistics allocation to controller allocation\nwhile tying its lifetime to that of the controller (rather than using\nimplicit devres).",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-23475"
},
{
"cve": "CVE-2026-31389",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix use-after-free on controller registration failure\n\nMake sure to deregister from driver core also in the unlikely event that\nper-cpu statistics allocation fails during controller registration to\navoid use-after-free (of driver resources) and unclocked register\naccesses.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31389"
},
{
"cve": "CVE-2026-31391",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: atmel-sha204a - Fix OOM -\u003etfm_count leak\n\nIf memory allocation fails, decrement -\u003etfm_count to avoid blocking\nfuture reads.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31391"
},
{
"cve": "CVE-2026-31396",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use-after-free access to PTP clock\n\nPTP clock is registered on every opening of the interface and destroyed on\nevery closing. However it may be accessed via get_ts_info ethtool call\nwhich is possible while the interface is just present in the kernel.\n\nBUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\nRead of size 4 at addr ffff8880194345cc by task syz.0.6/948\n\nCPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:316 [inline]\n print_report+0x17f/0x496 mm/kasan/report.c:420\n kasan_report+0xd9/0x180 mm/kasan/report.c:524\n ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\n gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349\n macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371\n __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558\n ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline]\n __dev_ethtool net/ethtool/ioctl.c:3017 [inline]\n dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095\n dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510\n sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215\n sock_ioctl+0x577/0x6d0 net/socket.c:1320\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n \u003c/TASK\u003e\n\nAllocated by task 457:\n kmalloc include/linux/slab.h:563 [inline]\n kzalloc include/linux/slab.h:699 [inline]\n ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235\n gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375\n macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920\n __dev_open+0x2ce/0x500 net/core/dev.c:1501\n __dev_change_flags+0x56a/0x740 net/core/dev.c:8651\n dev_change_flags+0x92/0x170 net/core/dev.c:8722\n do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833\n __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608\n rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655\n rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150\n netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x14b/0x180 net/socket.c:730\n __sys_sendto+0x320/0x3b0 net/socket.c:2152\n __do_sys_sendto net/socket.c:2164 [inline]\n __se_sys_sendto net/socket.c:2160 [inline]\n __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nFreed by task 938:\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1729 [inline]\n slab_free_freelist_hook mm/slub.c:1755 [inline]\n slab_free mm/slub.c:3687 [inline]\n __kmem_cache_free+0xbc/0x320 mm/slub.c:3700\n device_release+0xa0/0x240 drivers/base/core.c:2507\n kobject_cleanup lib/kobject.c:681 [inline]\n kobject_release lib/kobject.c:712 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1cd/0x350 lib/kobject.c:729\n put_device+0x1b/0x30 drivers/base/core.c:3805\n ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391\n gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404\n macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966\n __dev_close_many+0x1b9/0x310 net/core/dev.c:1585\n __dev_close net/core/dev.c:1597 [inline]\n __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649\n dev_change_fl\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31396"
},
{
"cve": "CVE-2026-31402",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix heap overflow in NFSv4.0 LOCK replay cache\n\nThe NFSv4.0 replay cache uses a fixed 112-byte inline buffer\n(rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses.\nThis size was calculated based on OPEN responses and does not account\nfor LOCK denied responses, which include the conflicting lock owner as\na variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT).\n\nWhen a LOCK operation is denied due to a conflict with an existing lock\nthat has a large owner, nfsd4_encode_operation() copies the full encoded\nresponse into the undersized replay buffer via read_bytes_from_xdr_buf()\nwith no bounds check. This results in a slab-out-of-bounds write of up\nto 944 bytes past the end of the buffer, corrupting adjacent heap memory.\n\nThis can be triggered remotely by an unauthenticated attacker with two\ncooperating NFSv4.0 clients: one sets a lock with a large owner string,\nthen the other requests a conflicting lock to provoke the denial.\n\nWe could fix this by increasing NFSD4_REPLAY_ISIZE to allow for a full\nopaque, but that would increase the size of every stateowner, when most\nlockowners are not that large.\n\nInstead, fix this by checking the encoded response length against\nNFSD4_REPLAY_ISIZE before copying into the replay buffer. If the\nresponse is too large, set rp_buflen to 0 to skip caching the replay\npayload. The status is still cached, and the client already received the\ncorrect response on the original request.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31402"
},
{
"cve": "CVE-2026-31403",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd\n\nThe /proc/fs/nfs/exports proc entry is created at module init\nand persists for the module\u0027s lifetime. exports_proc_open()\ncaptures the caller\u0027s current network namespace and stores\nits svc_export_cache in seq-\u003eprivate, but takes no reference\non the namespace. If the namespace is subsequently torn down\n(e.g. container destruction after the opener does setns() to a\ndifferent namespace), nfsd_net_exit() calls nfsd_export_shutdown()\nwhich frees the cache. Subsequent reads on the still-open fd\ndereference the freed cache_detail, walking a freed hash table.\n\nHold a reference on the struct net for the lifetime of the open\nfile descriptor. This prevents nfsd_net_exit() from running --\nand thus prevents nfsd_export_shutdown() from freeing the cache\n-- while any exports fd is open. cache_detail already stores\nits net pointer (cd-\u003enet, set by cache_create_net()), so\nexports_release() can retrieve it without additional per-file\nstorage.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31403"
},
{
"cve": "CVE-2026-31411",
"cwe": {
"id": "CWE-822",
"name": "Untrusted Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: fix crash due to unvalidated vcc pointer in sigd_send()\n\nReproducer available at [1].\n\nThe ATM send path (sendmsg -\u003e vcc_sendmsg -\u003e sigd_send) reads the vcc\npointer from msg-\u003evcc and uses it directly without any validation. This\npointer comes from userspace via sendmsg() and can be arbitrarily forged:\n\n int fd = socket(AF_ATMSVC, SOCK_DGRAM, 0);\n ioctl(fd, ATMSIGD_CTRL); // become ATM signaling daemon\n struct msghdr msg = { .msg_iov = \u0026iov, ... };\n *(unsigned long *)(buf + 4) = 0xdeadbeef; // fake vcc pointer\n sendmsg(fd, \u0026msg, 0); // kernel dereferences 0xdeadbeef\n\nIn normal operation, the kernel sends the vcc pointer to the signaling\ndaemon via sigd_enq() when processing operations like connect(), bind(),\nor listen(). The daemon is expected to return the same pointer when\nresponding. However, a malicious daemon can send arbitrary pointer values.\n\nFix this by introducing find_get_vcc() which validates the pointer by\nsearching through vcc_hash (similar to how sigd_close() iterates over\nall VCCs), and acquires a reference via sock_hold() if found.\n\nSince struct atm_vcc embeds struct sock as its first member, they share\nthe same lifetime. Therefore using sock_hold/sock_put is sufficient to\nkeep the vcc alive while it is being used.\n\nNote that there may be a race with sigd_close() which could mark the vcc\nwith various flags (e.g., ATM_VF_RELEASED) after find_get_vcc() returns.\nHowever, sock_hold() guarantees the memory remains valid, so this race\nonly affects the logical state, not memory safety.\n\n[1]: https://gist.github.com/mrpre/1ba5949c45529c511152e2f4c755b0f3",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31411"
},
{
"cve": "CVE-2026-31414",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31415",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid overflows in ip6_datagram_send_ctl()\n\nYiming Qian reported :\n\u003cquote\u003e\n I believe I found a locally triggerable kernel bug in the IPv6 sendmsg\n ancillary-data path that can panic the kernel via `skb_under_panic()`\n (local DoS).\n\n The core issue is a mismatch between:\n\n - a 16-bit length accumulator (`struct ipv6_txoptions::opt_flen`, type\n `__u16`) and\n - a pointer to the *last* provided destination-options header (`opt-\u003edst1opt`)\n\n when multiple `IPV6_DSTOPTS` control messages (cmsgs) are provided.\n\n - `include/net/ipv6.h`:\n - `struct ipv6_txoptions::opt_flen` is `__u16` (wrap possible).\n (lines 291-307, especially 298)\n - `net/ipv6/datagram.c:ip6_datagram_send_ctl()`:\n - Accepts repeated `IPV6_DSTOPTS` and accumulates into `opt_flen`\n without rejecting duplicates. (lines 909-933)\n - `net/ipv6/ip6_output.c:__ip6_append_data()`:\n - Uses `opt-\u003eopt_flen + opt-\u003eopt_nflen` to compute header\n sizes/headroom decisions. (lines 1448-1466, especially 1463-1465)\n - `net/ipv6/ip6_output.c:__ip6_make_skb()`:\n - Calls `ipv6_push_frag_opts()` if `opt-\u003eopt_flen` is non-zero.\n (lines 1930-1934)\n - `net/ipv6/exthdrs.c:ipv6_push_frag_opts()` / `ipv6_push_exthdr()`:\n - Push size comes from `ipv6_optlen(opt-\u003edst1opt)` (based on the\n pointed-to header). (lines 1179-1185 and 1206-1211)\n\n 1. `opt_flen` is a 16-bit accumulator:\n\n - `include/net/ipv6.h:298` defines `__u16 opt_flen; /* after fragment hdr */`.\n\n 2. `ip6_datagram_send_ctl()` accepts *repeated* `IPV6_DSTOPTS` cmsgs\n and increments `opt_flen` each time:\n\n - In `net/ipv6/datagram.c:909-933`, for `IPV6_DSTOPTS`:\n - It computes `len = ((hdr-\u003ehdrlen + 1) \u003c\u003c 3);`\n - It checks `CAP_NET_RAW` using `ns_capable(net-\u003euser_ns,\n CAP_NET_RAW)`. (line 922)\n - Then it does:\n - `opt-\u003eopt_flen += len;` (line 927)\n - `opt-\u003edst1opt = hdr;` (line 928)\n\n There is no duplicate rejection here (unlike the legacy\n `IPV6_2292DSTOPTS` path which rejects duplicates at\n `net/ipv6/datagram.c:901-904`).\n\n If enough large `IPV6_DSTOPTS` cmsgs are provided, `opt_flen` wraps\n while `dst1opt` still points to a large (2048-byte)\n destination-options header.\n\n In the attached PoC (`poc.c`):\n\n - 32 cmsgs with `hdrlen=255` =\u003e `len = (255+1)*8 = 2048`\n - 1 cmsg with `hdrlen=0` =\u003e `len = 8`\n - Total increment: `32*2048 + 8 = 65544`, so `(__u16)opt_flen == 8`\n - The last cmsg is 2048 bytes, so `dst1opt` points to a 2048-byte header.\n\n 3. The transmit path sizes headers using the wrapped `opt_flen`:\n\n- In `net/ipv6/ip6_output.c:1463-1465`:\n - `headersize = sizeof(struct ipv6hdr) + (opt ? opt-\u003eopt_flen +\n opt-\u003eopt_nflen : 0) + ...;`\n\n With wrapped `opt_flen`, `headersize`/headroom decisions underestimate\n what will be pushed later.\n\n 4. When building the final skb, the actual push length comes from\n `dst1opt` and is not limited by wrapped `opt_flen`:\n\n - In `net/ipv6/ip6_output.c:1930-1934`:\n - `if (opt-\u003eopt_flen) proto = ipv6_push_frag_opts(skb, opt, proto);`\n - In `net/ipv6/exthdrs.c:1206-1211`, `ipv6_push_frag_opts()` pushes\n `dst1opt` via `ipv6_push_exthdr()`.\n - In `net/ipv6/exthdrs.c:1179-1184`, `ipv6_push_exthdr()` does:\n - `skb_push(skb, ipv6_optlen(opt));`\n - `memcpy(h, opt, ipv6_optlen(opt));`\n\n With insufficient headroom, `skb_push()` underflows and triggers\n `skb_under_panic()` -\u003e `BUG()`:\n\n - `net/core/skbuff.c:2669-2675` (`skb_push()` calls `skb_under_panic()`)\n - `net/core/skbuff.c:207-214` (`skb_panic()` ends in `BUG()`)\n\n - The `IPV6_DSTOPTS` cmsg path requires `CAP_NET_RAW` in the target\n netns user namespace (`ns_capable(net-\u003euser_ns, CAP_NET_RAW)`).\n - Root (or any task with `CAP_NET_RAW`) can trigger this without user\n namespaces.\n - An unprivileged `uid=1000` user can trigger this if unprivileged\n user namespaces are enabled and it can create a userns+netns to obtain\n namespaced `CAP_NET_RAW` (the attached PoC does this).\n\n - Local denial of service: kernel BUG/panic (system crash).\n -\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31415"
},
{
"cve": "CVE-2026-31416",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_log: account for netlink header size\n\nThis is a followup to an old bug fix: NLMSG_DONE needs to account\nfor the netlink header size, not just the attribute size.\n\nThis can result in a WARN splat + drop of the netlink message,\nbut other than this there are no ill effects.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31416"
},
{
"cve": "CVE-2026-31417",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/x25: Fix overflow when accumulating packets\n\nAdd a check to ensure that `x25_sock.fraglen` does not overflow.\n\nThe `fraglen` also needs to be resetted when purging `fragment_queue` in\n`x25_clear_queues()`.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31417"
},
{
"cve": "CVE-2026-31418",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: drop logically empty buckets in mtype_del\n\nmtype_del() counts empty slots below n-\u003epos in k, but it only drops the\nbucket when both n-\u003epos and k are zero. This misses buckets whose live\nentries have all been removed while n-\u003epos still points past deleted slots.\n\nTreat a bucket as empty when all positions below n-\u003epos are unused and\nrelease it directly instead of shrinking it further.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31418"
},
{
"cve": "CVE-2026-31421",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_fw: fix NULL pointer dereference on shared blocks\n\nThe old-method path in fw_classify() calls tcf_block_q() and\ndereferences q-\u003ehandle. Shared blocks leave block-\u003eq NULL, causing a\nNULL deref when an empty cls_fw filter is attached to a shared block\nand a packet with a nonzero major skb mark is classified.\n\nReject the configuration in fw_change() when the old method (no\nTCA_OPTIONS) is used on a shared block, since fw_classify()\u0027s\nold-method path needs block-\u003eq which is NULL for shared blocks.\n\nThe fixed null-ptr-deref calling stack:\n KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]\n RIP: 0010:fw_classify (net/sched/cls_fw.c:81)\n Call Trace:\n tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1764 net/sched/cls_api.c:1860)\n tc_run (net/core/dev.c:4401)\n __dev_queue_xmit (net/core/dev.c:4535 net/core/dev.c:4790)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31421"
},
{
"cve": "CVE-2026-31422",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_flow: fix NULL pointer dereference on shared blocks\n\nflow_change() calls tcf_block_q() and dereferences q-\u003ehandle to derive\na default baseclass. Shared blocks leave block-\u003eq NULL, causing a NULL\nderef when a flow filter without a fully qualified baseclass is created\non a shared block.\n\nCheck tcf_block_shared() before accessing block-\u003eq and return -EINVAL\nfor shared blocks. This avoids the null-deref shown below:\n\n=======================================================================\nKASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]\nRIP: 0010:flow_change (net/sched/cls_flow.c:508)\nCall Trace:\n tc_new_tfilter (net/sched/cls_api.c:2432)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6980)\n [...]\n=======================================================================",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31422"
},
{
"cve": "CVE-2026-31423",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_hfsc: fix divide-by-zero in rtsc_min()\n\nm2sm() converts a u32 slope to a u64 scaled value. For large inputs\n(e.g. m1=4000000000), the result can reach 2^32. rtsc_min() stores\nthe difference of two such u64 values in a u32 variable `dsm` and\nuses it as a divisor. When the difference is exactly 2^32 the\ntruncation yields zero, causing a divide-by-zero oops in the\nconcave-curve intersection path:\n\n Oops: divide error: 0000\n RIP: 0010:rtsc_min (net/sched/sch_hfsc.c:601)\n Call Trace:\n init_ed (net/sched/sch_hfsc.c:629)\n hfsc_enqueue (net/sched/sch_hfsc.c:1569)\n [...]\n\nWiden `dsm` to u64 and replace do_div() with div64_u64() so the full\ndifference is preserved.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31423"
},
{
"cve": "CVE-2026-31424",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP\n\nWeiming Shi says:\n\nxt_match and xt_target structs registered with NFPROTO_UNSPEC can be\nloaded by any protocol family through nft_compat. When such a\nmatch/target sets .hooks to restrict which hooks it may run on, the\nbitmask uses NF_INET_* constants. This is only correct for families\nwhose hook layout matches NF_INET_*: IPv4, IPv6, INET, and bridge\nall share the same five hooks (PRE_ROUTING ... POST_ROUTING).\n\nARP only has three hooks (IN=0, OUT=1, FORWARD=2) with different\nsemantics. Because NF_ARP_OUT == 1 == NF_INET_LOCAL_IN, the .hooks\nvalidation silently passes for the wrong reasons, allowing matches to\nrun on ARP chains where the hook assumptions (e.g. state-\u003ein being\nset on input hooks) do not hold. This leads to NULL pointer\ndereferences; xt_devgroup is one concrete example:\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000044: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000220-0x0000000000000227]\n RIP: 0010:devgroup_mt+0xff/0x350\n Call Trace:\n \u003cTASK\u003e\n nft_match_eval (net/netfilter/nft_compat.c:407)\n nft_do_chain (net/netfilter/nf_tables_core.c:285)\n nft_do_chain_arp (net/netfilter/nft_chain_filter.c:61)\n nf_hook_slow (net/netfilter/core.c:623)\n arp_xmit (net/ipv4/arp.c:666)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception in interrupt\n\nFix it by restricting arptables to NFPROTO_ARP extensions only.\nNote that arptables-legacy only supports:\n\n- arpt_CLASSIFY\n- arpt_mangle\n- arpt_MARK\n\nthat provide explicit NFPROTO_ARP match/target declarations.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31424"
},
{
"cve": "CVE-2026-31427",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp\n\nprocess_sdp() declares union nf_inet_addr rtp_addr on the stack and\npasses it to the nf_nat_sip sdp_session hook after walking the SDP\nmedia descriptions. However rtp_addr is only initialized inside the\nmedia loop when a recognized media type with a non-zero port is found.\n\nIf the SDP body contains no m= lines, only inactive media sections\n(m=audio 0 ...) or only unrecognized media types, rtp_addr is never\nassigned. Despite that, the function still calls hooks-\u003esdp_session()\nwith \u0026rtp_addr, causing nf_nat_sdp_session() to format the stale stack\nvalue as an IP address and rewrite the SDP session owner and connection\nlines with it.\n\nWith CONFIG_INIT_STACK_ALL_ZERO (default on most distributions) this\nresults in the session-level o= and c= addresses being rewritten to\n0.0.0.0 for inactive SDP sessions. Without stack auto-init the\nrewritten address is whatever happened to be on the stack.\n\nFix this by pre-initializing rtp_addr from the session-level connection\naddress (caddr) when available, and tracking via a have_rtp_addr flag\nwhether any valid address was established. Skip the sdp_session hook\nentirely when no valid address exists.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31427"
},
{
"cve": "CVE-2026-31428",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD\n\n__build_packet_message() manually constructs the NFULA_PAYLOAD netlink\nattribute using skb_put() and skb_copy_bits(), bypassing the standard\nnla_reserve()/nla_put() helpers. While nla_total_size(data_len) bytes\nare allocated (including NLA alignment padding), only data_len bytes\nof actual packet data are copied. The trailing nla_padlen(data_len)\nbytes (1-3 when data_len is not 4-byte aligned) are never initialized,\nleaking stale heap contents to userspace via the NFLOG netlink socket.\n\nReplace the manual attribute construction with nla_reserve(), which\nhandles the tailroom check, header setup, and padding zeroing via\n__nla_reserve(). The subsequent skb_copy_bits() fills in the payload\ndata on top of the properly initialized attribute.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31428"
},
{
"cve": "CVE-2026-31431",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings. Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31431"
},
{
"cve": "CVE-2026-31441",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix memory leak when a wq is reset\n\nidxd_wq_disable_cleanup() which is called from the reset path for a\nworkqueue, sets the wq type to NONE, which for other parts of the\ndriver mean that the wq is empty (all its resources were released).\n\nOnly set the wq type to NONE after its resources are released.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31441"
},
{
"cve": "CVE-2026-31446",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix use-after-free in update_super_work when racing with umount\n\nCommit b98535d09179 (\"ext4: fix bug_on in start_this_handle during umount\nfilesystem\") moved ext4_unregister_sysfs() before flushing s_sb_upd_work\nto prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups\nreads during unmount. However, this introduced a use-after-free because\nupdate_super_work calls ext4_notify_error_sysfs() -\u003e sysfs_notify() which\naccesses the kobject\u0027s kernfs_node after it has been freed by kobject_del()\nin ext4_unregister_sysfs():\n\n update_super_work ext4_put_super\n ----------------- --------------\n ext4_unregister_sysfs(sb)\n kobject_del(\u0026sbi-\u003es_kobj)\n __kobject_del()\n sysfs_remove_dir()\n kobj-\u003esd = NULL\n sysfs_put(sd)\n kernfs_put() // RCU free\n ext4_notify_error_sysfs(sbi)\n sysfs_notify(\u0026sbi-\u003es_kobj)\n kn = kobj-\u003esd // stale pointer\n kernfs_get(kn) // UAF on freed kernfs_node\n ext4_journal_destroy()\n flush_work(\u0026sbi-\u003es_sb_upd_work)\n\nInstead of reordering the teardown sequence, fix this by making\next4_notify_error_sysfs() detect that sysfs has already been torn down\nby checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call\nin that case. A dedicated mutex (s_error_notify_mutex) serializes\next4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs()\nto prevent TOCTOU races where the kobject could be deleted between the\nstate_in_sysfs check and the sysfs_notify() call.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31446"
},
{
"cve": "CVE-2026-31447",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: reject mount if bigalloc with s_first_data_block != 0\n\nbigalloc with s_first_data_block != 0 is not supported, reject mounting\nit.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31447"
},
{
"cve": "CVE-2026-31448",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid infinite loops caused by residual data\n\nOn the mkdir/mknod path, when mapping logical blocks to physical blocks,\nif inserting a new extent into the extent tree fails (in this example,\nbecause the file system disabled the huge file feature when marking the\ninode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to\nreclaim the physical block without deleting the corresponding data in\nthe extent tree. This causes subsequent mkdir operations to reference\nthe previously reclaimed physical block number again, even though this\nphysical block is already being used by the xattr block. Therefore, a\nsituation arises where both the directory and xattr are using the same\nbuffer head block in memory simultaneously.\n\nThe above causes ext4_xattr_block_set() to enter an infinite loop about\n\"inserted\" and cannot release the inode lock, ultimately leading to the\n143s blocking problem mentioned in [1].\n\nIf the metadata is corrupted, then trying to remove some extent space\ncan do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE\nwas passed, remove space wrongly update quota information.\nJan Kara suggests distinguishing between two cases:\n\n1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully\nconsistent and we must maintain its consistency including all the\naccounting. However these errors can happen only early before we\u0027ve\ninserted the extent into the extent tree. So current code works correctly\nfor this case.\n\n2) Some other error - this means metadata is corrupted. We should strive to\ndo as few modifications as possible to limit damage. So I\u0027d just skip\nfreeing of allocated blocks.\n\n[1]\nINFO: task syz.0.17:5995 blocked for more than 143 seconds.\nCall Trace:\n inode_lock_nested include/linux/fs.h:1073 [inline]\n __start_dirop fs/namei.c:2923 [inline]\n start_dirop fs/namei.c:2934 [inline]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31448"
},
{
"cve": "CVE-2026-31450",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: publish jinode after initialization\n\next4_inode_attach_jinode() publishes ei-\u003ejinode to concurrent users.\nIt used to set ei-\u003ejinode before jbd2_journal_init_jbd_inode(),\nallowing a reader to observe a non-NULL jinode with i_vfs_inode\nstill unset.\n\nThe fast commit flush path can then pass this jinode to\njbd2_wait_inode_data(), which dereferences i_vfs_inode-\u003ei_mapping and\nmay crash.\n\nBelow is the crash I observe:\n```\nBUG: unable to handle page fault for address: 000000010beb47f4\nPGD 110e51067 P4D 110e51067 PUD 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 1 UID: 0 PID: 4850 Comm: fc_fsync_bench_ Not tainted 6.18.0-00764-g795a690c06a5 #1 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.17.0-2-2 04/01/2014\nRIP: 0010:xas_find_marked+0x3d/0x2e0\nCode: e0 03 48 83 f8 02 0f 84 f0 01 00 00 48 8b 47 08 48 89 c3 48 39 c6 0f 82 fd 01 00 00 48 85 c9 74 3d 48 83 f9 03 77 63 4c 8b 0f \u003c49\u003e 8b 71 08 48 c7 47 18 00 00 00 00 48 89 f1 83 e1 03 48 83 f9 02\nRSP: 0018:ffffbbee806e7bf0 EFLAGS: 00010246\nRAX: 000000000010beb4 RBX: 000000000010beb4 RCX: 0000000000000003\nRDX: 0000000000000001 RSI: 0000002000300000 RDI: ffffbbee806e7c10\nRBP: 0000000000000001 R08: 0000002000300000 R09: 000000010beb47ec\nR10: ffff9ea494590090 R11: 0000000000000000 R12: 0000002000300000\nR13: ffffbbee806e7c90 R14: ffff9ea494513788 R15: ffffbbee806e7c88\nFS: 00007fc2f9e3e6c0(0000) GS:ffff9ea6b1444000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000010beb47f4 CR3: 0000000119ac5000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\nfilemap_get_folios_tag+0x87/0x2a0\n__filemap_fdatawait_range+0x5f/0xd0\n? srso_alias_return_thunk+0x5/0xfbef5\n? __schedule+0x3e7/0x10c0\n? srso_alias_return_thunk+0x5/0xfbef5\n? srso_alias_return_thunk+0x5/0xfbef5\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\n? cap_safe_nice+0x37/0x70\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\nfilemap_fdatawait_range_keep_errors+0x12/0x40\next4_fc_commit+0x697/0x8b0\n? ext4_file_write_iter+0x64b/0x950\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\n? vfs_write+0x356/0x480\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\next4_sync_file+0xf7/0x370\ndo_fsync+0x3b/0x80\n? syscall_trace_enter+0x108/0x1d0\n__x64_sys_fdatasync+0x16/0x20\ndo_syscall_64+0x62/0x2c0\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n...\n```\n\nFix this by initializing the jbd2_inode first.\nUse smp_wmb() and WRITE_ONCE() to publish ei-\u003ejinode after\ninitialization. Readers use READ_ONCE() to fetch the pointer.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31450"
},
{
"cve": "CVE-2026-31452",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31466",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix folio isn\u0027t locked in softleaf_to_folio()\n\nOn arm64 server, we found folio that get from migration entry isn\u0027t locked\nin softleaf_to_folio(). This issue triggers when mTHP splitting and\nzap_nonpresent_ptes() races, and the root cause is lack of memory barrier\nin softleaf_to_folio(). The race is as follows:\n\n\tCPU0 CPU1\n\ndeferred_split_scan() zap_nonpresent_ptes()\n lock folio\n split_folio()\n unmap_folio()\n change ptes to migration entries\n __split_folio_to_order() softleaf_to_folio()\n set flags(including PG_locked) for tail pages folio = pfn_folio(softleaf_to_pfn(entry))\n smp_wmb() VM_WARN_ON_ONCE(!folio_test_locked(folio))\n prep_compound_page() for tail pages\n\nIn __split_folio_to_order(), smp_wmb() guarantees page flags of tail pages\nare visible before the tail page becomes non-compound. smp_wmb() should\nbe paired with smp_rmb() in softleaf_to_folio(), which is missed. As a\nresult, if zap_nonpresent_ptes() accesses migration entry that stores tail\npfn, softleaf_to_folio() may see the updated compound_head of tail page\nbefore page-\u003eflags.\n\nThis issue will trigger VM_WARN_ON_ONCE() in pfn_swap_entry_folio()\nbecause of the race between folio split and zap_nonpresent_ptes()\nleading to a folio incorrectly undergoing modification without a folio\nlock being held.\n\nThis is a BUG_ON() before commit 93976a20345b (\"mm: eliminate further\nswapops predicates\"), which in merged in v6.19-rc1.\n\nTo fix it, add missing smp_rmb() if the softleaf entry is migration entry\nin softleaf_to_folio() and softleaf_to_page().\n\n[tujinjiang@huawei.com: update function name and comments]",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31466"
},
{
"cve": "CVE-2026-31469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31485",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-fsl-lpspi: fix teardown order issue (UAF)\n\nThere is a teardown order issue in the driver. The SPI controller is\nregistered using devm_spi_register_controller(), which delays\nunregistration of the SPI controller until after the fsl_lpspi_remove()\nfunction returns.\n\nAs the fsl_lpspi_remove() function synchronously tears down the DMA\nchannels, a running SPI transfer triggers the following NULL pointer\ndereference due to use after free:\n\n| fsl_lpspi 42550000.spi: I/O Error in DMA RX\n| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[...]\n| Call trace:\n| fsl_lpspi_dma_transfer+0x260/0x340 [spi_fsl_lpspi]\n| fsl_lpspi_transfer_one+0x198/0x448 [spi_fsl_lpspi]\n| spi_transfer_one_message+0x49c/0x7c8\n| __spi_pump_transfer_message+0x120/0x420\n| __spi_sync+0x2c4/0x520\n| spi_sync+0x34/0x60\n| spidev_message+0x20c/0x378 [spidev]\n| spidev_ioctl+0x398/0x750 [spidev]\n[...]\n\nSwitch from devm_spi_register_controller() to spi_register_controller() in\nfsl_lpspi_probe() and add the corresponding spi_unregister_controller() in\nfsl_lpspi_remove().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31485"
},
{
"cve": "CVE-2026-31494",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: use the current queue number for stats\n\nThere\u0027s a potential mismatch between the memory reserved for statistics\nand the amount of memory written.\n\ngem_get_sset_count() correctly computes the number of stats based on the\nactive queues, whereas gem_get_ethtool_stats() indiscriminately copies\ndata using the maximum number of queues, and in the case the number of\nactive queues is less than MACB_MAX_QUEUES, this results in a OOB write\nas observed in the KASAN splat.\n\n==================================================================\nBUG: KASAN: vmalloc-out-of-bounds in gem_get_ethtool_stats+0x54/0x78\n [macb]\nWrite of size 760 at addr ffff80008080b000 by task ethtool/1027\n\nCPU: [...]\nTainted: [E]=UNSIGNED_MODULE\nHardware name: raspberrypi rpi/rpi, BIOS 2025.10 10/01/2025\nCall trace:\n show_stack+0x20/0x38 (C)\n dump_stack_lvl+0x80/0xf8\n print_report+0x384/0x5e0\n kasan_report+0xa0/0xf0\n kasan_check_range+0xe8/0x190\n __asan_memcpy+0x54/0x98\n gem_get_ethtool_stats+0x54/0x78 [macb\n 926c13f3af83b0c6fe64badb21ec87d5e93fcf65]\n dev_ethtool+0x1220/0x38c0\n dev_ioctl+0x4ac/0xca8\n sock_do_ioctl+0x170/0x1d8\n sock_ioctl+0x484/0x5d8\n __arm64_sys_ioctl+0x12c/0x1b8\n invoke_syscall+0xd4/0x258\n el0_svc_common.constprop.0+0xb4/0x240\n do_el0_svc+0x48/0x68\n el0_svc+0x40/0xf8\n el0t_64_sync_handler+0xa0/0xe8\n el0t_64_sync+0x1b0/0x1b8\n\nThe buggy address belongs to a 1-page vmalloc region starting at\n 0xffff80008080b000 allocated at dev_ethtool+0x11f0/0x38c0\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000\n index:0xffff00000a333000 pfn:0xa333\nflags: 0x7fffc000000000(node=0|zone=0|lastcpupid=0x1ffff)\nraw: 007fffc000000000 0000000000000000 dead000000000122 0000000000000000\nraw: ffff00000a333000 0000000000000000 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff80008080b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff80008080b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effff80008080b180: 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffff80008080b200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffff80008080b280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n==================================================================\n\nFix it by making sure the copied size only considers the active number of\nqueues.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31494"
},
{
"cve": "CVE-2026-31495",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31496",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: skip expectations in other netns via proc\n\nSkip expectations that do not reside in this netns.\n\nSimilar to e77e6ff502ea (\"netfilter: conntrack: do not dump other netns\u0027s\nconntrack entries via proc\").",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31496"
},
{
"cve": "CVE-2026-31503",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Fix wildcard bind conflict check when using hash2\n\nWhen binding a udp_sock to a local address and port, UDP uses\ntwo hashes (udptable-\u003ehash and udptable-\u003ehash2) for collision\ndetection. The current code switches to \"hash2\" when\nhslot-\u003ecount \u003e 10.\n\n\"hash2\" is keyed by local address and local port.\n\"hash\" is keyed by local port only.\n\nThe issue can be shown in the following bind sequence (pseudo code):\n\nbind(fd1, \"[fd00::1]:8888\")\nbind(fd2, \"[fd00::2]:8888\")\nbind(fd3, \"[fd00::3]:8888\")\nbind(fd4, \"[fd00::4]:8888\")\nbind(fd5, \"[fd00::5]:8888\")\nbind(fd6, \"[fd00::6]:8888\")\nbind(fd7, \"[fd00::7]:8888\")\nbind(fd8, \"[fd00::8]:8888\")\nbind(fd9, \"[fd00::9]:8888\")\nbind(fd10, \"[fd00::10]:8888\")\n\n/* Correctly return -EADDRINUSE because \"hash\" is used\n * instead of \"hash2\". udp_lib_lport_inuse() detects the\n * conflict.\n */\nbind(fail_fd, \"[::]:8888\")\n\n/* After one more socket is bound to \"[fd00::11]:8888\",\n * hslot-\u003ecount exceeds 10 and \"hash2\" is used instead.\n */\nbind(fd11, \"[fd00::11]:8888\")\nbind(fail_fd, \"[::]:8888\") /* succeeds unexpectedly */\n\nThe same issue applies to the IPv4 wildcard address \"0.0.0.0\"\nand the IPv4-mapped wildcard address \"::ffff:0.0.0.0\". For\nexample, if there are existing sockets bound to\n\"192.168.1.[1-11]:8888\", then binding \"0.0.0.0:8888\" or\n\"[::ffff:0.0.0.0]:8888\" can also miss the conflict when\nhslot-\u003ecount \u003e 10.\n\nTCP inet_csk_get_port() already has the correct check in\ninet_use_bhash2_on_bind(). Rename it to\ninet_use_hash2_on_bind() and move it to inet_hashtables.h\nso udp.c can reuse it in this fix.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31503"
},
{
"cve": "CVE-2026-31504",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix fanout UAF in packet_release() via NETDEV_UP race\n\n`packet_release()` has a race window where `NETDEV_UP` can re-register a\nsocket into a fanout group\u0027s `arr[]` array. The re-registration is not\ncleaned up by `fanout_release()`, leaving a dangling pointer in the fanout\narray.\n`packet_release()` does NOT zero `po-\u003enum` in its `bind_lock` section.\nAfter releasing `bind_lock`, `po-\u003enum` is still non-zero and `po-\u003eifindex`\nstill matches the bound device. A concurrent `packet_notifier(NETDEV_UP)`\nthat already found the socket in `sklist` can re-register the hook.\nFor fanout sockets, this re-registration calls `__fanout_link(sk, po)`\nwhich adds the socket back into `f-\u003earr[]` and increments `f-\u003enum_members`,\nbut does NOT increment `f-\u003esk_ref`.\n\nThe fix sets `po-\u003enum` to zero in `packet_release` while `bind_lock` is\nheld to prevent NETDEV_UP from linking, preventing the race window.\n\nThis bug was found following an additional audit with Claude Code based\non CVE-2025-38617.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31504"
},
{
"cve": "CVE-2026-31507",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer\n\nsmc_rx_splice() allocates one smc_spd_priv per pipe_buffer and stores\nthe pointer in pipe_buffer.private. The pipe_buf_operations for these\nbuffers used .get = generic_pipe_buf_get, which only increments the page\nreference count when tee(2) duplicates a pipe buffer. The smc_spd_priv\npointer itself was not handled, so after tee() both the original and the\ncloned pipe_buffer share the same smc_spd_priv *.\n\nWhen both pipes are subsequently released, smc_rx_pipe_buf_release() is\ncalled twice against the same object:\n\n 1st call: kfree(priv) sock_put(sk) smc_rx_update_cons() [correct]\n 2nd call: kfree(priv) sock_put(sk) smc_rx_update_cons() [UAF]\n\nKASAN reports a slab-use-after-free in smc_rx_pipe_buf_release(), which\nthen escalates to a NULL-pointer dereference and kernel panic via\nsmc_rx_update_consumer() when it chases the freed priv-\u003esmc pointer:\n\n BUG: KASAN: slab-use-after-free in smc_rx_pipe_buf_release+0x78/0x2a0\n Read of size 8 at addr ffff888004a45740 by task smc_splice_tee_/74\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x53/0x70\n print_report+0xce/0x650\n kasan_report+0xc6/0x100\n smc_rx_pipe_buf_release+0x78/0x2a0\n free_pipe_info+0xd4/0x130\n pipe_release+0x142/0x160\n __fput+0x1c6/0x490\n __x64_sys_close+0x4f/0x90\n do_syscall_64+0xa6/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n RIP: 0010:smc_rx_update_consumer+0x8d/0x350\n Call Trace:\n \u003cTASK\u003e\n smc_rx_pipe_buf_release+0x121/0x2a0\n free_pipe_info+0xd4/0x130\n pipe_release+0x142/0x160\n __fput+0x1c6/0x490\n __x64_sys_close+0x4f/0x90\n do_syscall_64+0xa6/0x1a0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nBeyond the memory-safety problem, duplicating an SMC splice buffer is\nsemantically questionable: smc_rx_update_cons() would advance the\nconsumer cursor twice for the same data, corrupting receive-window\naccounting. A refcount on smc_spd_priv could fix the double-free, but\nthe cursor-accounting issue would still need to be addressed separately.\n\nThe .get callback is invoked by both tee(2) and splice_pipe_to_pipe()\nfor partial transfers; both will now return -EFAULT. Users who need\nto duplicate SMC socket data must use a copy-based read path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31507"
},
{
"cve": "CVE-2026-31508",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Avoid releasing netdev before teardown completes\n\nThe patch cited in the Fixes tag below changed the teardown code for\nOVS ports to no longer unconditionally take the RTNL. After this change,\nthe netdev_destroy() callback can proceed immediately to the call_rcu()\ninvocation if the IFF_OVS_DATAPATH flag is already cleared on the\nnetdev.\n\nThe ovs_netdev_detach_dev() function clears the flag before completing\nthe unregistration, and if it gets preempted after clearing the flag (as\ncan happen on an -rt kernel), netdev_destroy() can complete and the\ndevice can be freed before the unregistration completes. This leads to a\nsplat like:\n\n[ 998.393867] Oops: general protection fault, probably for non-canonical address 0xff00000001000239: 0000 [#1] SMP PTI\n[ 998.393877] CPU: 42 UID: 0 PID: 55177 Comm: ip Kdump: loaded Not tainted 6.12.0-211.1.1.el10_2.x86_64+rt #1 PREEMPT_RT\n[ 998.393886] Hardware name: Dell Inc. PowerEdge R740/0JMK61, BIOS 2.24.0 03/27/2025\n[ 998.393889] RIP: 0010:dev_set_promiscuity+0x8d/0xa0\n[ 998.393901] Code: 00 00 75 d8 48 8b 53 08 48 83 ba b0 02 00 00 00 75 ca 48 83 c4 08 5b c3 cc cc cc cc 48 83 bf 48 09 00 00 00 75 91 48 8b 47 08 \u003c48\u003e 83 b8 b0 02 00 00 00 74 97 eb 81 0f 1f 80 00 00 00 00 90 90 90\n[ 998.393906] RSP: 0018:ffffce5864a5f6a0 EFLAGS: 00010246\n[ 998.393912] RAX: ff00000000ffff89 RBX: ffff894d0adf5a05 RCX: 0000000000000000\n[ 998.393917] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff894d0adf5a05\n[ 998.393921] RBP: ffff894d19252000 R08: ffff894d19252000 R09: 0000000000000000\n[ 998.393924] R10: ffff894d19252000 R11: ffff894d192521b8 R12: 0000000000000006\n[ 998.393927] R13: ffffce5864a5f738 R14: 00000000ffffffe2 R15: 0000000000000000\n[ 998.393931] FS: 00007fad61971800(0000) GS:ffff894cc0140000(0000) knlGS:0000000000000000\n[ 998.393936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 998.393940] CR2: 000055df0a2a6e40 CR3: 000000011c7fe003 CR4: 00000000007726f0\n[ 998.393944] PKRU: 55555554\n[ 998.393946] Call Trace:\n[ 998.393949] \u003cTASK\u003e\n[ 998.393952] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 998.393961] ? show_trace_log_lvl+0x1b0/0x2f0\n[ 998.393975] ? dp_device_event+0x41/0x80 [openvswitch]\n[ 998.394009] ? __die_body.cold+0x8/0x12\n[ 998.394016] ? die_addr+0x3c/0x60\n[ 998.394027] ? exc_general_protection+0x16d/0x390\n[ 998.394042] ? asm_exc_general_protection+0x26/0x30\n[ 998.394058] ? dev_set_promiscuity+0x8d/0xa0\n[ 998.394066] ? ovs_netdev_detach_dev+0x3a/0x80 [openvswitch]\n[ 998.394092] dp_device_event+0x41/0x80 [openvswitch]\n[ 998.394102] notifier_call_chain+0x5a/0xd0\n[ 998.394106] unregister_netdevice_many_notify+0x51b/0xa60\n[ 998.394110] rtnl_dellink+0x169/0x3e0\n[ 998.394121] ? rt_mutex_slowlock.constprop.0+0x95/0xd0\n[ 998.394125] rtnetlink_rcv_msg+0x142/0x3f0\n[ 998.394128] ? avc_has_perm_noaudit+0x69/0xf0\n[ 998.394130] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n[ 998.394132] netlink_rcv_skb+0x50/0x100\n[ 998.394138] netlink_unicast+0x292/0x3f0\n[ 998.394141] netlink_sendmsg+0x21b/0x470\n[ 998.394145] ____sys_sendmsg+0x39d/0x3d0\n[ 998.394149] ___sys_sendmsg+0x9a/0xe0\n[ 998.394156] __sys_sendmsg+0x7a/0xd0\n[ 998.394160] do_syscall_64+0x7f/0x170\n[ 998.394162] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 998.394165] RIP: 0033:0x7fad61bf4724\n[ 998.394188] Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d c5 e9 0c 00 00 74 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\n[ 998.394189] RSP: 002b:00007ffd7e2f7cb8 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 998.394191] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fad61bf4724\n[ 998.394193] RDX: 0000000000000000 RSI: 00007ffd7e2f7d20 RDI: 0000000000000003\n[ 998.394194] RBP: 00007ffd7e2f7d90 R08: 0000000000000010 R09: 000000000000003f\n[ 998.394195] R10: 000055df11558010 R11: 0000000000000202 R12: 00007ffd7e2\n---truncated---",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31508"
},
{
"cve": "CVE-2026-31515",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_key: validate families in pfkey_send_migrate()\n\nsyzbot was able to trigger a crash in skb_put() [1]\n\nIssue is that pfkey_send_migrate() does not check old/new families,\nand that set_ipsecrequest() @family argument was truncated,\nthus possibly overfilling the skb.\n\nValidate families early, do not wait set_ipsecrequest().\n\n[1]\n\nskbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:\u003cNULL\u003e\n kernel BUG at net/core/skbuff.c:214 !\nCall Trace:\n \u003cTASK\u003e\n skb_over_panic net/core/skbuff.c:219 [inline]\n skb_put+0x159/0x210 net/core/skbuff.c:2655\n skb_put_zero include/linux/skbuff.h:2788 [inline]\n set_ipsecrequest net/key/af_key.c:3532 [inline]\n pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636\n km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848\n xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705\n xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31515"
},
{
"cve": "CVE-2026-31518",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nesp: fix skb leak with espintcp and async crypto\n\nWhen the TX queue for espintcp is full, esp_output_tail_tcp will\nreturn an error and not free the skb, because with synchronous crypto,\nthe common xfrm output code will drop the packet for us.\n\nWith async crypto (esp_output_done), we need to drop the skb when\nesp_output_tail_tcp returns an error.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31518"
},
{
"cve": "CVE-2026-31521",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmodule: Fix kernel panic when a symbol st_shndx is out of bounds\n\nThe module loader doesn\u0027t check for bounds of the ELF section index in\nsimplify_symbols():\n\n for (i = 1; i \u003c symsec-\u003esh_size / sizeof(Elf_Sym); i++) {\n\t\tconst char *name = info-\u003estrtab + sym[i].st_name;\n\n\t\tswitch (sym[i].st_shndx) {\n\t\tcase SHN_COMMON:\n\n\t\t[...]\n\n\t\tdefault:\n\t\t\t/* Divert to percpu allocation if a percpu var. */\n\t\t\tif (sym[i].st_shndx == info-\u003eindex.pcpu)\n\t\t\t\tsecbase = (unsigned long)mod_percpu(mod);\n\t\t\telse\n /** HERE --\u003e **/\t\tsecbase = info-\u003esechdrs[sym[i].st_shndx].sh_addr;\n\t\t\tsym[i].st_value += secbase;\n\t\t\tbreak;\n\t\t}\n\t}\n\nA symbol with an out-of-bounds st_shndx value, for example 0xffff\n(known as SHN_XINDEX or SHN_HIRESERVE), may cause a kernel panic:\n\n BUG: unable to handle page fault for address: ...\n RIP: 0010:simplify_symbols+0x2b2/0x480\n ...\n Kernel panic - not syncing: Fatal exception\n\nThis can happen when module ELF is legitimately using SHN_XINDEX or\nwhen it is corrupted.\n\nAdd a bounds check in simplify_symbols() to validate that st_shndx is\nwithin the valid range before using it.\n\nThis issue was discovered due to a bug in llvm-objcopy, see relevant\ndiscussion for details [1].\n\n[1] https://lore.kernel.org/linux-modules/20251224005752.201911-1-ihor.solodrai@linux.dev/",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31521"
},
{
"cve": "CVE-2026-31533",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/tls: fix use-after-free in -EBUSY error path of tls_do_encryption\n\nThe -EBUSY handling in tls_do_encryption(), introduced by commit\n859054147318 (\"net: tls: handle backlogging of crypto requests\"), has\na use-after-free due to double cleanup of encrypt_pending and the\nscatterlist entry.\n\nWhen crypto_aead_encrypt() returns -EBUSY, the request is enqueued to\nthe cryptd backlog and the async callback tls_encrypt_done() will be\ninvoked upon completion. That callback unconditionally restores the\nscatterlist entry (sge-\u003eoffset, sge-\u003elength) and decrements\nctx-\u003eencrypt_pending. However, if tls_encrypt_async_wait() returns an\nerror, the synchronous error path in tls_do_encryption() performs the\nsame cleanup again, double-decrementing encrypt_pending and\ndouble-restoring the scatterlist.\n\nThe double-decrement corrupts the encrypt_pending sentinel (initialized\nto 1), making tls_encrypt_async_wait() permanently skip the wait for\npending async callbacks. A subsequent sendmsg can then free the\ntls_rec via bpf_exec_tx_verdict() while a cryptd callback is still\npending, resulting in a use-after-free when the callback fires on the\nfreed record.\n\nFix this by skipping the synchronous cleanup when the -EBUSY async\nwait returns an error, since the callback has already handled\nencrypt_pending and sge restoration.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31533"
},
{
"cve": "CVE-2026-31546",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix NULL deref in bond_debug_rlb_hash_show\n\nrlb_clear_slave intentionally keeps RLB hash-table entries on\nthe rx_hashtbl_used_head list with slave set to NULL when no\nreplacement slave is available. However, bond_debug_rlb_hash_show\nvisites client_info-\u003eslave without checking if it\u0027s NULL.\n\nOther used-list iterators in bond_alb.c already handle this NULL-slave\nstate safely:\n\n- rlb_update_client returns early on !client_info-\u003eslave\n- rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance\ncompare slave values before visiting\n- lb_req_update_subnet_clients continues if slave is NULL\n\nThe following NULL deref crash can be trigger in\nbond_debug_rlb_hash_show:\n\n[ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41)\n[ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286\n[ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204\n[ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078\n[ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000\n[ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0\n[ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8\n[ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000\n[ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0\n[ 1.295897] Call Trace:\n[ 1.296134] seq_read_iter (fs/seq_file.c:231)\n[ 1.296341] seq_read (fs/seq_file.c:164)\n[ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1))\n[ 1.296658] vfs_read (fs/read_write.c:572)\n[ 1.296981] ksys_read (fs/read_write.c:717)\n[ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n[ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nAdd a NULL check and print \"(none)\" for entries with no assigned slave.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31546"
},
{
"cve": "CVE-2026-31555",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31563",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: Use dev_consume_skb_any() to free TX SKBs\n\nThe napi_consume_skb() function is not intended to be called in an IRQ\ndisabled context. However, after commit 6bc8a5098bf4 (\"net: macb: Fix\ntx_ptr_lock locking\"), the freeing of TX SKBs is performed with IRQs\ndisabled. To resolve the following call trace, use dev_consume_skb_any()\nfor freeing TX SKBs:\n WARNING: kernel/softirq.c:430 at __local_bh_enable_ip+0x174/0x188, CPU#0: ksoftirqd/0/15\n Modules linked in:\n CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 7.0.0-rc4-next-20260319-yocto-standard-dirty #37 PREEMPT\n Hardware name: ZynqMP ZCU102 Rev1.1 (DT)\n pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __local_bh_enable_ip+0x174/0x188\n lr : local_bh_enable+0x24/0x38\n sp : ffff800082b3bb10\n x29: ffff800082b3bb10 x28: ffff0008031f3c00 x27: 000000000011ede0\n x26: ffff000800a7ff00 x25: ffff800083937ce8 x24: 0000000000017a80\n x23: ffff000803243a78 x22: 0000000000000040 x21: 0000000000000000\n x20: ffff000800394c80 x19: 0000000000000200 x18: 0000000000000001\n x17: 0000000000000001 x16: ffff000803240000 x15: 0000000000000000\n x14: ffffffffffffffff x13: 0000000000000028 x12: ffff000800395650\n x11: ffff8000821d1528 x10: ffff800081c2bc08 x9 : ffff800081c1e258\n x8 : 0000000100000301 x7 : ffff8000810426ec x6 : 0000000000000000\n x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000\n x2 : 0000000000000008 x1 : 0000000000000200 x0 : ffff8000810428dc\n Call trace:\n __local_bh_enable_ip+0x174/0x188 (P)\n local_bh_enable+0x24/0x38\n skb_attempt_defer_free+0x190/0x1d8\n napi_consume_skb+0x58/0x108\n macb_tx_poll+0x1a4/0x558\n __napi_poll+0x50/0x198\n net_rx_action+0x1f4/0x3d8\n handle_softirqs+0x16c/0x560\n run_ksoftirqd+0x44/0x80\n smpboot_thread_fn+0x1d8/0x338\n kthread+0x120/0x150\n ret_from_fork+0x10/0x20\n irq event stamp: 29751\n hardirqs last enabled at (29750): [\u003cffff8000813be184\u003e] _raw_spin_unlock_irqrestore+0x44/0x88\n hardirqs last disabled at (29751): [\u003cffff8000813bdf60\u003e] _raw_spin_lock_irqsave+0x38/0x98\n softirqs last enabled at (29150): [\u003cffff8000800f1aec\u003e] handle_softirqs+0x504/0x560\n softirqs last disabled at (29153): [\u003cffff8000800f2fec\u003e] run_ksoftirqd+0x44/0x80",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31563"
},
{
"cve": "CVE-2026-31565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Fix deadlock during netdev reset with active connections\n\nResolve deadlock that occurs when user executes netdev reset while RDMA\napplications (e.g., rping) are active. The netdev reset causes ice\ndriver to remove irdma auxiliary driver, triggering device_delete and\nsubsequent client removal. During client removal, uverbs_client waits\nfor QP reference count to reach zero while cma_client holds the final\nreference, creating circular dependency and indefinite wait in iWARP\nmode. Skip QP reference count wait during device reset to prevent\ndeadlock.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31565"
},
{
"cve": "CVE-2026-31628",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU: Fix FPDSS on Zen1\n\nZen1\u0027s hardware divider can leave, under certain circumstances, partial\nresults from previous operations. Those results can be leaked by\nanother, attacker thread.\n\nFix that with a chicken bit.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31628"
},
{
"cve": "CVE-2026-31634",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: fix reference count leak in rxrpc_server_keyring()\n\nThis patch fixes a reference count leak in rxrpc_server_keyring()\nby checking if rx-\u003esecurities is already set.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31634"
},
{
"cve": "CVE-2026-31649",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix integer underflow in chain mode\n\nThe jumbo_frm() chain-mode implementation unconditionally computes\n\n len = nopaged_len - bmax;\n\nwhere nopaged_len = skb_headlen(skb) (linear bytes only) and bmax is\nBUF_SIZE_8KiB or BUF_SIZE_2KiB. However, the caller stmmac_xmit()\ndecides to invoke jumbo_frm() based on skb-\u003elen (total length including\npage fragments):\n\n is_jumbo = stmmac_is_jumbo_frm(priv, skb-\u003elen, enh_desc);\n\nWhen a packet has a small linear portion (nopaged_len \u003c= bmax) but a\nlarge total length due to page fragments (skb-\u003elen \u003e bmax), the\nsubtraction wraps as an unsigned integer, producing a huge len value\n(~0xFFFFxxxx). This causes the while (len != 0) loop to execute\nhundreds of thousands of iterations, passing skb-\u003edata + bmax * i\npointers far beyond the skb buffer to dma_map_single(). On IOMMU-less\nSoCs (the typical deployment for stmmac), this maps arbitrary kernel\nmemory to the DMA engine, constituting a kernel memory disclosure and\npotential memory corruption from hardware.\n\nFix this by introducing a buf_len local variable clamped to\nmin(nopaged_len, bmax). Computing len = nopaged_len - buf_len is then\nalways safe: it is zero when the linear portion fits within a single\ndescriptor, causing the while (len != 0) loop to be skipped naturally,\nand the fragment loop in stmmac_xmit() handles page fragments afterward.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31649"
},
{
"cve": "CVE-2026-31651",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: vub300: fix NULL-deref on disconnect\n\nMake sure to deregister the controller before dropping the reference to\nthe driver data on disconnect to avoid NULL-pointer dereferences or\nuse-after-free.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31651"
},
{
"cve": "CVE-2026-31658",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit()\n\nWhen dma_map_single() fails in tse_start_xmit(), the function returns\nNETDEV_TX_OK without freeing the skb. Since NETDEV_TX_OK tells the\nstack the packet was consumed, the skb is never freed, leaking memory\non every DMA mapping failure.\n\nAdd dev_kfree_skb_any() before returning to properly free the skb.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31658"
},
{
"cve": "CVE-2026-31664",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31669",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix slab-use-after-free in __inet_lookup_established\n\nThe ehash table lookups are lockless and rely on\nSLAB_TYPESAFE_BY_RCU to guarantee socket memory stability\nduring RCU read-side critical sections. Both tcp_prot and\ntcpv6_prot have their slab caches created with this flag\nvia proto_register().\n\nHowever, MPTCP\u0027s mptcp_subflow_init() copies tcpv6_prot into\ntcpv6_prot_override during inet_init() (fs_initcall, level 5),\nbefore inet6_init() (module_init/device_initcall, level 6) has\ncalled proto_register(\u0026tcpv6_prot). At that point,\ntcpv6_prot.slab is still NULL, so tcpv6_prot_override.slab\nremains NULL permanently.\n\nThis causes MPTCP v6 subflow child sockets to be allocated via\nkmalloc (falling into kmalloc-4k) instead of the TCPv6 slab\ncache. The kmalloc-4k cache lacks SLAB_TYPESAFE_BY_RCU, so\nwhen these sockets are freed without SOCK_RCU_FREE (which is\ncleared for child sockets by design), the memory can be\nimmediately reused. Concurrent ehash lookups under\nrcu_read_lock can then access freed memory, triggering a\nslab-use-after-free in __inet_lookup_established.\n\nFix this by splitting the IPv6-specific initialization out of\nmptcp_subflow_init() into a new mptcp_subflow_v6_init(), called\nfrom mptcp_proto_v6_init() before protocol registration. This\nensures tcpv6_prot_override.slab correctly inherits the\nSLAB_TYPESAFE_BY_RCU slab cache.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31669"
},
{
"cve": "CVE-2026-31670",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rfkill: prevent unlimited numbers of rfkill events from being created\n\nUserspace can create an unlimited number of rfkill events if the system\nis so configured, while not consuming them from the rfkill file\ndescriptor, causing a potential out of memory situation. Prevent this\nfrom bounding the number of pending rfkill events at a \"large\" number\n(i.e. 1000) to prevent abuses like this.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31670"
},
{
"cve": "CVE-2026-31671",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm_user: fix info leak in build_report()\n\nstruct xfrm_user_report is a __u8 proto field followed by a struct\nxfrm_selector which means there is three \"empty\" bytes of padding, but\nthe padding is never zeroed before copying to userspace. Fix that up by\nzeroing the structure before setting individual member variables.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31671"
},
{
"cve": "CVE-2026-31674",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31680",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31682",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: linearize skb before parsing ND options\n\nbr_nd_send() parses neighbour discovery options from ns-\u003eopt[] and\nassumes that these options are in the linear part of request.\n\nIts callers only guarantee that the ICMPv6 header and target address\nare available, so the option area can still be non-linear. Parsing\nns-\u003eopt[] in that case can access data past the linear buffer.\n\nLinearize request before option parsing and derive ns from the linear\nnetwork header.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31682"
},
{
"cve": "CVE-2026-31737",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ftgmac100: fix ring allocation unwind on open failure\n\nftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and\nrx_scratch in stages. On intermediate failures it returned -ENOMEM\ndirectly, leaking resources allocated earlier in the function.\n\nRework the failure path to use staged local unwind labels and free\nallocated resources in reverse order before returning -ENOMEM. This\nmatches common netdev allocation cleanup style.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31737"
},
{
"cve": "CVE-2026-31752",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31761",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: gyro: mpu3050: Move iio_device_register() to correct location\n\niio_device_register() should be at the end of the probe function to\nprevent race conditions.\n\nPlace iio_device_register() at the end of the probe function and place\niio_device_unregister() accordingly.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31761"
},
{
"cve": "CVE-2026-31768",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: adc: ti-adc161s626: use DMA-safe memory for spi_read()\n\nAdd a DMA-safe buffer and use it for spi_read() instead of a stack\nmemory. All SPI buffers must be DMA-safe.\n\nSince we only need up to 3 bytes, we just use a u8[] instead of __be16\nand __be32 and change the conversion functions appropriately.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-31768"
},
{
"cve": "CVE-2026-32776",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-32776"
},
{
"cve": "CVE-2026-32777",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "libexpat before 2.7.5 allows an infinite loop while parsing DTD content.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-32777"
},
{
"cve": "CVE-2026-32778",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-32778"
},
{
"cve": "CVE-2026-40355",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-40355"
},
{
"cve": "CVE-2026-41080",
"cwe": {
"id": "CWE-331",
"name": "Insufficient Entropy"
},
"notes": [
{
"category": "description",
"text": "libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-41080"
},
{
"cve": "CVE-2026-41989",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-41989"
},
{
"cve": "CVE-2026-43011",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/x25: Fix potential double free of skb\n\nWhen alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at\nline 48 and returns 1 (error).\nThis error propagates back through the call chain:\n\nx25_queue_rx_frame returns 1\n |\n v\nx25_state3_machine receives the return value 1 and takes the else\nbranch at line 278, setting queued=0 and returning 0\n |\n v\nx25_process_rx_frame returns queued=0\n |\n v\nx25_backlog_rcv at line 452 sees queued=0 and calls kfree_skb(skb)\nagain\n\nThis would free the same skb twice. Looking at x25_backlog_rcv:\n\nnet/x25/x25_in.c:x25_backlog_rcv() {\n ...\n queued = x25_process_rx_frame(sk, skb);\n ...\n if (!queued)\n kfree_skb(skb);\n}",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43011"
},
{
"cve": "CVE-2026-43024",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43025",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: ignore explicit helper on new expectations\n\nUse the existing master conntrack helper, anything else is not really\nsupported and it just makes validation more complicated, so just ignore\nwhat helper userspace suggests for this expectation.\n\nThis was uncovered when validating CTA_EXPECT_CLASS via different helper\nprovided by userspace than the existing master conntrack helper:\n\n BUG: KASAN: slab-out-of-bounds in nf_ct_expect_related_report+0x2479/0x27c0\n Read of size 4 at addr ffff8880043fe408 by task poc/102\n Call Trace:\n nf_ct_expect_related_report+0x2479/0x27c0\n ctnetlink_create_expect+0x22b/0x3b0\n ctnetlink_new_expect+0x4bd/0x5c0\n nfnetlink_rcv_msg+0x67a/0x950\n netlink_rcv_skb+0x120/0x350\n\nAllowing to read kernel memory bytes off the expectation boundary.\n\nCTA_EXPECT_HELP_NAME is still used to offer the helper name to userspace\nvia netlink dump.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43025"
},
{
"cve": "CVE-2026-43026",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent\n\nctnetlink_alloc_expect() allocates expectations from a non-zeroing\nslab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not\npresent in the netlink message, saved_addr and saved_proto are\nnever initialized. Stale data from a previous slab occupant can\nthen be dumped to userspace by ctnetlink_exp_dump_expect(), which\nchecks these fields to decide whether to emit CTA_EXPECT_NAT.\n\nThe safe sibling nf_ct_expect_init(), used by the packet path,\nexplicitly zeroes these fields.\n\nZero saved_addr, saved_proto and dir in the else branch, guarded\nby IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when\nNAT is enabled.\n\nConfirmed by priming the expect slab with NAT-bearing expectations,\nfreeing them, creating a new expectation without CTA_EXPECT_NAT,\nand observing that the ctnetlink dump emits a spurious\nCTA_EXPECT_NAT containing stale data from the prior allocation.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43026"
},
{
"cve": "CVE-2026-43027",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_helper: pass helper to expect cleanup\n\nnf_conntrack_helper_unregister() calls nf_ct_expect_iterate_destroy()\nto remove expectations belonging to the helper being unregistered.\nHowever, it passes NULL instead of the helper pointer as the data\nargument, so expect_iter_me() never matches any expectation and all\nof them survive the cleanup.\n\nAfter unregister returns, nfnl_cthelper_del() frees the helper\nobject immediately. Subsequent expectation dumps or packet-driven\ninit_conntrack() calls then dereference the freed exp-\u003ehelper,\ncausing a use-after-free.\n\nPass the actual helper pointer so expectations referencing it are\nproperly destroyed before the helper object is freed.\n\n BUG: KASAN: slab-use-after-free in string+0x38f/0x430\n Read of size 1 at addr ffff888003b14d20 by task poc/103\n Call Trace:\n string+0x38f/0x430\n vsnprintf+0x3cc/0x1170\n seq_printf+0x17a/0x240\n exp_seq_show+0x2e5/0x560\n seq_read_iter+0x419/0x1280\n proc_reg_read+0x1ac/0x270\n vfs_read+0x179/0x930\n ksys_read+0xef/0x1c0\n Freed by task 103:\n The buggy address is located 32 bytes inside of\n freed 192-byte region [ffff888003b14d00, ffff888003b14dc0)",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43027"
},
{
"cve": "CVE-2026-43028",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43030",
"cwe": {
"id": "CWE-372",
"name": "Incomplete Internal State Distinction"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix regsafe() for pointers to packet\n\nIn case rold-\u003ereg-\u003erange == BEYOND_PKT_END \u0026\u0026 rcur-\u003ereg-\u003erange == N\nregsafe() may return true which may lead to current state with\nvalid packet range not being explored. Fix the bug.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43030"
},
{
"cve": "CVE-2026-43033",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption\n\nWhen decrypting data that is not in-place (src != dst), there is\nno need to save the high-order sequence bits in dst as it could\nsimply be re-copied from the source.\n\nHowever, the data to be hashed need to be rearranged accordingly.\n\n\nThanks,",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43033"
},
{
"cve": "CVE-2026-43035",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43038",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: icmp: clear skb2-\u003ecb[] in ip6_err_gen_icmpv6_unreach()\n\nSashiko AI-review observed:\n\n In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet\n where its cb contains an IPv4 inet_skb_parm. When skb is cloned into skb2\n and passed to icmp6_send(), it uses IP6CB(skb2).\n\n IP6CB interprets the IPv4 inet_skb_parm as an inet6_skb_parm. The cipso\n offset in inet_skb_parm.opt directly overlaps with dsthao in inet6_skb_parm\n at offset 18.\n\n If an attacker sends a forged ICMPv4 error with a CIPSO IP option, dsthao\n would be a non-zero offset. Inside icmp6_send(), mip6_addr_swap() is called\n and uses ipv6_find_tlv(skb, opt-\u003edsthao, IPV6_TLV_HAO).\n\n This would scan the inner, attacker-controlled IPv6 packet starting at that\n offset, potentially returning a fake TLV without checking if the remaining\n packet length can hold the full 18-byte struct ipv6_destopt_hao.\n\n Could mip6_addr_swap() then perform a 16-byte swap that extends past the end\n of the packet data into skb_shared_info?\n\n Should the cb array also be cleared in ip6_err_gen_icmpv6_unreach() and\n ip6ip6_err() to prevent this?\n\nThis patch implements the first suggestion.\n\nI am not sure if ip6ip6_err() needs to be changed.\nA separate patch would be better anyway.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43038"
},
{
"cve": "CVE-2026-43040",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak\n\nWhen processing Router Advertisements with user options the kernel\nbuilds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct\nhas three padding fields that are never zeroed and can leak kernel data\n\nThe fix is simple, just zeroes the padding fields.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43040"
},
{
"cve": "CVE-2026-43057",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: correctly handle tunneled traffic on IPV6_CSUM GSO fallback\n\nNETIF_F_IPV6_CSUM only advertises support for checksum offload of\npackets without IPv6 extension headers. Packets with extension\nheaders must fall back onto software checksumming. Since TSO\ndepends on checksum offload, those must revert to GSO.\n\nThe below commit introduces that fallback. It always checks\nnetwork header length. For tunneled packets, the inner header length\nmust be checked instead. Extend the check accordingly.\n\nA special case is tunneled packets without inner IP protocol. Such as\nRFC 6951 SCTP in UDP. Those are not standard IPv6 followed by\ntransport header either, so also must revert to the software GSO path.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43057"
},
{
"cve": "CVE-2026-43284",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: esp: avoid in-place decrypt on shared skb frags\n\nMSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP\nmarks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(),\nso later paths that may modify packet data can first make a private\ncopy. The IPv4/IPv6 datagram append paths did not set this flag when\nsplicing pages into UDP skbs.\n\nThat leaves an ESP-in-UDP packet made from shared pipe pages looking\nlike an ordinary uncloned nonlinear skb. ESP input then takes the no-COW\nfast path for uncloned skbs without a frag_list and decrypts in place\nover data that is not owned privately by the skb.\n\nMark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching\nTCP. Also make ESP input fall back to skb_cow_data() when the flag is\npresent, so ESP does not decrypt externally backed frags in place.\nPrivate nonlinear skb frags still use the existing fast path.\n\nThis intentionally does not change ESP output. In esp_output_head(),\nthe path that appends the ESP trailer to existing skb tailroom without\ncalling skb_cow_data() is not reachable for nonlinear skbs:\nskb_tailroom() returns zero when skb-\u003edata_len is nonzero, while ESP\ntailen is positive. Thus ESP output will either use the separate\ndestination-frag path or fall back to skb_cow_data().",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-43284"
},
{
"cve": "CVE-2026-45186",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "description",
"text": "In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"2",
"4",
"6",
"8",
"10"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
]
},
{
"category": "vendor_fix",
"details": "Update to V3.1.6 or later version",
"product_ids": [
"2",
"4",
"6",
"8",
"10"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109478459/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"2",
"4",
"6",
"8",
"10"
]
}
],
"title": "CVE-2026-45186"
},
{
"cve": "CVE-2026-46174",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/CPU/AMD: Prevent improper isolation of shared resources in Zen2\u0027s op cache\n\nMake sure resources are not improperly shared in the op cache and\ncause instruction corruption this way.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-46174"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: preserve shared-frag marker during coalescing\n\nskb_try_coalesce() can attach paged frags from @from to @to. If @from\nhas SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same\nexternally-owned or page-cache-backed frags, but the shared-frag marker\nis currently lost.\n\nThat breaks the invariant relied on by later in-place writers. In\nparticular, ESP input checks skb_has_shared_frag() before deciding\nwhether an uncloned nonlinear skb can skip skb_cow_data(). If TCP\nreceive coalescing has moved shared frags into an unmarked skb, ESP can\nsee skb_has_shared_frag() as false and decrypt in place over page-cache\nbacked frags.\n\nPropagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged\nfrags. The tailroom copy path does not need the marker because it copies\nbytes into @to\u0027s linear data rather than transferring frag descriptors.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"1",
"3",
"5",
"7",
"9"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Limit access to the interactive shell of the additional GNU/Linux subssytem to trusted personnel only.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources.",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"3",
"5",
"7",
"9"
]
}
],
"title": "CVE-2026-46300"
}
]
}
SUSE-SU-2026:22433-1
Vulnerability from csaf_suse - Published: 2026-06-30 17:41 - Updated: 2026-06-30 17:41| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290).\n- CVE-2025-38549: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (bsc#1248235).\n- CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2026-23303: smb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds (bsc#1260502).\n- CVE-2026-23327: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()\n- CVE-2026-23359: bpf: Fix stack-out-of-bounds write in devmap (bsc#1260584).\n- CVE-2026-23438: net: mvpp2: guard flow control update with global_tx_fc in buffer switching (bsc#1261619).\n- CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307).\n- CVE-2026-31396: net: macb: fix use-after-free access to PTP clock (bsc#1261791).\n- CVE-2026-31414: netfilter: nf_conntrack_expect: use expect-\u003ehelper (bsc#1262085).\n- CVE-2026-31429: net: skb: fix cross-cache free of KFENCE-allocated skb head (bsc#1262392).\n- CVE-2026-31446: ext4: fix use-after-free in update_super_work when racing with umount (bsc#1262619).\n- CVE-2026-31448: ext4: avoid infinite loops caused by residual data (bsc#1262622).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31454: xfs: save ailp before dropping the AIL lock in push callbacks (bsc#1262624).\n- CVE-2026-31455: xfs: stop reclaim before pushing AIL during unmount (bsc#1262615).\n- CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n- CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663).\n- CVE-2026-31480: tracing: Fix potential deadlock in cpu hotplug with osnoise (bsc#1262634).\n- CVE-2026-31492: RDMA/irdma: Initialize free_qp completion before using it (bsc#1262748).\n- CVE-2026-31493: RDMA/efa: Fix use of completion ctx after free (bsc#1262668).\n- CVE-2026-31495: netfilter: ctnetlink: use netlink policy range checks (bsc#1262798).\n- CVE-2026-31499: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() (bsc#1262674).\n- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).\n- CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755).\n- CVE-2026-31518: esp: fix skb leak with espintcp and async crypto (bsc#1262606).\n- CVE-2026-31546: net: bonding: fix NULL deref in bond_debug_rlb_hash_show (bsc#1263006).\n- CVE-2026-31555: futex: Clear stale exiting pointer in futex_lock_pi() retry path (bsc#1263178).\n- CVE-2026-31590: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (bsc#1263152).\n- CVE-2026-31592: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock (bsc#1263123).\n- CVE-2026-31596: ocfs2: handle invalid dinode in ocfs2_group_extend (bsc#1263319).\n- CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769).\n- CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774).\n- CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790).\n- CVE-2026-31655: pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled (bsc#1263724).\n- CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).\n- CVE-2026-31665: kABI: netfilter: nft_ct: fix use-after-free in timeout object destroy (bsc#1263137).\n- CVE-2026-31671: xfrm_user: fix info leak in build_report() (bsc#1263115).\n- CVE-2026-31673: af_unix: read UNIX_DIAG_VFS data under unix_state_lock (bsc#1263143).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562).\n- CVE-2026-31680: net: ipv6: flowlabel: defer exclusive option free until RCU teardown (bsc#1263563).\n- CVE-2026-31693: cifs: some missing initializations on replay (bsc#1267744).\n- CVE-2026-31697: crypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed (bsc#1264116).\n- CVE-2026-31698: crypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).\n- CVE-2026-31699: crypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed (bsc#1263879).\n- CVE-2026-31703: writeback: Fix use after free in inode_switch_wbs_work_fn() (bsc#1263883).\n- CVE-2026-31752: bridge: br_nd_send: validate ND option lengths (bsc#1264045).\n- CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31767: drm/i915/dsi: Don\u0027t do DSC horizontal timing adjustments in command mode (bsc#1264124).\n- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).\n- CVE-2026-43013: net/mlx5: lag: Check for LAG device before creating debugfs (bsc#1264011).\n- CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43026: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (bsc#1263932).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43030: bpf: Fix regsafe() for pointers to packet (bsc#1264000).\n- CVE-2026-43035: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak (bsc#1263996).\n- CVE-2026-43036: net: use skb_header_pointer() for TCPv4 GSO frag_off check (bsc#1263993).\n- CVE-2026-43040: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-\n- CVE-2026-43049: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (bsc#1264080).\n- CVE-2026-43052: wifi: mac80211: check tdls flag in ieee80211_tdls_oper (bsc#1263945).\n- CVE-2026-43053: xfs: close crash window in attr dabtree inactivation (bsc#1264084).\n- CVE-2026-43054: scsi: target: tcm_loop: Drain commands in target_reset handler (bsc#1264063).\n- CVE-2026-43059: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (bsc#1264184).\n- CVE-2026-43065: ext4: always drain queued discard work in ext4_mb_release() (bsc#1264243).\n- CVE-2026-43066: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths (bsc#1264245).\n- CVE-2026-43068: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() (bsc#1264255).\n- CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43083: net: ioam6: fix OOB and missing lock (bsc#1264266).\n- CVE-2026-43101: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (bsc#1264239).\n- CVE-2026-43109: x86: shadow stacks: proper error handling for mmap lock (bsc#1264484).\n- CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437).\n- CVE-2026-43119: Bluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status (bsc#1264561).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43171: EFI/CPER: do not dump the entire memory region (bsc#1264549).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551).\n- CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409).\n- CVE-2026-43239: smb: client: prevent races in -\u003equery_interfaces() (bsc#1264444).\n- CVE-2026-43249: 9p/xen: protect xen_9pfs_front_free against concurrent calls (bsc#1264476).\n- CVE-2026-43252: mptcp: pm: in-kernel: always set ID as avail when rm endp (bsc#1264300).\n- CVE-2026-43261: arm64: Add support for TSV110 Spectre-BHB mitigation (bsc#1264430).\n- CVE-2026-43296: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky (bsc#1264805).\n- CVE-2026-43325: wifi: iwlwifi: mvm: don\u0027t send a 6E related command when not supported (bsc#1265110).\n- CVE-2026-43333: bpf: reject direct access to nullable PTR_TO_BUF pointers (bsc#1264726).\n- CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43341: net/ipv6: ioam6: prevent schema length wraparound in trace fill (bsc#1265044).\n- CVE-2026-43345: net: ipa: fix event ring index not programmed for IPA v5.0+ (bsc#1265103).\n- CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719).\n- CVE-2026-43360: btrfs: fix transaction abort on file creation due to name hash collision (bsc#1264720).\n- CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722).\n- CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989).\n- CVE-2026-43405: libceph: Use u32 for non-negative values in ceph_monmap_decode() (bsc#1264741).\n- CVE-2026-43406: libceph: prevent potential out-of-bounds reads in process_message_header() (bsc#1265073).\n- CVE-2026-43407: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() (bsc#1265020).\n- CVE-2026-43411: tipc: fix divide-by-zero in tipc_sk_filter_connect() (bsc#1264672).\n- CVE-2026-43413: scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1264671).\n- CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669).\n- CVE-2026-43455: net: mctp: Ensure keys maintain only one ref to corresponding dev (bsc#1264765).\n- CVE-2026-43469: xprtrdma: Decrement re_receiving on the early exit paths (bsc#1265143).\n- CVE-2026-43470: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir (bsc#1265128).\n- CVE-2026-43483: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated (bsc#1265240).\n- CVE-2026-43491: net: qrtr: ns: Limit the maximum server registration per node (bsc#1265628).\n- CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001).\n- CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009).\n- CVE-2026-45840: openvswitch: cap upcall PID array size and pre-size vport replies (bsc#1266397).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45842: slip: reject VJ receive packets on instances with no rstate array (bsc#1266400).\n- CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395).\n- CVE-2026-45846: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() (bsc#1266394).\n- CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711).\n- CVE-2026-45856: RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send (bsc#1266720).\n- CVE-2026-45862: iommu/vt-d: Flush cache for PASID table before using it (bsc#1266705).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45878: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (bsc#1266767).\n- CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810).\n- CVE-2026-45894: iommu/vt-d: Clear Present bit before tearing down PASID entry (bsc#1266895).\n- CVE-2026-45910: RDMA/rxe: Fix race condition in QP timer handlers (bsc#1266889).\n- CVE-2026-45932: bpf: Fix tcx/netkit detach permissions when prog fd isn\u0027t given (bsc#1266827).\n- CVE-2026-45940: net: stmmac: fix oops when split header is enabled (bsc#1266916).\n- CVE-2026-45961: gfs2: fix memory leaks in gfs2_fill_super error path (bsc#1266933).\n- CVE-2026-45964: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path (bsc#1266698).\n- CVE-2026-45965: apparmor: fix invalid deref of rawdata when export_binary is unset (bsc#1267208).\n- CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205).\n- CVE-2026-45974: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found (bsc#1266922).\n- CVE-2026-45983: nfsd: never defer requests during idmap lookup (bsc#1266697).\n- CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214).\n- CVE-2026-46004: ALSA: caiaq: Handle probe errors properly (bsc#1267222).\n- CVE-2026-46005: xfs: fix a resource leak in xfs_alloc_buftarg() (bsc#1267431).\n- CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220).\n- CVE-2026-46024: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (bsc#1267218).\n- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).\n- CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901).\n- CVE-2026-46079: rbd: fix null-ptr-deref when device_add_disk() fails (bsc#1266452).\n- CVE-2026-46083: spi: fix resource leaks on device setup failure (bsc#1266696).\n- CVE-2026-46090: ALSA: aloop: Use guard() for spin locks (bsc#1267531).\n- CVE-2026-46094: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access (bsc#1266927).\n- CVE-2026-46101: netfilter: reject zero shift in nft_bitwise (bsc#1266878).\n- CVE-2026-46110: net: stmmac: rename STMMAC_GET_ENTRY() -\u003e STMMAC_NEXT_ENTRY() (bsc#1266759).\n- CVE-2026-46111: Bluetooth: hci_conn: fix potential UAF in create_big_sync (bsc#1267626).\n- CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969).\n- CVE-2026-46114: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads (bsc#1266972).\n- CVE-2026-46119: libceph: Fix slab-out-of-bounds access in auth message processing (bsc#1267628).\n- CVE-2026-46120: ip6_gre: Use cached t-\u003enet in ip6erspan_changelink() (bsc#1267640).\n- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).\n- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).\n- CVE-2026-46157: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (bsc#1267726).\n- CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652).\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46172: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (bsc#1266903).\n- CVE-2026-46176: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init() (bsc#1266816).\n- CVE-2026-46181: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (bsc#1266826).\n- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).\n- CVE-2026-46209: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (bsc#1267663).\n- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).\n- CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync (bsc#1267654).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Suppress UBSAN warning caused by field misuse (git-fixes).\n- ACPI: IPMI: Fix message kref handling on dead device (git-fixes).\n- ACPI: NFIT: core: Fix possible NULL pointer dereference (git-fixes).\n- ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams (git-fixes).\n- ALSA: aloop: Drop superfluous break (git-fixes).\n- ALSA: asihpi: Fix potential OOB array access at reading cache (stable-fixes).\n- ALSA: cmipci: check snd_ctl_new1() return value (git-fixes).\n- ALSA: core: Fix unintuitive behavior of snd_power_ref_and_wait() (git-fixes).\n- ALSA: es1938: check snd_ctl_new1() return value (git-fixes).\n- ALSA: gus: check snd_ctl_new1() return value (git-fixes).\n- ALSA: hda/conexant: Renaming the codec with device ID 0x1f86 and 0x1f87 (stable-fixes).\n- ALSA: ice1712: check snd_ctl_new1() return value (git-fixes).\n- ALSA: sc6000: Keep the programmed board state in card-private data (git-fixes).\n- ALSA: sc6000: Use standard print API (stable-fixes).\n- ALSA: seq: Clear variable event pointer on read (git-fixes).\n- ALSA: seq: Fix partial userptr event expansion (git-fixes).\n- ALSA: seq: midi: Serialize output teardown with event_input (git-fixes).\n- ALSA: ua101: Reject too-short USB descriptors (git-fixes).\n- ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes).\n- ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes).\n- ALSA: usb-audio: Propagate US-16x08 write errors in route/mix EQ-switch put callbacks (git-fixes).\n- ALSA: usb-audio: Propagate errors in scarlett_ctl_enum_put() (git-fixes).\n- ALSA: usb-audio: Roll back quirk control caches on write errors (git-fixes).\n- ALSA: usb-audio: Update Babyface Pro control caches only after successful writes (git-fixes).\n- ALSA: usb-audio: Update US-16x08 EQ/comp shadow state after successful writes (git-fixes).\n- ALSA: virtio: Add missing 384 kHz PCM rate mapping (git-fixes).\n- ALSA: ymfpci: check snd_ctl_new1() return value (git-fixes).\n- ASoC: SOF: Intel: hda-dai: add support for dspless mode beyond HDAudio (stable-fixes).\n- ASoC: SOF: Intel: hda-dai: remove dspless special case (stable-fixes).\n- ASoC: SOF: Intel: hda: Fix NULL pointer dereference (stable-fixes).\n- ASoC: SOF: ipc3-control: Fix TOCTOU in bytes_put and bytes_get (git-fixes).\n- ASoC: SOF: ipc3-control: Fix heap overflow in bytes_ext put/get (git-fixes).\n- ASoC: SOF: ipc3-control: Use overflow checks in control_update size calc (git-fixes).\n- ASoC: SOF: ipc3-control: Validate size in snd_sof_update_control (git-fixes).\n- ASoC: SOF: ipc4-control: Fix TOCTOU in sof_ipc4_bytes_put (git-fixes).\n- ASoC: SOF: topology: validate vendor array size before parsing (git-fixes).\n- ASoC: adau1372: Clear PLL_EN on failed PLL lock without reset GPIO (git-fixes).\n- ASoC: codecs: hdac_hdmi: Validate written enum value (git-fixes).\n- ASoC: codecs: simple-mux: Fix enum control bounds check (git-fixes).\n- ASoC: cs35l56: Cleanup if component_probe fails (git-fixes).\n- ASoC: cs35l56: Do not leave parent IRQ disabled if system_suspend fails (git-fixes).\n- ASoC: cs35l56: Fix flushing of IRQ work in cs35l56_sdw_remove() (git-fixes).\n- ASoC: cs35l56: Fix missing calls to wm_adsp2_remove() (git-fixes).\n- ASoC: fsl: fsl_audmix: Validate written enum values (git-fixes).\n- ASoC: meson: aiu: Validate written enum values (git-fixes).\n- ASoC: qcom: q6asm-dai: close stream only when running (git-fixes).\n- ASoC: qcom: q6asm-dai: do not set stream state in event and trigger callbacks (git-fixes).\n- ASoC: qcom: q6asm-dai: fix error handling in prepare and set_params (git-fixes).\n- ASoC: tegra: tegra210_ahub: Validate written enum value (git-fixes).\n- ASoC: topology: Check PCM and DAI name strings before use (git-fixes).\n- ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (git-fixes).\n- Bluetooth: 6lowpan: check skb_clone() return value in send_mcast_pkt() (git-fixes).\n- Bluetooth: HIDP: fix missing length checks in hidp_input_report() (git-fixes).\n- Bluetooth: ISO: drop ISO_END frames received without prior ISO_START (git-fixes).\n- Bluetooth: ISO: fix UAF in iso_recv_frame (git-fixes).\n- Bluetooth: ISO: serialize iso_sock_clear_timer with socket lock (git-fixes).\n- Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp (git-fixes).\n- Bluetooth: L2CAP: fix chan ref leak in l2cap_chan_timeout() on !conn (git-fixes).\n- Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() (git-fixes).\n- Bluetooth: MGMT: Fix backward compatibility with userspace (git-fixes).\n- Bluetooth: MGMT: validate Add Extended Advertising Data length (git-fixes).\n- Bluetooth: MGMT: validate advertising TLV before type checks (git-fixes).\n- Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind() (git-fixes).\n- Bluetooth: RFCOMM: validate skb length in MCC handlers (git-fixes).\n- Bluetooth: bnep: Fix UAF read of dev-\u003ename (git-fixes).\n- Bluetooth: bnep: reject short frames before parsing (git-fixes).\n- Bluetooth: btmtksdio: fix infinite loop in btmtksdio_txrx_work() (git-fixes).\n- Bluetooth: btusb: Allow firmware re-download when version matches (git-fixes).\n- Bluetooth: btusb: fix use-after-free on marvell probe failure (git-fixes).\n- Bluetooth: btusb: fix use-after-free on registration failure (git-fixes).\n- Bluetooth: btusb: fix wakeup irq devres lifetime (git-fixes).\n- Bluetooth: btusb: fix wakeup source leak on probe failure (git-fixes).\n- Bluetooth: eir: Fix stack OOB write when prepending the Flags AD (git-fixes).\n- Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() (git-fixes).\n- Bluetooth: hci: validate codec capability element length (git-fixes).\n- Bluetooth: hci_sync: Set HCI_CMD_DRAIN_WORKQUEUE during device close (git-fixes).\n- Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend (git-fixes).\n- Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths (git-fixes).\n- Bluetooth: l2cap: clear chan-\u003eident on ECRED reconfiguration success (git-fixes).\n- Bluetooth: vhci: validate devcoredump state before side effects (git-fixes).\n- Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-fixes).\n- HID: quirks: really enable the intended work around for appledisplay (git-fixes).\n- HID: uclogic: Fix regression of input name assignment (git-fixes).\n- HID: wacom: Fix OOB write in wacom_hid_set_device_mode() (git-fixes).\n- Improve compatibility with awk 2.4.0 (bsc#1266214). \n- Input: atkbd - skip deactivate for HONOR BCC-N\u0027s internal keyboard (git-fixes).\n- Input: atmel_mxt_ts - fix boundary check in mxt_prepare_cfg_mem (git-fixes).\n- Input: ims-pcu - fix usb_free_coherent() size in ims_pcu_buffers_free() (git-fixes).\n- Input: usbtouchscreen - clamp NEXIO data_len/x_len to URB buffer size (git-fixes).\n- Input: xpad - fix out-of-bounds access for Share button (git-fixes).\n- KVM: SEV: Ignore MMIO requests of length \u00270\u0027 (git-fixes).\n- KVM: SEV: Ignore Port I/O requests of length \u00270\u0027 (git-fixes).\n- KVM: SVM: Allow KVM_SET_NESTED_STATE to clear GIF when SVME==0 (git-fixes).\n- KVM: SVM: Do not set GIF when clearing EFER.SVME (git-fixes).\n- KVM: SVM: Flush the current TLB when transitioning from xAVIC =\u003e x2AVIC (git-fixes).\n- KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC (git-fixes).\n- KVM: SVM: check validity of VMCB controls when returning from SMM (git-fixes).\n- KVM: X86: Fix array_index_nospec protection in __pv_send_ipi (git-fixes).\n- KVM: arm64: Discard PC update state on vcpu reset (git-fixes).\n- KVM: arm64: Guard against NULL vcpu on VHE hyp panic path (git-fixes).\n- KVM: arm64: PMU: Preserve AArch32 counter low bits (git-fixes).\n- KVM: arm64: Treat vCPU with pending SError as runnable (git-fixes).\n- KVM: arm64: Wake-up from WFI when iqrchip is in userspace (git-fixes).\n- KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits (git-fixes).\n- KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes).\n- KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation (git-fixes).\n- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode (git-fixes).\n- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state (git-fixes).\n- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes).\n- KVM: nSVM: Use vcpu-\u003earch.cr2 when updating vmcb12 on nested #VMEXIT (git-fixes).\n- KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes).\n- KVM: x86: Fix Xen hypercall tracepoint argument assignment (git-fixes).\n- PM: sleep: Use complete() in device_pm_sleep_init() (git-fixes).\n- RDMA/efa: Check stored completion CTX command ID with received one (git-fixes)\n- RDMA/efa: Extend admin timeout error print (git-fixes)\n- RDMA/efa: Fix possible deadlock (git-fixes)\n- RDMA/efa: Improve admin completion context state machine (git-fixes)\n- RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes).\n- wicked test: Added missing locking in backport (bsc#1267732).\n- USB: cdc-acm: Fix bit overlap and move quirk definitions to header (git-fixes).\n- USB: serial: belkin_sa: validate interrupt status length (git-fixes).\n- USB: serial: cypress_m8: validate interrupt packet headers (git-fixes).\n- USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in get_manuf_info() (git-fixes).\n- USB: serial: keyspan: fix missing indat transfer sanity check (git-fixes).\n- USB: serial: kl5kusb105: fix bulk-out buffer overflow (git-fixes).\n- USB: serial: mct_u232: fix missing interrupt-in transfer sanity check (git-fixes).\n- USB: serial: mxuport: fix memory corruption with small endpoint (git-fixes).\n- USB: serial: omninet: fix memory corruption with small endpoint (git-fixes).\n- USB: serial: option: add missing RSVD(5) flag for Rolling RW135R-GL (git-fixes).\n- USB: serial: safe_serial: fix memory corruption with small endpoint (git-fixes).\n- X.509: Fix validation of ASN.1 certificate header (git-fixes).\n- add bugnumber to existing mana_ib change (bsc#1267682)\n- agp/amd64: Fix broken error propagation in agp_amd64_probe() (git-fixes).\n- arm64: tlb: Allow XZR argument to TLBI ops (git-fixes)\n- arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes)\n- auxdisplay: line-display: fix OOB read on zero-length message_store() (git-fixes).\n- batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (git-fixes).\n- batman-adv: bla: fix report_work leak on backbone_gw purge (git-fixes).\n- batman-adv: clear current gateway during teardown (git-fixes).\n- batman-adv: dat: handle forward allocation error (git-fixes).\n- batman-adv: fix batadv_skb_is_frag() kernel-doc (git-fixes).\n- batman-adv: fix fragment reassembly length accounting (git-fixes).\n- batman-adv: fix tp_meter counter underflow during shutdown (git-fixes).\n- batman-adv: frag: disallow unicast fragment in fragment (git-fixes).\n- batman-adv: tp_meter: add only finished tp_vars to lists (git-fixes).\n- batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (git-fixes).\n- batman-adv: tp_meter: avoid use of uninit sender vars (git-fixes).\n- batman-adv: tp_meter: avoid window underflow (git-fixes).\n- batman-adv: tp_meter: fix fast recovery precondition (git-fixes).\n- batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (git-fixes).\n- batman-adv: tp_meter: initialize dec_cwnd explicitly (git-fixes).\n- batman-adv: tp_meter: initialize dup_acks explicitly (git-fixes).\n- batman-adv: tp_meter: keep unacked list in ascending ordered (git-fixes).\n- batman-adv: tt: fix negative last_changeset_len (git-fixes).\n- batman-adv: tt: fix negative tt_buff_len (git-fixes).\n- bcache: fix uninitialized closure object (git-fixes).\n- bnxt_en: Fix NULL pointer dereference (bsc#1268307).\n- comedi: comedi_test: Fix limiting of convert_arg in waveform_ai_cmdtest() (git-fixes).\n- comedi: comedi_test: fix check for valid scan_begin_src in waveform_ai_cmdtest() (git-fixes).\n- crypto: af_alg - Cap AEAD AD length to 0x80000000 (git-fixes).\n- crypto: amlogic - avoid double cleanup in meson_crypto_probe() (git-fixes).\n- crypto: asymmetric_keys - fix OOB read in pefile_digest_pe_contents (git-fixes).\n- crypto: atmel-sha204a - fix blocking and non-blocking rng logic (git-fixes).\n- crypto: cavium/cpt - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: ccp - Fix snp_filter_reserved_mem_regions() off-by-one (git-fixes).\n- crypto: ccp - Treat zero-length cert chain as query for blob lengths (git-fixes).\n- crypto: drbg - Fix drbg_max_addtl() on 64-bit kernels (git-fixes).\n- crypto: drbg - Fix returning success on failure in CTR_DRBG (git-fixes).\n- crypto: drbg - Fix the fips_enabled priority boost (git-fixes).\n- crypto: ecc - Fix carry overflow in vli multiplication (git-fixes).\n- crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve (git-fixes).\n- crypto: hisilicon/qm - disable error report before flr (git-fixes).\n- crypto: marvell/octeontx - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: pcrypt - restore callback for non-parallel fallback (git-fixes).\n- crypto: qat - protect service table iterations with service_lock (git-fixes).\n- crypto: qat - validate RSA CRT component lengths (git-fixes).\n- crypto: rng - Free default RNG on module exit (git-fixes).\n- device property: set fwnode-\u003esecondary to NULL in fwnode_init() (git-fixes).\n- driver core: reject devices with unregistered buses (git-fixes).\n- driver core: use READ_ONCE() for dev-\u003edriver in dev_has_sync_state() (git-fixes).\n- drivers/base/memory: fix memory block reference leak in poison accounting (git-fixes).\n- drm/amd/display: Add missing kdoc for ALLM parameters (git-fixes).\n- drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size (git-fixes).\n- drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs (git-fixes).\n- drm/amd/display: Fix integer overflow in bios_get_image() (stable-fixes).\n- drm/amd/display: Reject gpio_bitshift \u003e= 32 in bios_parser_get_gpio_pin_info() (git-fixes).\n- drm/amd/display: Use krealloc_array() in dal_vector_reserve() (git-fixes).\n- drm/amd/display: Validate GPIO pin LUT table size before iterating (stable-fixes).\n- drm/amd/display: Validate payload length and link_index in dc_process_dmub_aux_transfer_async (stable-fixes).\n- drm/amd/pm/si: Disregard vblank time when no displays are connected (git-fixes).\n- drm/amdgpu/uvd3.1: Do not validate the firmware when already validated (git-fixes).\n- drm/amdgpu/vce2: Fix VCE 2 firmware size and offsets (git-fixes).\n- drm/amdgpu/vce3: Fix VCE 3 firmware size and offsets (git-fixes).\n- drm/amdgpu: fix integer overflow in amdgpu_gem_align_pitch() (git-fixes).\n- drm/amdgpu: fix spelling typos (stable-fixes).\n- drm/amdgpu: set sub_block_index for mca ras sub-blocks (git-fixes).\n- drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 (git-fixes).\n- drm/amdkfd: Validate CRIU-restored IDs before idr_alloc (git-fixes).\n- drm/amdkfd: fix NULL dereference in get_queue_ids() (git-fixes).\n- drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS() (git-fixes).\n- drm/bridge: chipone-icn6211: use devm_drm_bridge_add in i2c probe (git-fixes).\n- drm/bridge: it66121: acquire reset GPIO in probe (git-fixes).\n- drm/bridge: megachips: remove bridge when irq request fails (git-fixes).\n- drm/dp/mst: fix OOB reads in remote DPCD/I2C sideband reply parsers (git-fixes).\n- drm/dp/mst: fix OOB reads on 2-byte fields in sideband reply parsers (git-fixes).\n- drm/dp/mst: fix buffer overflows in sideband chunk accumulation (git-fixes).\n- drm/hisilicon/hibmc: move display contrl config to hibmc_probe() (git-fixes).\n- drm/hisilicon/hibmc: use clock to look up the PLL value (git-fixes).\n- drm/hyperv: use VMBUS_RING_SIZE() (git-fixes).\n- drm/hyperv: validate VMBus packet size in receive callback (git-fixes).\n- drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes).\n- drm/i915/gem: Fix phys BO pread/pwrite with offset (git-fixes).\n- drm/i915: Extract intel_dbuf_mdclk_cdclk_ratio_update() (stable-fixes).\n- drm/i915: Fix potential UAF in TTM object purge (git-fixes).\n- drm/i915: Loop over all active pipes in intel_mbus_dbox_update (stable-fixes).\n- drm/imx: Fix three kernel-doc warnings in dcss-scaler.c (git-fixes).\n- drm/msm/dp: Fix the ISR_* enum values (git-fixes).\n- drm/msm/dp: fix HPD state status bit shift value (git-fixes).\n- drm/msm/dsi: do not dump registers past the mapped region (git-fixes).\n- drm/msm/snapshot: fix dumping of the unaligned regions (git-fixes).\n- drm/nouveau/bios: specify correct display fuse register for Ampere and Ada (git-fixes).\n- drm/radeon/evergreen_cs: Add missing NULL prefix check in surface check (git-fixes).\n- drm/radeon: fix integer overflow in radeon_align_pitch() (git-fixes).\n- drm/radeon: fix memory leak in radeon_ring_restore() on lock failure (git-fixes).\n- drm/rockchip: cdn-dp: add missing check in cdn_dp_config_video() (git-fixes).\n- drm/tegra: Fix iommu_map_sgtable() return value check (git-fixes).\n- drm/tegra: dc: Fix device node reference leak in tegra_dc_has_output() (git-fixes).\n- drm/tidss: Drop extra drm_mode_config_reset() call (git-fixes).\n- drm/tidss: Fix missing drm_bridge_add() call (git-fixes).\n- drm/vc4: fix krealloc() memory leak (git-fixes).\n- drm/virtio: Fix driver removal with disabled KMS (git-fixes).\n- drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() (git-fixes).\n- drm/virtio: use uninterruptible resv lock for plane updates (git-fixes).\n- efi: Allocate runtime workqueue before ACPI init (git-fixes).\n- ethtool: provide customized dim profile management (bsc#1261256).\n- fbdev: broadsheetfb: fix potential memory leak in broadsheetfb_probe() (git-fixes).\n- fbdev: hecubafb: fix potential memory leak in hecubafb_probe() (git-fixes).\n- fbdev: i740fb: fix potential memory leak in i740fb_probe() (git-fixes).\n- fbdev: metronomefb: fix potential memory leak in metronomefb_probe() (git-fixes).\n- fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode (git-fixes).\n- fbdev: nvidia: fix potential memory leak in nvidiafb_probe() (git-fixes).\n- fbdev: radeon: fix potential memory leak in radeonfb_pci_register() (git-fixes).\n- fbdev: s3fb: fix potential memory leak in s3_pci_probe() (git-fixes).\n- fbdev: sm501fb: Fix buffer errors in OF binding code (git-fixes).\n- fbdev: sm712: Fix operator precedence in big_swap macro (git-fixes).\n- fbdev: tdfxfb: fix potential memory leak in tdfxfb_probe() (git-fixes).\n- fbdev: tridentfb: fix potential memory leak in trident_pci_probe() (git-fixes).\n- fbdev: uvesafb: fix potential memory leak in uvesafb_probe() (git-fixes).\n- fbdev: vesafb: fix memory leak in vesafb_probe() (git-fixes).\n- firmware: arm_ffa: Check for NULL FF-A ID table while driver registration (git-fixes).\n- firmware: arm_ffa: Skip free_pages on RX buffer alloc failure (git-fixes).\n- firmware: arm_scmi: Fix OOB in scmi_power_name_get() (git-fixes).\n- firmware: arm_scmi: Read sensor config as 32-bit value (git-fixes).\n- firmware_loader: Fix recursive lock in device_cache_fw_images() (git-fixes).\n- firmware_loader: fix device reference leak in firmware_upload_register() (git-fixes).\n- gpio: mvebu: fix NULL pointer dereference in suspend/resume (git-fixes).\n- gpu: host1x: Allow entries in BO caches to be freed (git-fixes).\n- gpu: host1x: Fix iommu_map_sgtable() return value check (git-fixes).\n- hv: utils: handle and propagate errors in kvp_register (git-fixes).\n- hwmon: (it87) Clamp negative values to zero in set_fan() (git-fixes).\n- hwmon: (pmbus/adm1266) bounce blackbox records through a protocol-sized buffer (git-fixes).\n- hwmon: (pmbus/adm1266) cap PDIO scan in get_multiple at ADM1266_PDIO_NR (git-fixes).\n- hwmon: (pmbus/adm1266) do not clobber GPIO bits before PDIO read in get_multiple (git-fixes).\n- hwmon: (pmbus/adm1266) include PEC byte in pmbus_block_xfer read buffer (git-fixes).\n- hwmon: (pmbus/adm1266) include adapter number in GPIO line label (git-fixes).\n- hwmon: (pmbus/adm1266) register the gpio_chip after pmbus_do_probe() (git-fixes).\n- hwmon: (pmbus/adm1266) register the nvmem device after pmbus_do_probe() (git-fixes).\n- hwmon: (pmbus/adm1266) reject implausible blackbox record_count (git-fixes).\n- hwmon: (pmbus/adm1266) reject short block-read responses in the GPIO accessors (git-fixes).\n- hwmon: (pmbus/adm1266) seed timestamp from the real-time clock (git-fixes).\n- hwmon: (pmbus/adm1266) widen blackbox-info buffer to I2C_SMBUS_BLOCK_MAX (git-fixes).\n- hwrng: jh7110 - fix refcount leak in starfive_trng_read() (git-fixes).\n- hwrng: virtio: clamp device-reported used.len at copy_data() (git-fixes).\n- hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).\n- i2c: core: fix irq domain leak on adapter registration failure (git-fixes).\n- i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (git-fixes).\n- i2c: stm32f7: fix timing computation ignoring i2c-analog-filter (git-fixes).\n- i2c: tegra: Fix NOIRQ suspend/resume (git-fixes).\n- iio: adc: viperboard: Fix error handling in vprbrd_iio_read_raw (git-fixes).\n- iio: adc: xilinx-xadc: Fix sequencer mode in postdisable for dual mux (git-fixes).\n- iio: buffer: hw-consumer: fix use-after-free in error path (git-fixes).\n- iio: dac: ad5686: acquire lock when doing powerdown control (git-fixes).\n- iio: dac: ad5686: fix input raw value check (git-fixes).\n- iio: dac: max5821: fix return value check in powerdown sync (git-fixes).\n- iio: gyro: itg3200: fix i2c read into the wrong stack location (git-fixes).\n- iio: imu: st_lsm6dsx: fix stack leak in tagged FIFO buffer (git-fixes).\n- iio: light: cm3323: fix reg_conf not being initialized correctly (git-fixes).\n- iio: magnetometer: st_magn: fix default DRDY pin selection for LIS2MDL (git-fixes).\n- iio: ssp_sensors: cancel delayed work_refresh on remove (git-fixes).\n- iio: temperature: tsys01: fix broken PROM checksum validation (git-fixes).\n- kabi: arm64: module: Update missing .init.text.ftrace_trampoline section message (bsc#1265579 bsc#1265170).\n- linux/dim: move useful macros to .h file (bsc#1261256).\n- misc: fastrpc: Fix NULL pointer dereference in rpmsg callback (git-fixes).\n- misc: fastrpc: fix DMA address corruption due to find_vma misuse (git-fixes).\n- misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (git-fixes).\n- misc: fastrpc: fix use-after-free race in fastrpc_map_create (git-fixes).\n- mmc: core: Fix host controller programming for fixed driver type (git-fixes).\n- mmc: litex_mmc: Set mandatory idle clocks before CMD0 (git-fixes).\n- mmc: litex_mmc: Use DIV_ROUND_UP for more accurate clock calculation (git-fixes).\n- mmc: renesas_sdhi: Add OF entry for RZ/G2H SoC (git-fixes).\n- mmc: sdhci: add signal voltage switch in sdhci_resume_host (git-fixes).\n- net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).\n- net: gro: do not merge zcopy skbs (git-fixes).\n- net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes).\n- net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).\n- net: mana: Add support for RX CQE Coalescing (bsc#1261256).\n- net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414).\n- net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928).\n- net: mana: Skip redundant detach on already-detached port (git-fixes).\n- net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765).\n- net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765).\n- net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes).\n- net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402).\n- net: wwan: iosm: fix potential memory leaks in ipc_imem_init() (git-fixes).\n- phy: marvell: mvebu-a3700-utmi: fix incorrect USB2_PHY_CTRL register access (git-fixes).\n- platform/x86: adv_swbutton: Check ACPI_HANDLE() against NULL (git-fixes).\n- platform/x86: hp_accel: Check ACPI_COMPANION() against NULL (git-fixes).\n- platform/x86: intel-hid: Check ACPI_HANDLE() against NULL (git-fixes).\n- platform/x86: intel-vbtn: Check ACPI_HANDLE() against NULL (git-fixes).\n- r8152: fix incorrect register write to USB_UPHY_XTAL (git-fixes).\n- rpm/check-for-config-changes: ignore Rust-related configs (bsc#1258538).\n- rpm/mkspec: Conditionally set Rust BuildReqs (bsc#1258538).\n- rpm: Add BuildRequires for Rust enablement (bsc#1258538).\n- s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1263068).\n- s390/entry: Scrub r12 register on kernel entry (bsc#1263068).\n- s390/syscalls: Add spectre boundary for syscall dispatch table (bsc#1263068).\n- sched/rt: Skip currently executing CPU in rto_next_cpu() (bsc#1262649).\n- security/keys: fix missed RCU read section on lookup (stable-fixes).\n- serial: fsl_lpuart: fix rx buffer and DMA map leaks in start_rx_dma (git-fixes).\n- serial: qcom-geni: fix UART_RX_PAR_EN bit position (git-fixes).\n- slimbus: qcom-ngd-ctrl: fix OF node refcount (git-fixes).\n- smb: client: correctly handle ErrorContextData as a flexible array (git-fixes)\n- smb: client: reject userspace cifs.spnego descriptions (bsc#1266238).\n- soc: fsl: qe: panic on ioremap() failure in qe_reset() (git-fixes).\n- soc: ti: k3-ringacc: Fix access mode for k3_ringacc_ring_pop_tail_io/proxy (git-fixes).\n- spi: at91-usart: drop dead runtime pm support (git-fixes).\n- spi: ep93xx: fix double-free of zeropage on DMA setup failure (git-fixes).\n- spi: fsl-lpspi: replace dmaengine_terminate_all() with dmaengine_terminate_sync() (git-fixes).\n- spi: fsl-lpspi: terminate the RX channel on TX prepare failure path (git-fixes).\n- spi: meson-spifc: fix runtime PM leak on remove (git-fixes).\n- spi: mtk-snfi: Fix resource leak in mtk_snand_read_page_cache() (git-fixes).\n- spi: sprd: fix error pointer deref after DMA setup failure (git-fixes).\n- spi: st-ssc4: switch to use modern name (stable-fixes).\n- spi: ti-qspi: fix use-after-free after DMA setup failure (git-fixes).\n- spi: xilinx: use FIFO occupancy register to determine buffer size (git-fixes).\n- string: add mem_is_zero() helper to check if memory area is all zeros (stable-fixes).\n- thermal: hwmon: Fix critical temperature attribute removal (git-fixes).\n- thunderbolt: Bound root directory content to block size (git-fixes).\n- thunderbolt: Clamp XDomain response data copy to allocation size (git-fixes).\n- thunderbolt: Limit XDomain response copy to actual frame size (git-fixes).\n- thunderbolt: Reject zero-length property entries in validator (git-fixes).\n- thunderbolt: Validate XDomain request packet size before type cast (git-fixes).\n- thunderbolt: property: Reject dir_len \u0026lt; 4 to prevent size_t underflow (git-fixes).\n- thunderbolt: property: Reject u32 wrap in tb_property_entry_valid() (git-fixes).\n- tracing: Switch trace_osnoise.c code over to use guard() and __free() (bsc#1262634).\n- tty: serial: pch_uart: add check for dma_alloc_coherent() (git-fixes).\n- usb: cdns3: gadget: fix request skipping after clearing halt (git-fixes).\n- usb: cdns3: plat: fix unbalanced pm_runtime_forbid() call permanently leaks the runtime PM usage counter across bind/unbind cycles (git-fixes).\n- usb: chipidea: core: convert ci_role_switch to local variable (git-fixes).\n- usb: dwc2: Fix use after free in debug code (git-fixes).\n- usb: gadget: composite: fix integer underflow in WebUSB GET_URL handling (git-fixes).\n- usb: gadget: dummy_hcd: Reject hub port requests for non-existent ports (git-fixes).\n- usb: gadget: f_fs: copy only received bytes on short ep0 read (git-fixes).\n- usb: gadget: f_hid: fix device reference leak in hidg_alloc() (git-fixes).\n- usb: gadget: net2280: Fix double free in probe error path (git-fixes).\n- usb: usbtmc: check URB actual_length for interrupt-IN notifications (git-fixes).\n- usb: usbtmc: reject interrupt endpoints with small wMaxPacketSize (git-fixes).\n- usbip: vudc: Fix use after free bug in vudc_remove due to race condition (git-fixes).\n- watchdog: apple: Add \"apple,t8103-wdt\" compatible (git-fixes).\n- watchdog: sp5100_tco: Use EFCH MMIO for newer Hygon FCH (git-fixes).\n- watchdog: sprd_wdt: Remove redundant sprd_wdt_disable() on register failure (git-fixes).\n- watchdog: unregister PM notifier on watchdog unregister (git-fixes).\n- wifi: ath10k: skip WMI and beacon transmission when device is wedged (git-fixes).\n- wifi: ath11k: clear shared SRNG pointer state on restart (git-fixes).\n- wifi: ath11k: fix error path leak in ath11k_tm_cmd_wmi_ftm() (git-fixes).\n- wifi: ath11k: fix error path leaks in some WMI WOW calls (git-fixes).\n- wifi: ath11k: fix error path leaks in some WMI calls (git-fixes).\n- wifi: ath11k: fix peer resolution on rx path when peer_id=0 (git-fixes).\n- wifi: ath11k: fix use after free in ath11k_dp_rx_msdu_coalesce() (git-fixes).\n- wifi: ath11k: fix warning when unbinding (git-fixes).\n- wifi: ath9k: fix OOB access from firmware tx status queue ID (git-fixes).\n- wifi: cfg80211: advance loop vars in cfg80211_merge_profile() (git-fixes).\n- wifi: cfg80211: fix grammar in MLO group key error message (git-fixes).\n- wifi: mac80211: consume only present negotiated TTLM maps (git-fixes).\n- wifi: mac80211: fix monitor mode frame capture for real chanctx drivers (git-fixes).\n- wifi: mac80211: limit injected antenna index in ieee80211_parse_tx_radiotap (git-fixes).\n- wifi: mt76: fix argument to ieee80211_is_first_frag() (git-fixes).\n- wifi: mt76: mt7915: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7921: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7925: clean up DMA on probe failure (git-fixes).\n- wifi: mt76: mt7925: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7996: fix potential tx_retries underflow (git-fixes).\n- wifi: nl80211: reject oversized EMA RNR lists (git-fixes).\n- wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor (git-fixes).\n- wifi: rtw88: fix OOB read from firmware RX descriptor exceeding DMA buffer (git-fixes).\n- wifi: rtw88: increase TX report timeout to fix race condition (git-fixes).\n- wifi: rtw88: usb: fix memory leaks on USB write failures (git-fixes).\n- wifi: rtw89: Correct data type for scan index to avoid infinite loop (git-fixes).\n- wifi: wcn36xx: fix OOB read from firmware count in PRINT_REG_INFO indication (git-fixes).\n- wifi: wcn36xx: fix OOB read from short trigger BA firmware response (git-fixes).\n- wifi: wcn36xx: fix heap overflow from oversized firmware HAL response (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-498",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22433-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22433-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622433-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22433-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-July/047862.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248235",
"url": "https://bugzilla.suse.com/1248235"
},
{
"category": "self",
"summary": "SUSE Bug 1255416",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1258538",
"url": "https://bugzilla.suse.com/1258538"
},
{
"category": "self",
"summary": "SUSE Bug 1260502",
"url": "https://bugzilla.suse.com/1260502"
},
{
"category": "self",
"summary": "SUSE Bug 1260584",
"url": "https://bugzilla.suse.com/1260584"
},
{
"category": "self",
"summary": "SUSE Bug 1261256",
"url": "https://bugzilla.suse.com/1261256"
},
{
"category": "self",
"summary": "SUSE Bug 1261619",
"url": "https://bugzilla.suse.com/1261619"
},
{
"category": "self",
"summary": "SUSE Bug 1261791",
"url": "https://bugzilla.suse.com/1261791"
},
{
"category": "self",
"summary": "SUSE Bug 1262085",
"url": "https://bugzilla.suse.com/1262085"
},
{
"category": "self",
"summary": "SUSE Bug 1262392",
"url": "https://bugzilla.suse.com/1262392"
},
{
"category": "self",
"summary": "SUSE Bug 1262606",
"url": "https://bugzilla.suse.com/1262606"
},
{
"category": "self",
"summary": "SUSE Bug 1262615",
"url": "https://bugzilla.suse.com/1262615"
},
{
"category": "self",
"summary": "SUSE Bug 1262617",
"url": "https://bugzilla.suse.com/1262617"
},
{
"category": "self",
"summary": "SUSE Bug 1262619",
"url": "https://bugzilla.suse.com/1262619"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262622",
"url": "https://bugzilla.suse.com/1262622"
},
{
"category": "self",
"summary": "SUSE Bug 1262624",
"url": "https://bugzilla.suse.com/1262624"
},
{
"category": "self",
"summary": "SUSE Bug 1262634",
"url": "https://bugzilla.suse.com/1262634"
},
{
"category": "self",
"summary": "SUSE Bug 1262649",
"url": "https://bugzilla.suse.com/1262649"
},
{
"category": "self",
"summary": "SUSE Bug 1262656",
"url": "https://bugzilla.suse.com/1262656"
},
{
"category": "self",
"summary": "SUSE Bug 1262663",
"url": "https://bugzilla.suse.com/1262663"
},
{
"category": "self",
"summary": "SUSE Bug 1262668",
"url": "https://bugzilla.suse.com/1262668"
},
{
"category": "self",
"summary": "SUSE Bug 1262674",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "self",
"summary": "SUSE Bug 1262748",
"url": "https://bugzilla.suse.com/1262748"
},
{
"category": "self",
"summary": "SUSE Bug 1262755",
"url": "https://bugzilla.suse.com/1262755"
},
{
"category": "self",
"summary": "SUSE Bug 1262798",
"url": "https://bugzilla.suse.com/1262798"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263006",
"url": "https://bugzilla.suse.com/1263006"
},
{
"category": "self",
"summary": "SUSE Bug 1263068",
"url": "https://bugzilla.suse.com/1263068"
},
{
"category": "self",
"summary": "SUSE Bug 1263115",
"url": "https://bugzilla.suse.com/1263115"
},
{
"category": "self",
"summary": "SUSE Bug 1263123",
"url": "https://bugzilla.suse.com/1263123"
},
{
"category": "self",
"summary": "SUSE Bug 1263137",
"url": "https://bugzilla.suse.com/1263137"
},
{
"category": "self",
"summary": "SUSE Bug 1263143",
"url": "https://bugzilla.suse.com/1263143"
},
{
"category": "self",
"summary": "SUSE Bug 1263152",
"url": "https://bugzilla.suse.com/1263152"
},
{
"category": "self",
"summary": "SUSE Bug 1263178",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "self",
"summary": "SUSE Bug 1263319",
"url": "https://bugzilla.suse.com/1263319"
},
{
"category": "self",
"summary": "SUSE Bug 1263562",
"url": "https://bugzilla.suse.com/1263562"
},
{
"category": "self",
"summary": "SUSE Bug 1263563",
"url": "https://bugzilla.suse.com/1263563"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263724",
"url": "https://bugzilla.suse.com/1263724"
},
{
"category": "self",
"summary": "SUSE Bug 1263769",
"url": "https://bugzilla.suse.com/1263769"
},
{
"category": "self",
"summary": "SUSE Bug 1263774",
"url": "https://bugzilla.suse.com/1263774"
},
{
"category": "self",
"summary": "SUSE Bug 1263790",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "self",
"summary": "SUSE Bug 1263879",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "self",
"summary": "SUSE Bug 1263880",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "self",
"summary": "SUSE Bug 1263883",
"url": "https://bugzilla.suse.com/1263883"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263932",
"url": "https://bugzilla.suse.com/1263932"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263945",
"url": "https://bugzilla.suse.com/1263945"
},
{
"category": "self",
"summary": "SUSE Bug 1263993",
"url": "https://bugzilla.suse.com/1263993"
},
{
"category": "self",
"summary": "SUSE Bug 1263996",
"url": "https://bugzilla.suse.com/1263996"
},
{
"category": "self",
"summary": "SUSE Bug 1264000",
"url": "https://bugzilla.suse.com/1264000"
},
{
"category": "self",
"summary": "SUSE Bug 1264011",
"url": "https://bugzilla.suse.com/1264011"
},
{
"category": "self",
"summary": "SUSE Bug 1264045",
"url": "https://bugzilla.suse.com/1264045"
},
{
"category": "self",
"summary": "SUSE Bug 1264063",
"url": "https://bugzilla.suse.com/1264063"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264080",
"url": "https://bugzilla.suse.com/1264080"
},
{
"category": "self",
"summary": "SUSE Bug 1264084",
"url": "https://bugzilla.suse.com/1264084"
},
{
"category": "self",
"summary": "SUSE Bug 1264093",
"url": "https://bugzilla.suse.com/1264093"
},
{
"category": "self",
"summary": "SUSE Bug 1264116",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "self",
"summary": "SUSE Bug 1264124",
"url": "https://bugzilla.suse.com/1264124"
},
{
"category": "self",
"summary": "SUSE Bug 1264137",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "self",
"summary": "SUSE Bug 1264145",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "self",
"summary": "SUSE Bug 1264184",
"url": "https://bugzilla.suse.com/1264184"
},
{
"category": "self",
"summary": "SUSE Bug 1264239",
"url": "https://bugzilla.suse.com/1264239"
},
{
"category": "self",
"summary": "SUSE Bug 1264243",
"url": "https://bugzilla.suse.com/1264243"
},
{
"category": "self",
"summary": "SUSE Bug 1264245",
"url": "https://bugzilla.suse.com/1264245"
},
{
"category": "self",
"summary": "SUSE Bug 1264255",
"url": "https://bugzilla.suse.com/1264255"
},
{
"category": "self",
"summary": "SUSE Bug 1264263",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "self",
"summary": "SUSE Bug 1264266",
"url": "https://bugzilla.suse.com/1264266"
},
{
"category": "self",
"summary": "SUSE Bug 1264300",
"url": "https://bugzilla.suse.com/1264300"
},
{
"category": "self",
"summary": "SUSE Bug 1264409",
"url": "https://bugzilla.suse.com/1264409"
},
{
"category": "self",
"summary": "SUSE Bug 1264430",
"url": "https://bugzilla.suse.com/1264430"
},
{
"category": "self",
"summary": "SUSE Bug 1264437",
"url": "https://bugzilla.suse.com/1264437"
},
{
"category": "self",
"summary": "SUSE Bug 1264444",
"url": "https://bugzilla.suse.com/1264444"
},
{
"category": "self",
"summary": "SUSE Bug 1264449",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264476",
"url": "https://bugzilla.suse.com/1264476"
},
{
"category": "self",
"summary": "SUSE Bug 1264484",
"url": "https://bugzilla.suse.com/1264484"
},
{
"category": "self",
"summary": "SUSE Bug 1264549",
"url": "https://bugzilla.suse.com/1264549"
},
{
"category": "self",
"summary": "SUSE Bug 1264551",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "self",
"summary": "SUSE Bug 1264561",
"url": "https://bugzilla.suse.com/1264561"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264669",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "self",
"summary": "SUSE Bug 1264671",
"url": "https://bugzilla.suse.com/1264671"
},
{
"category": "self",
"summary": "SUSE Bug 1264672",
"url": "https://bugzilla.suse.com/1264672"
},
{
"category": "self",
"summary": "SUSE Bug 1264716",
"url": "https://bugzilla.suse.com/1264716"
},
{
"category": "self",
"summary": "SUSE Bug 1264719",
"url": "https://bugzilla.suse.com/1264719"
},
{
"category": "self",
"summary": "SUSE Bug 1264720",
"url": "https://bugzilla.suse.com/1264720"
},
{
"category": "self",
"summary": "SUSE Bug 1264722",
"url": "https://bugzilla.suse.com/1264722"
},
{
"category": "self",
"summary": "SUSE Bug 1264726",
"url": "https://bugzilla.suse.com/1264726"
},
{
"category": "self",
"summary": "SUSE Bug 1264741",
"url": "https://bugzilla.suse.com/1264741"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1264765",
"url": "https://bugzilla.suse.com/1264765"
},
{
"category": "self",
"summary": "SUSE Bug 1264805",
"url": "https://bugzilla.suse.com/1264805"
},
{
"category": "self",
"summary": "SUSE Bug 1264989",
"url": "https://bugzilla.suse.com/1264989"
},
{
"category": "self",
"summary": "SUSE Bug 1265020",
"url": "https://bugzilla.suse.com/1265020"
},
{
"category": "self",
"summary": "SUSE Bug 1265044",
"url": "https://bugzilla.suse.com/1265044"
},
{
"category": "self",
"summary": "SUSE Bug 1265073",
"url": "https://bugzilla.suse.com/1265073"
},
{
"category": "self",
"summary": "SUSE Bug 1265103",
"url": "https://bugzilla.suse.com/1265103"
},
{
"category": "self",
"summary": "SUSE Bug 1265110",
"url": "https://bugzilla.suse.com/1265110"
},
{
"category": "self",
"summary": "SUSE Bug 1265128",
"url": "https://bugzilla.suse.com/1265128"
},
{
"category": "self",
"summary": "SUSE Bug 1265143",
"url": "https://bugzilla.suse.com/1265143"
},
{
"category": "self",
"summary": "SUSE Bug 1265170",
"url": "https://bugzilla.suse.com/1265170"
},
{
"category": "self",
"summary": "SUSE Bug 1265240",
"url": "https://bugzilla.suse.com/1265240"
},
{
"category": "self",
"summary": "SUSE Bug 1265579",
"url": "https://bugzilla.suse.com/1265579"
},
{
"category": "self",
"summary": "SUSE Bug 1265628",
"url": "https://bugzilla.suse.com/1265628"
},
{
"category": "self",
"summary": "SUSE Bug 1265928",
"url": "https://bugzilla.suse.com/1265928"
},
{
"category": "self",
"summary": "SUSE Bug 1265960",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "self",
"summary": "SUSE Bug 1266001",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "self",
"summary": "SUSE Bug 1266009",
"url": "https://bugzilla.suse.com/1266009"
},
{
"category": "self",
"summary": "SUSE Bug 1266214",
"url": "https://bugzilla.suse.com/1266214"
},
{
"category": "self",
"summary": "SUSE Bug 1266238",
"url": "https://bugzilla.suse.com/1266238"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266307",
"url": "https://bugzilla.suse.com/1266307"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266394",
"url": "https://bugzilla.suse.com/1266394"
},
{
"category": "self",
"summary": "SUSE Bug 1266395",
"url": "https://bugzilla.suse.com/1266395"
},
{
"category": "self",
"summary": "SUSE Bug 1266397",
"url": "https://bugzilla.suse.com/1266397"
},
{
"category": "self",
"summary": "SUSE Bug 1266400",
"url": "https://bugzilla.suse.com/1266400"
},
{
"category": "self",
"summary": "SUSE Bug 1266402",
"url": "https://bugzilla.suse.com/1266402"
},
{
"category": "self",
"summary": "SUSE Bug 1266414",
"url": "https://bugzilla.suse.com/1266414"
},
{
"category": "self",
"summary": "SUSE Bug 1266452",
"url": "https://bugzilla.suse.com/1266452"
},
{
"category": "self",
"summary": "SUSE Bug 1266696",
"url": "https://bugzilla.suse.com/1266696"
},
{
"category": "self",
"summary": "SUSE Bug 1266697",
"url": "https://bugzilla.suse.com/1266697"
},
{
"category": "self",
"summary": "SUSE Bug 1266698",
"url": "https://bugzilla.suse.com/1266698"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266705",
"url": "https://bugzilla.suse.com/1266705"
},
{
"category": "self",
"summary": "SUSE Bug 1266711",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "self",
"summary": "SUSE Bug 1266720",
"url": "https://bugzilla.suse.com/1266720"
},
{
"category": "self",
"summary": "SUSE Bug 1266759",
"url": "https://bugzilla.suse.com/1266759"
},
{
"category": "self",
"summary": "SUSE Bug 1266765",
"url": "https://bugzilla.suse.com/1266765"
},
{
"category": "self",
"summary": "SUSE Bug 1266767",
"url": "https://bugzilla.suse.com/1266767"
},
{
"category": "self",
"summary": "SUSE Bug 1266810",
"url": "https://bugzilla.suse.com/1266810"
},
{
"category": "self",
"summary": "SUSE Bug 1266816",
"url": "https://bugzilla.suse.com/1266816"
},
{
"category": "self",
"summary": "SUSE Bug 1266826",
"url": "https://bugzilla.suse.com/1266826"
},
{
"category": "self",
"summary": "SUSE Bug 1266827",
"url": "https://bugzilla.suse.com/1266827"
},
{
"category": "self",
"summary": "SUSE Bug 1266878",
"url": "https://bugzilla.suse.com/1266878"
},
{
"category": "self",
"summary": "SUSE Bug 1266889",
"url": "https://bugzilla.suse.com/1266889"
},
{
"category": "self",
"summary": "SUSE Bug 1266895",
"url": "https://bugzilla.suse.com/1266895"
},
{
"category": "self",
"summary": "SUSE Bug 1266901",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "self",
"summary": "SUSE Bug 1266903",
"url": "https://bugzilla.suse.com/1266903"
},
{
"category": "self",
"summary": "SUSE Bug 1266916",
"url": "https://bugzilla.suse.com/1266916"
},
{
"category": "self",
"summary": "SUSE Bug 1266922",
"url": "https://bugzilla.suse.com/1266922"
},
{
"category": "self",
"summary": "SUSE Bug 1266927",
"url": "https://bugzilla.suse.com/1266927"
},
{
"category": "self",
"summary": "SUSE Bug 1266933",
"url": "https://bugzilla.suse.com/1266933"
},
{
"category": "self",
"summary": "SUSE Bug 1266969",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "self",
"summary": "SUSE Bug 1266972",
"url": "https://bugzilla.suse.com/1266972"
},
{
"category": "self",
"summary": "SUSE Bug 1267205",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "self",
"summary": "SUSE Bug 1267208",
"url": "https://bugzilla.suse.com/1267208"
},
{
"category": "self",
"summary": "SUSE Bug 1267214",
"url": "https://bugzilla.suse.com/1267214"
},
{
"category": "self",
"summary": "SUSE Bug 1267218",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "self",
"summary": "SUSE Bug 1267220",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "self",
"summary": "SUSE Bug 1267222",
"url": "https://bugzilla.suse.com/1267222"
},
{
"category": "self",
"summary": "SUSE Bug 1267361",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "self",
"summary": "SUSE Bug 1267381",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267431",
"url": "https://bugzilla.suse.com/1267431"
},
{
"category": "self",
"summary": "SUSE Bug 1267531",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "self",
"summary": "SUSE Bug 1267621",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267626",
"url": "https://bugzilla.suse.com/1267626"
},
{
"category": "self",
"summary": "SUSE Bug 1267628",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "self",
"summary": "SUSE Bug 1267640",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267652",
"url": "https://bugzilla.suse.com/1267652"
},
{
"category": "self",
"summary": "SUSE Bug 1267654",
"url": "https://bugzilla.suse.com/1267654"
},
{
"category": "self",
"summary": "SUSE Bug 1267663",
"url": "https://bugzilla.suse.com/1267663"
},
{
"category": "self",
"summary": "SUSE Bug 1267682",
"url": "https://bugzilla.suse.com/1267682"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267697",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "self",
"summary": "SUSE Bug 1267726",
"url": "https://bugzilla.suse.com/1267726"
},
{
"category": "self",
"summary": "SUSE Bug 1267732",
"url": "https://bugzilla.suse.com/1267732"
},
{
"category": "self",
"summary": "SUSE Bug 1267744",
"url": "https://bugzilla.suse.com/1267744"
},
{
"category": "self",
"summary": "SUSE Bug 1268307",
"url": "https://bugzilla.suse.com/1268307"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68324 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23303 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23327 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23438 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23444 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31396 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31429 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31446 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31448 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31453 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31454 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31455 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31464 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31473 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31480 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31493 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31495 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31516 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31518 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31546 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31580 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31590 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31592 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31596 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31613 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31614 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31629 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31655 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31665 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31671 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31673 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31678 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31697 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31698 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31699 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31703 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31752 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31758 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31767 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31771 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43013 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43023 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43026 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43030 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43035 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43040 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43049 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43052 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43054 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43059 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43065 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43066 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43068 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43074 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43109 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43171 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43206 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43234 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43249 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43252 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43261 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43284 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43296 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43325 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43333 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43338 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43341 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43345 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43360 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43361 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43362 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43407 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43411 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43413 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43455 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43470 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43483 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43491 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43501 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43503 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45840 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45842 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45843 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45846 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45852 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45856 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45862 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45878 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45886 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45894 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45910 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45932 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45940 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45961 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45964 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45970 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45974 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45983 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46021 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46043 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46079 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46090 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46094 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46110 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46111 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46113 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46114 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46123 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46157 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46159 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46176 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46181 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46197 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46209 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46227 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-06-30T17:41:36Z",
"generator": {
"date": "2026-06-30T17:41:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22433-1",
"initial_release_date": "2026-06-30T17:41:36Z",
"revision_history": [
{
"date": "2026-06-30T17:41:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-48.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-48.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-48.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-48.1.noarch",
"product_id": "kernel-source-rt-6.4.0-48.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-48.1.x86_64",
"product_id": "kernel-rt-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
},
{
"category": "external",
"summary": "SUSE Bug 1270230 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1270230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-38549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths\n\nWhen processing mount options, efivarfs allocates efivarfs_fs_info (sfi)\nearly in fs_context initialization. However, sfi is associated with the\nsuperblock and typically freed when the superblock is destroyed. If the\nfs_context is released (final put) before fill_super is called-such as\non error paths or during reconfiguration-the sfi structure would leak,\nas ownership never transfers to the superblock.\n\nImplement the .free callback in efivarfs_context_ops to ensure any\nallocated sfi is properly freed if the fs_context is torn down before\nfill_super, preventing this memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38549",
"url": "https://www.suse.com/security/cve/CVE-2025-38549"
},
{
"category": "external",
"summary": "SUSE Bug 1248235 for CVE-2025-38549",
"url": "https://bugzilla.suse.com/1248235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2025-38549"
},
{
"cve": "CVE-2025-68324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: imm: Fix use-after-free bug caused by unfinished delayed work\n\nThe delayed work item \u0027imm_tq\u0027 is initialized in imm_attach() and\nscheduled via imm_queuecommand() for processing SCSI commands. When the\nIMM parallel port SCSI host adapter is detached through imm_detach(),\nthe imm_struct device instance is deallocated.\n\nHowever, the delayed work might still be pending or executing\nwhen imm_detach() is called, leading to use-after-free bugs\nwhen the work function imm_interrupt() accesses the already\nfreed imm_struct memory.\n\nThe race condition can occur as follows:\n\nCPU 0(detach thread) | CPU 1\n | imm_queuecommand()\n | imm_queuecommand_lck()\nimm_detach() | schedule_delayed_work()\n kfree(dev) //FREE | imm_interrupt()\n | dev = container_of(...) //USE\n dev-\u003e //USE\n\nAdd disable_delayed_work_sync() in imm_detach() to guarantee proper\ncancellation of the delayed work item before imm_struct is deallocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68324",
"url": "https://www.suse.com/security/cve/CVE-2025-68324"
},
{
"category": "external",
"summary": "SUSE Bug 1255416 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "external",
"summary": "SUSE Bug 1257117 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1257117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-68324"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2026-23303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds\n\nWhen debug logging is enabled, cifs_set_cifscreds() logs the key\npayload and exposes the plaintext username and password. Remove the\ndebug log to avoid exposing credentials.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23303",
"url": "https://www.suse.com/security/cve/CVE-2026-23303"
},
{
"category": "external",
"summary": "SUSE Bug 1260502 for CVE-2026-23303",
"url": "https://bugzilla.suse.com/1260502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23303"
},
{
"cve": "CVE-2026-23327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23327"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()\n\ncxl_payload_from_user_allowed() casts and dereferences the input\npayload without first verifying its size. When a raw mailbox command\nis sent with an undersized payload (ie: 1 byte for CXL_MBOX_OP_CLEAR_LOG,\nwhich expects a 16-byte UUID), uuid_equal() reads past the allocated buffer,\ntriggering a KASAN splat:\n\nBUG: KASAN: slab-out-of-bounds in memcmp+0x176/0x1d0 lib/string.c:683\nRead of size 8 at addr ffff88810130f5c0 by task syz.1.62/2258\n\nCPU: 2 UID: 0 PID: 2258 Comm: syz.1.62 Not tainted 6.19.0-dirty #3 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xab/0xe0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xce/0x650 mm/kasan/report.c:482\n kasan_report+0xce/0x100 mm/kasan/report.c:595\n memcmp+0x176/0x1d0 lib/string.c:683\n uuid_equal include/linux/uuid.h:73 [inline]\n cxl_payload_from_user_allowed drivers/cxl/core/mbox.c:345 [inline]\n cxl_mbox_cmd_ctor drivers/cxl/core/mbox.c:368 [inline]\n cxl_validate_cmd_from_user drivers/cxl/core/mbox.c:522 [inline]\n cxl_send_cmd+0x9c0/0xb50 drivers/cxl/core/mbox.c:643\n __cxl_memdev_ioctl drivers/cxl/core/memdev.c:698 [inline]\n cxl_memdev_ioctl+0x14f/0x190 drivers/cxl/core/memdev.c:713\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa8/0x330 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fdaf331ba79\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fdaf1d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fdaf3585fa0 RCX: 00007fdaf331ba79\nRDX: 00002000000001c0 RSI: 00000000c030ce02 RDI: 0000000000000003\nRBP: 00007fdaf33749df R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fdaf3586038 R14: 00007fdaf3585fa0 R15: 00007ffced2af768\n \u003c/TASK\u003e\n\nAdd \u0027in_size\u0027 parameter to cxl_payload_from_user_allowed() and validate\nthe payload is large enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23327",
"url": "https://www.suse.com/security/cve/CVE-2026-23327"
},
{
"category": "external",
"summary": "SUSE Bug 1260548 for CVE-2026-23327",
"url": "https://bugzilla.suse.com/1260548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23327"
},
{
"cve": "CVE-2026-23359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stack-out-of-bounds write in devmap\n\nget_upper_ifindexes() iterates over all upper devices and writes their\nindices into an array without checking bounds.\n\nAlso the callers assume that the max number of upper devices is\nMAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack,\nbut that assumption is not correct and the number of upper devices could\nbe larger than MAX_NEST_DEV (e.g., many macvlans), causing a\nstack-out-of-bounds write.\n\nAdd a max parameter to get_upper_ifindexes() to avoid the issue.\nWhen there are too many upper devices, return -EOVERFLOW and abort the\nredirect.\n\nTo reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with\nan XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS.\nThen send a packet to the device to trigger the XDP redirect path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23359",
"url": "https://www.suse.com/security/cve/CVE-2026-23359"
},
{
"category": "external",
"summary": "SUSE Bug 1260584 for CVE-2026-23359",
"url": "https://bugzilla.suse.com/1260584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23359"
},
{
"cve": "CVE-2026-23438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23438"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: guard flow control update with global_tx_fc in buffer switching\n\nmvpp2_bm_switch_buffers() unconditionally calls\nmvpp2_bm_pool_update_priv_fc() when switching between per-cpu and\nshared buffer pool modes. This function programs CM3 flow control\nregisters via mvpp2_cm3_read()/mvpp2_cm3_write(), which dereference\npriv-\u003ecm3_base without any NULL check.\n\nWhen the CM3 SRAM resource is not present in the device tree (the\nthird reg entry added by commit 60523583b07c (\"dts: marvell: add CM3\nSRAM memory to cp11x ethernet device tree\")), priv-\u003ecm3_base remains\nNULL and priv-\u003eglobal_tx_fc is false. Any operation that triggers\nmvpp2_bm_switch_buffers(), for example an MTU change that crosses\nthe jumbo frame threshold, will crash:\n\n Unable to handle kernel NULL pointer dereference at\n virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n pc : readl+0x0/0x18\n lr : mvpp2_cm3_read.isra.0+0x14/0x20\n Call trace:\n readl+0x0/0x18\n mvpp2_bm_pool_update_fc+0x40/0x12c\n mvpp2_bm_pool_update_priv_fc+0x94/0xd8\n mvpp2_bm_switch_buffers.isra.0+0x80/0x1c0\n mvpp2_change_mtu+0x140/0x380\n __dev_set_mtu+0x1c/0x38\n dev_set_mtu_ext+0x78/0x118\n dev_set_mtu+0x48/0xa8\n dev_ifsioc+0x21c/0x43c\n dev_ioctl+0x2d8/0x42c\n sock_ioctl+0x314/0x378\n\nEvery other flow control call site in the driver already guards\nhardware access with either priv-\u003eglobal_tx_fc or port-\u003etx_fc.\nmvpp2_bm_switch_buffers() is the only place that omits this check.\n\nAdd the missing priv-\u003eglobal_tx_fc guard to both the disable and\nre-enable calls in mvpp2_bm_switch_buffers(), consistent with the\nrest of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23438",
"url": "https://www.suse.com/security/cve/CVE-2026-23438"
},
{
"category": "external",
"summary": "SUSE Bug 1261619 for CVE-2026-23438",
"url": "https://bugzilla.suse.com/1261619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23438"
},
{
"cve": "CVE-2026-23444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure\n\nieee80211_tx_prepare_skb() has three error paths, but only two of them\nfree the skb. The first error path (ieee80211_tx_prepare() returning\nTX_DROP) does not free it, while invoke_tx_handlers() failure and the\nfragmentation check both do.\n\nAdd kfree_skb() to the first error path so all three are consistent,\nand remove the now-redundant frees in callers (ath9k, mt76,\nmac80211_hwsim) to avoid double-free.\n\nDocument the skb ownership guarantee in the function\u0027s kdoc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23444",
"url": "https://www.suse.com/security/cve/CVE-2026-23444"
},
{
"category": "external",
"summary": "SUSE Bug 1266307 for CVE-2026-23444",
"url": "https://bugzilla.suse.com/1266307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23444"
},
{
"cve": "CVE-2026-31396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use-after-free access to PTP clock\n\nPTP clock is registered on every opening of the interface and destroyed on\nevery closing. However it may be accessed via get_ts_info ethtool call\nwhich is possible while the interface is just present in the kernel.\n\nBUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\nRead of size 4 at addr ffff8880194345cc by task syz.0.6/948\n\nCPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:316 [inline]\n print_report+0x17f/0x496 mm/kasan/report.c:420\n kasan_report+0xd9/0x180 mm/kasan/report.c:524\n ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\n gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349\n macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371\n __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558\n ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline]\n __dev_ethtool net/ethtool/ioctl.c:3017 [inline]\n dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095\n dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510\n sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215\n sock_ioctl+0x577/0x6d0 net/socket.c:1320\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n \u003c/TASK\u003e\n\nAllocated by task 457:\n kmalloc include/linux/slab.h:563 [inline]\n kzalloc include/linux/slab.h:699 [inline]\n ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235\n gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375\n macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920\n __dev_open+0x2ce/0x500 net/core/dev.c:1501\n __dev_change_flags+0x56a/0x740 net/core/dev.c:8651\n dev_change_flags+0x92/0x170 net/core/dev.c:8722\n do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833\n __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608\n rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655\n rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150\n netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x14b/0x180 net/socket.c:730\n __sys_sendto+0x320/0x3b0 net/socket.c:2152\n __do_sys_sendto net/socket.c:2164 [inline]\n __se_sys_sendto net/socket.c:2160 [inline]\n __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nFreed by task 938:\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1729 [inline]\n slab_free_freelist_hook mm/slub.c:1755 [inline]\n slab_free mm/slub.c:3687 [inline]\n __kmem_cache_free+0xbc/0x320 mm/slub.c:3700\n device_release+0xa0/0x240 drivers/base/core.c:2507\n kobject_cleanup lib/kobject.c:681 [inline]\n kobject_release lib/kobject.c:712 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1cd/0x350 lib/kobject.c:729\n put_device+0x1b/0x30 drivers/base/core.c:3805\n ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391\n gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404\n macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966\n __dev_close_many+0x1b9/0x310 net/core/dev.c:1585\n __dev_close net/core/dev.c:1597 [inline]\n __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649\n dev_change_fl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31396",
"url": "https://www.suse.com/security/cve/CVE-2026-31396"
},
{
"category": "external",
"summary": "SUSE Bug 1261791 for CVE-2026-31396",
"url": "https://bugzilla.suse.com/1261791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31396"
},
{
"cve": "CVE-2026-31414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31414",
"url": "https://www.suse.com/security/cve/CVE-2026-31414"
},
{
"category": "external",
"summary": "SUSE Bug 1262085 for CVE-2026-31414",
"url": "https://bugzilla.suse.com/1262085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31429",
"url": "https://www.suse.com/security/cve/CVE-2026-31429"
},
{
"category": "external",
"summary": "SUSE Bug 1262392 for CVE-2026-31429",
"url": "https://bugzilla.suse.com/1262392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31446"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix use-after-free in update_super_work when racing with umount\n\nCommit b98535d09179 (\"ext4: fix bug_on in start_this_handle during umount\nfilesystem\") moved ext4_unregister_sysfs() before flushing s_sb_upd_work\nto prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups\nreads during unmount. However, this introduced a use-after-free because\nupdate_super_work calls ext4_notify_error_sysfs() -\u003e sysfs_notify() which\naccesses the kobject\u0027s kernfs_node after it has been freed by kobject_del()\nin ext4_unregister_sysfs():\n\n update_super_work ext4_put_super\n ----------------- --------------\n ext4_unregister_sysfs(sb)\n kobject_del(\u0026sbi-\u003es_kobj)\n __kobject_del()\n sysfs_remove_dir()\n kobj-\u003esd = NULL\n sysfs_put(sd)\n kernfs_put() // RCU free\n ext4_notify_error_sysfs(sbi)\n sysfs_notify(\u0026sbi-\u003es_kobj)\n kn = kobj-\u003esd // stale pointer\n kernfs_get(kn) // UAF on freed kernfs_node\n ext4_journal_destroy()\n flush_work(\u0026sbi-\u003es_sb_upd_work)\n\nInstead of reordering the teardown sequence, fix this by making\next4_notify_error_sysfs() detect that sysfs has already been torn down\nby checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call\nin that case. A dedicated mutex (s_error_notify_mutex) serializes\next4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs()\nto prevent TOCTOU races where the kobject could be deleted between the\nstate_in_sysfs check and the sysfs_notify() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31446",
"url": "https://www.suse.com/security/cve/CVE-2026-31446"
},
{
"category": "external",
"summary": "SUSE Bug 1262619 for CVE-2026-31446",
"url": "https://bugzilla.suse.com/1262619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31446"
},
{
"cve": "CVE-2026-31448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid infinite loops caused by residual data\n\nOn the mkdir/mknod path, when mapping logical blocks to physical blocks,\nif inserting a new extent into the extent tree fails (in this example,\nbecause the file system disabled the huge file feature when marking the\ninode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to\nreclaim the physical block without deleting the corresponding data in\nthe extent tree. This causes subsequent mkdir operations to reference\nthe previously reclaimed physical block number again, even though this\nphysical block is already being used by the xattr block. Therefore, a\nsituation arises where both the directory and xattr are using the same\nbuffer head block in memory simultaneously.\n\nThe above causes ext4_xattr_block_set() to enter an infinite loop about\n\"inserted\" and cannot release the inode lock, ultimately leading to the\n143s blocking problem mentioned in [1].\n\nIf the metadata is corrupted, then trying to remove some extent space\ncan do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE\nwas passed, remove space wrongly update quota information.\nJan Kara suggests distinguishing between two cases:\n\n1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully\nconsistent and we must maintain its consistency including all the\naccounting. However these errors can happen only early before we\u0027ve\ninserted the extent into the extent tree. So current code works correctly\nfor this case.\n\n2) Some other error - this means metadata is corrupted. We should strive to\ndo as few modifications as possible to limit damage. So I\u0027d just skip\nfreeing of allocated blocks.\n\n[1]\nINFO: task syz.0.17:5995 blocked for more than 143 seconds.\nCall Trace:\n inode_lock_nested include/linux/fs.h:1073 [inline]\n __start_dirop fs/namei.c:2923 [inline]\n start_dirop fs/namei.c:2934 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31448",
"url": "https://www.suse.com/security/cve/CVE-2026-31448"
},
{
"category": "external",
"summary": "SUSE Bug 1262622 for CVE-2026-31448",
"url": "https://bugzilla.suse.com/1262622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31448"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: avoid dereferencing log items after push callbacks\n\nAfter xfsaild_push_item() calls iop_push(), the log item may have been\nfreed if the AIL lock was dropped during the push. Background inode\nreclaim or the dquot shrinker can free the log item while the AIL lock\nis not held, and the tracepoints in the switch statement dereference\nthe log item after iop_push() returns.\n\nFix this by capturing the log item type, flags, and LSN before calling\nxfsaild_push_item(), and introducing a new xfs_ail_push_class trace\nevent class that takes these pre-captured values and the ailp pointer\ninstead of the log item pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31453",
"url": "https://www.suse.com/security/cve/CVE-2026-31453"
},
{
"category": "external",
"summary": "SUSE Bug 1262617 for CVE-2026-31453",
"url": "https://bugzilla.suse.com/1262617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31453"
},
{
"cve": "CVE-2026-31454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: save ailp before dropping the AIL lock in push callbacks\n\nIn xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock\nis dropped to perform buffer IO. Once the cluster buffer no longer\nprotects the log item from reclaim, the log item may be freed by\nbackground reclaim or the dquot shrinker. The subsequent spin_lock()\ncall dereferences lip-\u003eli_ailp, which is a use-after-free.\n\nFix this by saving the ailp pointer in a local variable while the AIL\nlock is held and the log item is guaranteed to be valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31454",
"url": "https://www.suse.com/security/cve/CVE-2026-31454"
},
{
"category": "external",
"summary": "SUSE Bug 1262624 for CVE-2026-31454",
"url": "https://bugzilla.suse.com/1262624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31454"
},
{
"cve": "CVE-2026-31455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: stop reclaim before pushing AIL during unmount\n\nThe unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while\nbackground reclaim and inodegc are still running. This is broken\nindependently of any use-after-free issues - background reclaim and\ninodegc should not be running while the AIL is being pushed during\nunmount, as inodegc can dirty and insert inodes into the AIL during the\nflush, and background reclaim can race to abort and free dirty inodes.\n\nReorder xfs_unmount_flush_inodes() to stop inodegc and cancel background\nreclaim before pushing the AIL. Stop inodegc before cancelling\nm_reclaim_work because the inodegc worker can re-queue m_reclaim_work\nvia xfs_inodegc_set_reclaimable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31455",
"url": "https://www.suse.com/security/cve/CVE-2026-31455"
},
{
"category": "external",
"summary": "SUSE Bug 1262615 for CVE-2026-31455",
"url": "https://bugzilla.suse.com/1262615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31455"
},
{
"cve": "CVE-2026-31464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()\n\nA malicious or compromised VIO server can return a num_written value in the\ndiscover targets MAD response that exceeds max_targets. This value is\nstored directly in vhost-\u003enum_targets without validation, and is then used\nas the loop bound in ibmvfc_alloc_targets() to index into disc_buf[], which\nis only allocated for max_targets entries. Indices at or beyond max_targets\naccess kernel memory outside the DMA-coherent allocation. The\nout-of-bounds data is subsequently embedded in Implicit Logout and PLOGI\nMADs that are sent back to the VIO server, leaking kernel memory.\n\nFix by clamping num_written to max_targets before storing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31464",
"url": "https://www.suse.com/security/cve/CVE-2026-31464"
},
{
"category": "external",
"summary": "SUSE Bug 1262656 for CVE-2026-31464",
"url": "https://bugzilla.suse.com/1262656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31464"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex\n\nMEDIA_REQUEST_IOC_REINIT can run concurrently with VIDIOC_REQBUFS(0)\nqueue teardown paths. This can race request object cleanup against vb2\nqueue cancellation and lead to use-after-free reports.\n\nWe already serialize request queueing against STREAMON/OFF with\nreq_queue_mutex. Extend that serialization to REQBUFS, and also take\nthe same mutex in media_request_ioctl_reinit() so REINIT is in the\nsame exclusion domain.\n\nThis keeps request cleanup and queue cancellation from running in\nparallel for request-capable devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31473",
"url": "https://www.suse.com/security/cve/CVE-2026-31473"
},
{
"category": "external",
"summary": "SUSE Bug 1262663 for CVE-2026-31473",
"url": "https://bugzilla.suse.com/1262663"
},
{
"category": "external",
"summary": "SUSE Bug 1262775 for CVE-2026-31473",
"url": "https://bugzilla.suse.com/1262775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31473"
},
{
"cve": "CVE-2026-31480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix potential deadlock in cpu hotplug with osnoise\n\nThe following sequence may leads deadlock in cpu hotplug:\n\n task1 task2 task3\n ----- ----- -----\n\n mutex_lock(\u0026interface_lock)\n\n [CPU GOING OFFLINE]\n\n cpus_write_lock();\n osnoise_cpu_die();\n kthread_stop(task3);\n wait_for_completion();\n\n osnoise_sleep();\n mutex_lock(\u0026interface_lock);\n\n cpus_read_lock();\n\n [DEAD LOCK]\n\nFix by swap the order of cpus_read_lock() and mutex_lock(\u0026interface_lock).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31480",
"url": "https://www.suse.com/security/cve/CVE-2026-31480"
},
{
"category": "external",
"summary": "SUSE Bug 1262634 for CVE-2026-31480",
"url": "https://bugzilla.suse.com/1262634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31480"
},
{
"cve": "CVE-2026-31492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Initialize free_qp completion before using it\n\nIn irdma_create_qp, if ib_copy_to_udata fails, it will call\nirdma_destroy_qp to clean up which will attempt to wait on\nthe free_qp completion, which is not initialized yet. Fix this\nby initializing the completion before the ib_copy_to_udata call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31492",
"url": "https://www.suse.com/security/cve/CVE-2026-31492"
},
{
"category": "external",
"summary": "SUSE Bug 1262748 for CVE-2026-31492",
"url": "https://bugzilla.suse.com/1262748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31492"
},
{
"cve": "CVE-2026-31493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31493"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/efa: Fix use of completion ctx after free\n\nOn admin queue completion handling, if the admin command completed with\nerror we print data from the completion context. The issue is that we\nalready freed the completion context in polling/interrupts handler which\nmeans we print data from context in an unknown state (it might be\nalready used again).\nChange the admin submission flow so alloc/dealloc of the context will be\nsymmetric and dealloc will be called after any potential use of the\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31493",
"url": "https://www.suse.com/security/cve/CVE-2026-31493"
},
{
"category": "external",
"summary": "SUSE Bug 1262668 for CVE-2026-31493",
"url": "https://bugzilla.suse.com/1262668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31493"
},
{
"cve": "CVE-2026-31495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31495",
"url": "https://www.suse.com/security/cve/CVE-2026-31495"
},
{
"category": "external",
"summary": "SUSE Bug 1262798 for CVE-2026-31495",
"url": "https://bugzilla.suse.com/1262798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix deadlock in l2cap_conn_del()\n\nl2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer\nand id_addr_timer while holding conn-\u003elock. However, the work functions\nl2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire\nconn-\u003elock, creating a potential AB-BA deadlock if the work is already\nexecuting when l2cap_conn_del() takes the lock.\n\nMove the work cancellations before acquiring conn-\u003elock and use\ndisable_delayed_work_sync() to additionally prevent the works from\nbeing rearmed after cancellation, consistent with the pattern used in\nhci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31499",
"url": "https://www.suse.com/security/cve/CVE-2026-31499"
},
{
"category": "external",
"summary": "SUSE Bug 1262674 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1262674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31499"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: prevent policy_hthresh.work from racing with netns teardown\n\nA XFRM_MSG_NEWSPDINFO request can queue the per-net work item\npolicy_hthresh.work onto the system workqueue.\n\nThe queued callback, xfrm_hash_rebuild(), retrieves the enclosing\nstruct net via container_of(). If the net namespace is torn down\nbefore that work runs, the associated struct net may already have\nbeen freed, and xfrm_hash_rebuild() may then dereference stale memory.\n\nxfrm_policy_fini() already flushes policy_hash_work during teardown,\nbut it does not synchronize policy_hthresh.work.\n\nSynchronize policy_hthresh.work in xfrm_policy_fini() as well, so the\nqueued work cannot outlive the net namespace teardown and access a\nfreed struct net.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31516",
"url": "https://www.suse.com/security/cve/CVE-2026-31516"
},
{
"category": "external",
"summary": "SUSE Bug 1262755 for CVE-2026-31516",
"url": "https://bugzilla.suse.com/1262755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31516"
},
{
"cve": "CVE-2026-31518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nesp: fix skb leak with espintcp and async crypto\n\nWhen the TX queue for espintcp is full, esp_output_tail_tcp will\nreturn an error and not free the skb, because with synchronous crypto,\nthe common xfrm output code will drop the packet for us.\n\nWith async crypto (esp_output_done), we need to drop the skb when\nesp_output_tail_tcp returns an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31518",
"url": "https://www.suse.com/security/cve/CVE-2026-31518"
},
{
"category": "external",
"summary": "SUSE Bug 1262606 for CVE-2026-31518",
"url": "https://bugzilla.suse.com/1262606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31518"
},
{
"cve": "CVE-2026-31546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix NULL deref in bond_debug_rlb_hash_show\n\nrlb_clear_slave intentionally keeps RLB hash-table entries on\nthe rx_hashtbl_used_head list with slave set to NULL when no\nreplacement slave is available. However, bond_debug_rlb_hash_show\nvisites client_info-\u003eslave without checking if it\u0027s NULL.\n\nOther used-list iterators in bond_alb.c already handle this NULL-slave\nstate safely:\n\n- rlb_update_client returns early on !client_info-\u003eslave\n- rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance\ncompare slave values before visiting\n- lb_req_update_subnet_clients continues if slave is NULL\n\nThe following NULL deref crash can be trigger in\nbond_debug_rlb_hash_show:\n\n[ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41)\n[ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286\n[ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204\n[ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078\n[ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000\n[ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0\n[ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8\n[ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000\n[ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0\n[ 1.295897] Call Trace:\n[ 1.296134] seq_read_iter (fs/seq_file.c:231)\n[ 1.296341] seq_read (fs/seq_file.c:164)\n[ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1))\n[ 1.296658] vfs_read (fs/read_write.c:572)\n[ 1.296981] ksys_read (fs/read_write.c:717)\n[ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n[ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nAdd a NULL check and print \"(none)\" for entries with no assigned slave.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31546",
"url": "https://www.suse.com/security/cve/CVE-2026-31546"
},
{
"category": "external",
"summary": "SUSE Bug 1263006 for CVE-2026-31546",
"url": "https://bugzilla.suse.com/1263006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31546"
},
{
"cve": "CVE-2026-31555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31555",
"url": "https://www.suse.com/security/cve/CVE-2026-31555"
},
{
"category": "external",
"summary": "SUSE Bug 1263178 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "external",
"summary": "SUSE Bug 1263179 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix cached_dev.sb_bio use-after-free and crash\n\nIn our production environment, we have received multiple crash reports\nregarding libceph, which have caught our attention:\n\n```\n[6888366.280350] Call Trace:\n[6888366.280452] blk_update_request+0x14e/0x370\n[6888366.280561] blk_mq_end_request+0x1a/0x130\n[6888366.280671] rbd_img_handle_request+0x1a0/0x1b0 [rbd]\n[6888366.280792] rbd_obj_handle_request+0x32/0x40 [rbd]\n[6888366.280903] __complete_request+0x22/0x70 [libceph]\n[6888366.281032] osd_dispatch+0x15e/0xb40 [libceph]\n[6888366.281164] ? inet_recvmsg+0x5b/0xd0\n[6888366.281272] ? ceph_tcp_recvmsg+0x6f/0xa0 [libceph]\n[6888366.281405] ceph_con_process_message+0x79/0x140 [libceph]\n[6888366.281534] ceph_con_v1_try_read+0x5d7/0xf30 [libceph]\n[6888366.281661] ceph_con_workfn+0x329/0x680 [libceph]\n```\n\nAfter analyzing the coredump file, we found that the address of\ndc-\u003esb_bio has been freed. We know that cached_dev is only freed when it\nis stopped.\n\nSince sb_bio is a part of struct cached_dev, rather than an alloc every\ntime. If the device is stopped while writing to the superblock, the\nreleased address will be accessed at endio.\n\nThis patch hopes to wait for sb_write to complete in cached_dev_free.\n\nIt should be noted that we analyzed the cause of the problem, then tell\nall details to the QWEN and adopted the modifications it made.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31580",
"url": "https://www.suse.com/security/cve/CVE-2026-31580"
},
{
"category": "external",
"summary": "SUSE Bug 1263169 for CVE-2026-31580",
"url": "https://bugzilla.suse.com/1263169"
},
{
"category": "external",
"summary": "SUSE Bug 1263171 for CVE-2026-31580",
"url": "https://bugzilla.suse.com/1263171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31580"
},
{
"cve": "CVE-2026-31590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION\n\nDrop the WARN in sev_pin_memory() on npages overflowing an int, as the\nWARN is comically trivially to trigger from userspace, e.g. by doing:\n\n struct kvm_enc_region range = {\n .addr = 0,\n .size = -1ul,\n };\n\n __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_REG_REGION, \u0026range);\n\nNote, the checks in sev_mem_enc_register_region() that presumably exist to\nverify the incoming address+size are completely worthless, as both \"addr\"\nand \"size\" are u64s and SEV is 64-bit only, i.e. they _can\u0027t_ be greater\nthan ULONG_MAX. That wart will be cleaned up in the near future.\n\n\tif (range-\u003eaddr \u003e ULONG_MAX || range-\u003esize \u003e ULONG_MAX)\n\t\treturn -EINVAL;\n\nOpportunistically add a comment to explain why the code calculates the\nnumber of pages the \"hard\" way, e.g. instead of just shifting @ulen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31590",
"url": "https://www.suse.com/security/cve/CVE-2026-31590"
},
{
"category": "external",
"summary": "SUSE Bug 1263152 for CVE-2026-31590",
"url": "https://bugzilla.suse.com/1263152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31590"
},
{
"cve": "CVE-2026-31592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock\n\nTake and hold kvm-\u003elock for before checking sev_guest() in\nsev_mem_enc_register_region(), as sev_guest() isn\u0027t stable unless kvm-\u003elock\nis held (or KVM can guarantee KVM_SEV_INIT{2} has completed and can\u0027t\nrollack state). If KVM_SEV_INIT{2} fails, KVM can end up trying to add to\na not-yet-initialized sev-\u003eregions_list, e.g. triggering a #GP\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n CPU: 110 UID: 0 PID: 72717 Comm: syz.15.11462 Tainted: G U W O 6.16.0-smp-DEV #1 NONE\n Tainted: [U]=USER, [W]=WARN, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:sev_mem_enc_register_region+0x3f0/0x4f0 ../include/linux/list.h:83\n Code: \u003c41\u003e 80 3c 04 00 74 08 4c 89 ff e8 f1 c7 a2 00 49 39 ed 0f 84 c6 00\n RSP: 0018:ffff88838647fbb8 EFLAGS: 00010256\n RAX: dffffc0000000000 RBX: 1ffff92015cf1e0b RCX: dffffc0000000000\n RDX: 0000000000000000 RSI: 0000000000001000 RDI: ffff888367870000\n RBP: ffffc900ae78f050 R08: ffffea000d9e0007 R09: 1ffffd4001b3c000\n R10: dffffc0000000000 R11: fffff94001b3c001 R12: 0000000000000000\n R13: ffff8982ab0bde00 R14: ffffc900ae78f058 R15: 0000000000000000\n FS: 00007f34e9dc66c0(0000) GS:ffff89ee64d33000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fe180adef98 CR3: 000000047210e000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vm_ioctl+0xa72/0x1240 ../arch/x86/kvm/x86.c:7371\n kvm_vm_ioctl+0x649/0x990 ../virt/kvm/kvm_main.c:5363\n __se_sys_ioctl+0x101/0x170 ../fs/ioctl.c:51\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x6f/0x1f0 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f34e9f7e9a9\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f34e9dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007f34ea1a6080 RCX: 00007f34e9f7e9a9\n RDX: 0000200000000280 RSI: 000000008010aebb RDI: 0000000000000007\n RBP: 00007f34ea000d69 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f34ea1a6080 R15: 00007ffce77197a8\n \u003c/TASK\u003e\n\nwith a syzlang reproducer that looks like:\n\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000040)={0x0, \u0026(0x7f0000000180)=ANY=[], 0x70}) (async)\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000080)={0x0, \u0026(0x7f0000000180)=ANY=[@ANYBLOB=\"...\"], 0x4f}) (async)\n r0 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000200), 0x0, 0x0)\n r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)\n r2 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000240), 0x0, 0x0)\n r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)\n ioctl$KVM_SET_CLOCK(r3, 0xc008aeba, \u0026(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) (async)\n ioctl$KVM_SET_PIT2(r3, 0x8010aebb, \u0026(0x7f0000000280)={[...], 0x5}) (async)\n ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) (async)\n r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)\n openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)\n ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, \u0026(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, \u0026(0x7f0000001000/0x2000)=nil}) (async)\n r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)\n close(r0) (async)\n openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000000), 0x8000, 0x0) (async)\n ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, \u0026(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x46, 0x0, 0x0, 0x0, 0x0, 0x1000]}) (async)\n ioctl$KVM_RUN(r5, 0xae80, 0x0)\n\nOpportunistically use guard() to avoid having to define a new error label\nand goto usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31592",
"url": "https://www.suse.com/security/cve/CVE-2026-31592"
},
{
"category": "external",
"summary": "SUSE Bug 1263123 for CVE-2026-31592",
"url": "https://bugzilla.suse.com/1263123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31596"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle invalid dinode in ocfs2_group_extend\n\n[BUG]\nkernel BUG at fs/ocfs2/resize.c:308!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nRIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308\nCode: 8b8520ff ffff83f8 860f8580 030000e8 5cc3c1fe\nCall Trace:\n ...\n ocfs2_ioctl+0x175/0x6e0 fs/ocfs2/ioctl.c:869\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x197/0x1e0 fs/ioctl.c:583\n x64_sys_call+0x1144/0x26a0 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x93/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\n[CAUSE]\nocfs2_group_extend() assumes that the global bitmap inode block\nreturned from ocfs2_inode_lock() has already been validated and\nBUG_ONs when the signature is not a dinode. That assumption is too\nstrong for crafted filesystems because the JBD2-managed buffer path\ncan bypass structural validation and return an invalid dinode to the\nresize ioctl.\n\n[FIX]\nValidate the dinode explicitly in ocfs2_group_extend(). If the global\nbitmap buffer does not contain a valid dinode, report filesystem\ncorruption with ocfs2_error() and fail the resize operation instead of\ncrashing the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31596",
"url": "https://www.suse.com/security/cve/CVE-2026-31596"
},
{
"category": "external",
"summary": "SUSE Bug 1263319 for CVE-2026-31596",
"url": "https://bugzilla.suse.com/1263319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31596"
},
{
"cve": "CVE-2026-31613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix OOB reads parsing symlink error response\n\nWhen a CREATE returns STATUS_STOPPED_ON_SYMLINK, smb2_check_message()\nreturns success without any length validation, leaving the symlink\nparsers as the only defense against an untrusted server.\n\nsymlink_data() walks SMB 3.1.1 error contexts with the loop test \"p \u003c\nend\", but reads p-\u003eErrorId at offset 4 and p-\u003eErrorDataLength at offset\n0. When the server-controlled ErrorDataLength advances p to within 1-7\nbytes of end, the next iteration will read past it. When the matching\ncontext is found, sym-\u003eSymLinkErrorTag is read at offset 4 from\np-\u003eErrorContextData with no check that the symlink header itself fits.\n\nsmb2_parse_symlink_response() then bounds-checks the substitute name\nusing SMB2_SYMLINK_STRUCT_SIZE as the offset of PathBuffer from\niov_base. That value is computed as sizeof(smb2_err_rsp) +\nsizeof(smb2_symlink_err_rsp), which is correct only when\nErrorContextCount == 0.\n\nWith at least one error context the symlink data sits 8 bytes deeper,\nand each skipped non-matching context shifts it further by 8 +\nALIGN(ErrorDataLength, 8). The check is too short, allowing the\nsubstitute name read to run past iov_len. The out-of-bound heap bytes\nare UTF-16-decoded into the symlink target and returned to userspace via\nreadlink(2).\n\nFix this all up by making the loops test require the full context header\nto fit, rejecting sym if its header runs past end, and bound the\nsubstitute name against the actual position of sym-\u003ePathBuffer rather\nthan a fixed offset.\n\nBecause sub_offs and sub_len are 16bits, the pointer math will not\noverflow here with the new greater-than.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31613",
"url": "https://www.suse.com/security/cve/CVE-2026-31613"
},
{
"category": "external",
"summary": "SUSE Bug 1263769 for CVE-2026-31613",
"url": "https://bugzilla.suse.com/1263769"
},
{
"category": "external",
"summary": "SUSE Bug 1263770 for CVE-2026-31613",
"url": "https://bugzilla.suse.com/1263770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31613"
},
{
"cve": "CVE-2026-31614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix off-by-8 bounds check in check_wsl_eas()\n\nThe bounds check uses (u8 *)ea + nlen + 1 + vlen as the end of the EA\nname and value, but ea_data sits at offset sizeof(struct\nsmb2_file_full_ea_info) = 8 from ea, not at offset 0. The strncmp()\nlater reads ea-\u003eea_data[0..nlen-1] and the value bytes follow at\nea_data[nlen+1..nlen+vlen], so the actual end is ea-\u003eea_data + nlen + 1\n+ vlen. Isn\u0027t pointer math fun?\n\nThe earlier check (u8 *)ea \u003e end - sizeof(*ea) only guarantees the\n8-byte header is in bounds, but since the last EA is placed within 8\nbytes of the end of the response, the name and value bytes are read past\nthe end of iov.\n\nFix this mess all up by using ea-\u003eea_data as the base for the bounds\ncheck.\n\nAn \"untrusted\" server can use this to leak up to 8 bytes of kernel heap\ninto the EA name comparison and influence which WSL xattr the data is\ninterpreted as.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31614",
"url": "https://www.suse.com/security/cve/CVE-2026-31614"
},
{
"category": "external",
"summary": "SUSE Bug 1263774 for CVE-2026-31614",
"url": "https://bugzilla.suse.com/1263774"
},
{
"category": "external",
"summary": "SUSE Bug 1263775 for CVE-2026-31614",
"url": "https://bugzilla.suse.com/1263775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31614"
},
{
"cve": "CVE-2026-31629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: add missing return after LLCP_CLOSED checks\n\nIn nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket\nstate is LLCP_CLOSED, the code correctly calls release_sock() and\nnfc_llcp_sock_put() but fails to return. Execution falls through to\nthe remainder of the function, which calls release_sock() and\nnfc_llcp_sock_put() again. This results in a double release_sock()\nand a refcount underflow via double nfc_llcp_sock_put(), leading to\na use-after-free.\n\nAdd the missing return statements after the LLCP_CLOSED branches\nin both functions to prevent the fall-through.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31629",
"url": "https://www.suse.com/security/cve/CVE-2026-31629"
},
{
"category": "external",
"summary": "SUSE Bug 1263790 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "external",
"summary": "SUSE Bug 1263791 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31629"
},
{
"cve": "CVE-2026-31655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled\n\nKeep the NOC_HDCP clock always enabled to fix the potential hang\ncaused by the NoC ADB400 port power down handshake.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31655",
"url": "https://www.suse.com/security/cve/CVE-2026-31655"
},
{
"category": "external",
"summary": "SUSE Bug 1263724 for CVE-2026-31655",
"url": "https://bugzilla.suse.com/1263724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31655"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31665",
"url": "https://www.suse.com/security/cve/CVE-2026-31665"
},
{
"category": "external",
"summary": "SUSE Bug 1263137 for CVE-2026-31665",
"url": "https://bugzilla.suse.com/1263137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm_user: fix info leak in build_report()\n\nstruct xfrm_user_report is a __u8 proto field followed by a struct\nxfrm_selector which means there is three \"empty\" bytes of padding, but\nthe padding is never zeroed before copying to userspace. Fix that up by\nzeroing the structure before setting individual member variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31671",
"url": "https://www.suse.com/security/cve/CVE-2026-31671"
},
{
"category": "external",
"summary": "SUSE Bug 1263115 for CVE-2026-31671",
"url": "https://bugzilla.suse.com/1263115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2026-31671"
},
{
"cve": "CVE-2026-31673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: read UNIX_DIAG_VFS data under unix_state_lock\n\nExact UNIX diag lookups hold a reference to the socket, but not to\nu-\u003epath. Meanwhile, unix_release_sock() clears u-\u003epath under\nunix_state_lock() and drops the path reference after unlocking.\n\nRead the inode and device numbers for UNIX_DIAG_VFS while holding\nunix_state_lock(), then emit the netlink attribute after dropping the\nlock.\n\nThis keeps the VFS data stable while the reply is being built.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31673",
"url": "https://www.suse.com/security/cve/CVE-2026-31673"
},
{
"category": "external",
"summary": "SUSE Bug 1263143 for CVE-2026-31673",
"url": "https://bugzilla.suse.com/1263143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31673"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: defer tunnel netdev_put to RCU release\n\novs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already\ndetached the device. Dropping the netdev reference in destroy can race\nwith concurrent readers that still observe vport-\u003edev.\n\nDo not release vport-\u003edev in ovs_netdev_tunnel_destroy(). Instead, let\nvport_netdev_free() drop the reference from the RCU callback, matching\nthe non-tunnel destroy path and avoiding additional synchronization\nunder RTNL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31678",
"url": "https://www.suse.com/security/cve/CVE-2026-31678"
},
{
"category": "external",
"summary": "SUSE Bug 1263562 for CVE-2026-31678",
"url": "https://bugzilla.suse.com/1263562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31678"
},
{
"cve": "CVE-2026-31680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31680",
"url": "https://www.suse.com/security/cve/CVE-2026-31680"
},
{
"category": "external",
"summary": "SUSE Bug 1263563 for CVE-2026-31680",
"url": "https://bugzilla.suse.com/1263563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31693",
"url": "https://www.suse.com/security/cve/CVE-2026-31693"
},
{
"category": "external",
"summary": "SUSE Bug 1267744 for CVE-2026-31693",
"url": "https://bugzilla.suse.com/1267744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31693"
},
{
"cve": "CVE-2026-31697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don\u0027t attempt to copy the ID blob to\nuserspace if the firmware command failed. If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31697",
"url": "https://www.suse.com/security/cve/CVE-2026-31697"
},
{
"category": "external",
"summary": "SUSE Bug 1264116 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "external",
"summary": "SUSE Bug 1264144 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31697"
},
{
"cve": "CVE-2026-31698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed\n\nWhen retrieving the PDH cert, don\u0027t attempt to copy the blobs to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff8885c4ab8aa0 by task syz.0.186/21033\n\n CPU: 51 UID: 0 PID: 21033 Comm: syz.0.186 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.84.12-0 11/17/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pdh_export+0x3d3/0x7c0 ../drivers/crypto/ccp/sev-dev.c:2347\n sev_ioctl+0x2a2/0x490 ../drivers/crypto/ccp/sev-dev.c:2568\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31698",
"url": "https://www.suse.com/security/cve/CVE-2026-31698"
},
{
"category": "external",
"summary": "SUSE Bug 1263880 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "external",
"summary": "SUSE Bug 1263929 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31698"
},
{
"cve": "CVE-2026-31699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed\n\nWhen retrieving the PEK CSR, don\u0027t attempt to copy the blob to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff898144612e20 by task syz.9.219/21405\n\n CPU: 14 UID: 0 PID: 21405 Comm: syz.9.219 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pek_csr+0x31f/0x590 ../drivers/crypto/ccp/sev-dev.c:1872\n sev_ioctl+0x3a4/0x490 ../drivers/crypto/ccp/sev-dev.c:2562\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31699",
"url": "https://www.suse.com/security/cve/CVE-2026-31699"
},
{
"category": "external",
"summary": "SUSE Bug 1263879 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "external",
"summary": "SUSE Bug 1263928 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31699"
},
{
"cve": "CVE-2026-31703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwriteback: Fix use after free in inode_switch_wbs_work_fn()\n\ninode_switch_wbs_work_fn() has a loop like:\n\n wb_get(new_wb);\n while (1) {\n list = llist_del_all(\u0026new_wb-\u003eswitch_wbs_ctxs);\n /* Nothing to do? */\n if (!list)\n break;\n ... process the items ...\n }\n\nNow adding of items to the list looks like:\n\nwb_queue_isw()\n if (llist_add(\u0026isw-\u003elist, \u0026wb-\u003eswitch_wbs_ctxs))\n queue_work(isw_wq, \u0026wb-\u003eswitch_work);\n\nBecause inode_switch_wbs_work_fn() loops when processing isw items, it\ncan happen that wb-\u003eswitch_work is pending while wb-\u003eswitch_wbs_ctxs is\nempty. This is a problem because in that case wb can get freed (no isw\nitems -\u003e no wb reference) while the work is still pending causing\nuse-after-free issues.\n\nWe cannot just fix this by cancelling work when freeing wb because that\ncould still trigger problematic 0 -\u003e 1 transitions on wb refcount due to\nwb_get() in inode_switch_wbs_work_fn(). It could be all handled with\nmore careful code but that seems unnecessarily complex so let\u0027s avoid\nthat until it is proven that the looping actually brings practical\nbenefit. Just remove the loop from inode_switch_wbs_work_fn() instead.\nThat way when wb_queue_isw() queues work, we are guaranteed we have\nadded the first item to wb-\u003eswitch_wbs_ctxs and nobody is going to\nremove it (and drop the wb reference it holds) until the queued work\nruns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31703",
"url": "https://www.suse.com/security/cve/CVE-2026-31703"
},
{
"category": "external",
"summary": "SUSE Bug 1263883 for CVE-2026-31703",
"url": "https://bugzilla.suse.com/1263883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31703"
},
{
"cve": "CVE-2026-31752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31752",
"url": "https://www.suse.com/security/cve/CVE-2026-31752"
},
{
"category": "external",
"summary": "SUSE Bug 1264045 for CVE-2026-31752",
"url": "https://bugzilla.suse.com/1264045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: usbtmc: Flush anchored URBs in usbtmc_release\n\nWhen calling usbtmc_release, pending anchored URBs must be flushed or\nkilled to prevent use-after-free errors (e.g. in the HCD giveback\npath). Call usbtmc_draw_down() to allow anchored URBs to be completed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31758",
"url": "https://www.suse.com/security/cve/CVE-2026-31758"
},
{
"category": "external",
"summary": "SUSE Bug 1264093 for CVE-2026-31758",
"url": "https://bugzilla.suse.com/1264093"
},
{
"category": "external",
"summary": "SUSE Bug 1264094 for CVE-2026-31758",
"url": "https://bugzilla.suse.com/1264094"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31758"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/dsi: Don\u0027t do DSC horizontal timing adjustments in command mode\n\nStop adjusting the horizontal timing values based on the\ncompression ratio in command mode. Bspec seems to be telling\nus to do this only in video mode, and this is also how the\nWindows driver does things.\n\nThis should also fix a div-by-zero on some machines because\nthe adjusted htotal ends up being so small that we end up with\nline_time_us==0 when trying to determine the vtotal value in\ncommand mode.\n\nNote that this doesn\u0027t actually make the display on the\nHuawei Matebook E work, but at least the kernel no longer\nexplodes when the driver loads.\n\n(cherry picked from commit 0b475e91ecc2313207196c6d7fd5c53e1a878525)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31767",
"url": "https://www.suse.com/security/cve/CVE-2026-31767"
},
{
"category": "external",
"summary": "SUSE Bug 1264124 for CVE-2026-31767",
"url": "https://bugzilla.suse.com/1264124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31767"
},
{
"cve": "CVE-2026-31771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: move wake reason storage into validated event handlers\n\nhci_store_wake_reason() is called from hci_event_packet() immediately\nafter stripping the HCI event header but before hci_event_func()\nenforces the per-event minimum payload length from hci_ev_table.\nThis means a short HCI event frame can reach bacpy() before any bounds\ncheck runs.\n\nRather than duplicating skb parsing and per-event length checks inside\nhci_store_wake_reason(), move wake-address storage into the individual\nevent handlers after their existing event-length validation has\nsucceeded. Convert hci_store_wake_reason() into a small helper that only\nstores an already-validated bdaddr while the caller holds hci_dev_lock().\nUse the same helper after hci_event_func() with a NULL address to\npreserve the existing unexpected-wake fallback semantics when no\nvalidated event handler records a wake address.\n\nAnnotate the helper with __must_hold(\u0026hdev-\u003elock) and add\nlockdep_assert_held(\u0026hdev-\u003elock) so future call paths keep the lock\ncontract explicit.\n\nCall the helper from hci_conn_request_evt(), hci_conn_complete_evt(),\nhci_sync_conn_complete_evt(), le_conn_complete_evt(),\nhci_le_adv_report_evt(), hci_le_ext_adv_report_evt(),\nhci_le_direct_adv_report_evt(), hci_le_pa_sync_established_evt(), and\nhci_le_past_received_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31771",
"url": "https://www.suse.com/security/cve/CVE-2026-31771"
},
{
"category": "external",
"summary": "SUSE Bug 1264145 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "external",
"summary": "SUSE Bug 1264146 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31771"
},
{
"cve": "CVE-2026-43013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: lag: Check for LAG device before creating debugfs\n\n__mlx5_lag_dev_add_mdev() may return 0 (success) even when an error\noccurs that is handled gracefully. Consequently, the initialization\nflow proceeds to call mlx5_ldev_add_debugfs() even when there is no\nvalid LAG context.\n\nmlx5_ldev_add_debugfs() blindly created the debugfs directory and\nattributes. This exposed interfaces (like the members file) that rely on\na valid ldev pointer, leading to potential NULL pointer dereferences if\naccessed when ldev is NULL.\n\nAdd a check to verify that mlx5_lag_dev(dev) returns a valid pointer\nbefore attempting to create the debugfs entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43013",
"url": "https://www.suse.com/security/cve/CVE-2026-43013"
},
{
"category": "external",
"summary": "SUSE Bug 1264011 for CVE-2026-43013",
"url": "https://bugzilla.suse.com/1264011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43013"
},
{
"cve": "CVE-2026-43023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: fix race conditions in sco_sock_connect()\n\nsco_sock_connect() checks sk_state and sk_type without holding\nthe socket lock. Two concurrent connect() syscalls on the same\nsocket can both pass the check and enter sco_connect(), leading\nto use-after-free.\n\nThe buggy scenario involves three participants and was confirmed\nwith additional logging instrumentation:\n\n Thread A (connect): HCI disconnect: Thread B (connect):\n\n sco_sock_connect(sk) sco_sock_connect(sk)\n sk_state==BT_OPEN sk_state==BT_OPEN\n (pass, no lock) (pass, no lock)\n sco_connect(sk): sco_connect(sk):\n hci_dev_lock hci_dev_lock\n hci_connect_sco \u003c- blocked\n -\u003e hcon1\n sco_conn_add-\u003econn1\n lock_sock(sk)\n sco_chan_add:\n conn1-\u003esk = sk\n sk-\u003econn = conn1\n sk_state=BT_CONNECT\n release_sock\n hci_dev_unlock\n hci_dev_lock\n sco_conn_del:\n lock_sock(sk)\n sco_chan_del:\n sk-\u003econn=NULL\n conn1-\u003esk=NULL\n sk_state=\n BT_CLOSED\n SOCK_ZAPPED\n release_sock\n hci_dev_unlock\n (unblocked)\n hci_connect_sco\n -\u003e hcon2\n sco_conn_add\n -\u003e conn2\n lock_sock(sk)\n sco_chan_add:\n sk-\u003econn=conn2\n sk_state=\n BT_CONNECT\n // zombie sk!\n release_sock\n hci_dev_unlock\n\nThread B revives a BT_CLOSED + SOCK_ZAPPED socket back to\nBT_CONNECT. Subsequent cleanup triggers double sock_put() and\nuse-after-free. Meanwhile conn1 is leaked as it was orphaned\nwhen sco_conn_del() cleared the association.\n\nFix this by:\n- Moving lock_sock() before the sk_state/sk_type checks in\n sco_sock_connect() to serialize concurrent connect attempts\n- Fixing the sk_type != SOCK_SEQPACKET check to actually\n return the error instead of just assigning it\n- Adding a state re-check in sco_connect() after lock_sock()\n to catch state changes during the window between the locks\n- Adding sco_pi(sk)-\u003econn check in sco_chan_add() to prevent\n double-attach of a socket to multiple connections\n- Adding hci_conn_drop() on sco_chan_add failure to prevent\n HCI connection leaks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43023",
"url": "https://www.suse.com/security/cve/CVE-2026-43023"
},
{
"category": "external",
"summary": "SUSE Bug 1264137 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "external",
"summary": "SUSE Bug 1264138 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43023"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent\n\nctnetlink_alloc_expect() allocates expectations from a non-zeroing\nslab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not\npresent in the netlink message, saved_addr and saved_proto are\nnever initialized. Stale data from a previous slab occupant can\nthen be dumped to userspace by ctnetlink_exp_dump_expect(), which\nchecks these fields to decide whether to emit CTA_EXPECT_NAT.\n\nThe safe sibling nf_ct_expect_init(), used by the packet path,\nexplicitly zeroes these fields.\n\nZero saved_addr, saved_proto and dir in the else branch, guarded\nby IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when\nNAT is enabled.\n\nConfirmed by priming the expect slab with NAT-bearing expectations,\nfreeing them, creating a new expectation without CTA_EXPECT_NAT,\nand observing that the ctnetlink dump emits a spurious\nCTA_EXPECT_NAT containing stale data from the prior allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43026",
"url": "https://www.suse.com/security/cve/CVE-2026-43026"
},
{
"category": "external",
"summary": "SUSE Bug 1263932 for CVE-2026-43026",
"url": "https://bugzilla.suse.com/1263932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43026"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix regsafe() for pointers to packet\n\nIn case rold-\u003ereg-\u003erange == BEYOND_PKT_END \u0026\u0026 rcur-\u003ereg-\u003erange == N\nregsafe() may return true which may lead to current state with\nvalid packet range not being explored. Fix the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43030",
"url": "https://www.suse.com/security/cve/CVE-2026-43030"
},
{
"category": "external",
"summary": "SUSE Bug 1264000 for CVE-2026-43030",
"url": "https://bugzilla.suse.com/1264000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43030"
},
{
"cve": "CVE-2026-43035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43035",
"url": "https://www.suse.com/security/cve/CVE-2026-43035"
},
{
"category": "external",
"summary": "SUSE Bug 1263996 for CVE-2026-43035",
"url": "https://bugzilla.suse.com/1263996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use skb_header_pointer() for TCPv4 GSO frag_off check\n\nSyzbot reported a KMSAN uninit-value warning in gso_features_check()\ncalled from netif_skb_features() [1].\n\ngso_features_check() reads iph-\u003efrag_off to decide whether to clear\nmangleid_features. Accessing the IPv4 header via ip_hdr()/inner_ip_hdr()\ncan rely on skb header offsets that are not always safe for direct\ndereference on packets injected from PF_PACKET paths.\n\nUse skb_header_pointer() for the TCPv4 frag_off check so the header read\nis robust whether data is already linear or needs copying.\n\n[1] https://syzkaller.appspot.com/bug?extid=1543a7d954d9c6d00407",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43036",
"url": "https://www.suse.com/security/cve/CVE-2026-43036"
},
{
"category": "external",
"summary": "SUSE Bug 1263993 for CVE-2026-43036",
"url": "https://bugzilla.suse.com/1263993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43036"
},
{
"cve": "CVE-2026-43040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak\n\nWhen processing Router Advertisements with user options the kernel\nbuilds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct\nhas three padding fields that are never zeroed and can leak kernel data\n\nThe fix is simple, just zeroes the padding fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43040",
"url": "https://www.suse.com/security/cve/CVE-2026-43040"
},
{
"category": "external",
"summary": "SUSE Bug 1264091 for CVE-2026-43040",
"url": "https://bugzilla.suse.com/1264091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43040"
},
{
"cve": "CVE-2026-43049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure\n\nPresently, if the force feedback initialisation fails when probing the\nLogitech G920 Driving Force Racing Wheel for Xbox One, an error number\nwill be returned and propagated before the userspace infrastructure\n(sysfs and /dev/input) has been torn down. If userspace ignores the\nerrors and continues to use its references to these dangling entities, a\nUAF will promptly follow.\n\nWe have 2 options; continue to return the error, but ensure that all of\nthe infrastructure is torn down accordingly or continue to treat this\ncondition as a warning by emitting the message but returning success.\nIt is thought that the original author\u0027s intention was to emit the\nwarning but keep the device functional, less the force feedback feature,\nso let\u0027s go with that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43049",
"url": "https://www.suse.com/security/cve/CVE-2026-43049"
},
{
"category": "external",
"summary": "SUSE Bug 1264080 for CVE-2026-43049",
"url": "https://bugzilla.suse.com/1264080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43049"
},
{
"cve": "CVE-2026-43052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check tdls flag in ieee80211_tdls_oper\n\nWhen NL80211_TDLS_ENABLE_LINK is called, the code only checks if the\nstation exists but not whether it is actually a TDLS station. This\nallows the operation to proceed for non-TDLS stations, causing\nunintended side effects like modifying channel context and HT\nprotection before failing.\n\nAdd a check for sta-\u003esta.tdls early in the ENABLE_LINK case, before\nany side effects occur, to ensure the operation is only allowed for\nactual TDLS peers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43052",
"url": "https://www.suse.com/security/cve/CVE-2026-43052"
},
{
"category": "external",
"summary": "SUSE Bug 1263945 for CVE-2026-43052",
"url": "https://bugzilla.suse.com/1263945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43052"
},
{
"cve": "CVE-2026-43053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: close crash window in attr dabtree inactivation\n\nWhen inactivating an inode with node-format extended attributes,\nxfs_attr3_node_inactive() invalidates all child leaf/node blocks via\nxfs_trans_binval(), but intentionally does not remove the corresponding\nentries from their parent node blocks. The implicit assumption is that\nxfs_attr_inactive() will truncate the entire attr fork to zero extents\nafterwards, so log recovery will never reach the root node and follow\nthose stale pointers.\n\nHowever, if a log shutdown occurs after the leaf/node block cancellations\ncommit but before the attr bmap truncation commits, this assumption\nbreaks. Recovery replays the attr bmap intact (the inode still has\nattr fork extents), but suppresses replay of all cancelled leaf/node\nblocks, maybe leaving them as stale data on disk. On the next mount,\nxlog_recover_process_iunlinks() retries inactivation and attempts to\nread the root node via the attr bmap. If the root node was not replayed,\nreading the unreplayed root block triggers a metadata verification\nfailure immediately; if it was replayed, following its child pointers\nto unreplayed child blocks triggers the same failure:\n\n XFS (pmem0): Metadata corruption detected at\n xfs_da3_node_read_verify+0x53/0x220, xfs_da3_node block 0x78\n XFS (pmem0): Unmount and run xfs_repair\n XFS (pmem0): First 128 bytes of corrupted metadata buffer:\n 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n XFS (pmem0): metadata I/O error in \"xfs_da_read_buf+0x104/0x190\" at daddr 0x78 len 8 error 117\n\nFix this in two places:\n\nIn xfs_attr3_node_inactive(), after calling xfs_trans_binval() on a\nchild block, immediately remove the entry that references it from the\nparent node in the same transaction. This eliminates the window where\nthe parent holds a pointer to a cancelled block. Once all children are\nremoved, the now-empty root node is converted to a leaf block within the\nsame transaction. This node-to-leaf conversion is necessary for crash\nsafety. If the system shutdown after the empty node is written to the\nlog but before the second-phase bmap truncation commits, log recovery\nwill attempt to verify the root block on disk. xfs_da3_node_verify()\ndoes not permit a node block with count == 0; such a block will fail\nverification and trigger a metadata corruption shutdown. on the other\nhand, leaf blocks are allowed to have this transient state.\n\nIn xfs_attr_inactive(), split the attr fork truncation into two explicit\nphases. First, truncate all extents beyond the root block (the child\nextents whose parent references have already been removed above).\nSecond, invalidate the root block and truncate the attr bmap to zero in\na single transaction. The two operations in the second phase must be\natomic: as long as the attr bmap has any non-zero length, recovery can\nfollow it to the root block, so the root block invalidation must commit\ntogether with the bmap-to-zero truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43053",
"url": "https://www.suse.com/security/cve/CVE-2026-43053"
},
{
"category": "external",
"summary": "SUSE Bug 1264084 for CVE-2026-43053",
"url": "https://bugzilla.suse.com/1264084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43053"
},
{
"cve": "CVE-2026-43054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcm_loop: Drain commands in target_reset handler\n\ntcm_loop_target_reset() violates the SCSI EH contract: it returns SUCCESS\nwithout draining any in-flight commands. The SCSI EH documentation\n(scsi_eh.rst) requires that when a reset handler returns SUCCESS the driver\nhas made lower layers \"forget about timed out scmds\" and is ready for new\ncommands. Every other SCSI LLD (virtio_scsi, mpt3sas, ipr, scsi_debug,\nmpi3mr) enforces this by draining or completing outstanding commands before\nreturning SUCCESS.\n\nBecause tcm_loop_target_reset() doesn\u0027t drain, the SCSI EH reuses in-flight\nscsi_cmnd structures for recovery commands (e.g. TUR) while the target core\nstill has async completion work queued for the old se_cmd. The memset in\nqueuecommand zeroes se_lun and lun_ref_active, causing\ntransport_lun_remove_cmd() to skip its percpu_ref_put(). The leaked LUN\nreference prevents transport_clear_lun_ref() from completing, hanging\nconfigfs LUN unlink forever in D-state:\n\n INFO: task rm:264 blocked for more than 122 seconds.\n rm D 0 264 258 0x00004000\n Call Trace:\n __schedule+0x3d0/0x8e0\n schedule+0x36/0xf0\n transport_clear_lun_ref+0x78/0x90 [target_core_mod]\n core_tpg_remove_lun+0x28/0xb0 [target_core_mod]\n target_fabric_port_unlink+0x50/0x60 [target_core_mod]\n configfs_unlink+0x156/0x1f0 [configfs]\n vfs_unlink+0x109/0x290\n do_unlinkat+0x1d5/0x2d0\n\nFix this by making tcm_loop_target_reset() actually drain commands:\n\n 1. Issue TMR_LUN_RESET via tcm_loop_issue_tmr() to drain all commands that\n the target core knows about (those not yet CMD_T_COMPLETE).\n\n 2. Use blk_mq_tagset_busy_iter() to iterate all started requests and\n flush_work() on each se_cmd - this drains any deferred completion work\n for commands that already had CMD_T_COMPLETE set before the TMR (which\n the TMR skips via __target_check_io_state()). This is the same pattern\n used by mpi3mr, scsi_debug, and libsas to drain outstanding commands\n during reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43054",
"url": "https://www.suse.com/security/cve/CVE-2026-43054"
},
{
"category": "external",
"summary": "SUSE Bug 1264063 for CVE-2026-43054",
"url": "https://bugzilla.suse.com/1264063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43054"
},
{
"cve": "CVE-2026-43059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix list corruption and UAF in command complete handlers\n\nCommit 302a1f674c00 (\"Bluetooth: MGMT: Fix possible UAFs\") introduced\nmgmt_pending_valid(), which not only validates the pending command but\nalso unlinks it from the pending list if it is valid. This change in\nsemantics requires updates to several completion handlers to avoid list\ncorruption and memory safety issues.\n\nThis patch addresses two left-over issues from the aforementioned rework:\n\n1. In mgmt_add_adv_patterns_monitor_complete(), mgmt_pending_remove()\nis replaced with mgmt_pending_free() in the success path. Since\nmgmt_pending_valid() already unlinks the command at the beginning of\nthe function, calling mgmt_pending_remove() leads to a double list_del()\nand subsequent list corruption/kernel panic.\n\n2. In set_mesh_complete(), the use of mgmt_pending_foreach() in the error\npath is removed. Since the current command is already unlinked by\nmgmt_pending_valid(), this foreach loop would incorrectly target other\npending mesh commands, potentially freeing them while they are still being\nprocessed concurrently (leading to UAFs). The redundant mgmt_cmd_status()\nis also simplified to use cmd-\u003eopcode directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43059",
"url": "https://www.suse.com/security/cve/CVE-2026-43059"
},
{
"category": "external",
"summary": "SUSE Bug 1264184 for CVE-2026-43059",
"url": "https://bugzilla.suse.com/1264184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43059"
},
{
"cve": "CVE-2026-43065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: always drain queued discard work in ext4_mb_release()\n\nWhile reviewing recent ext4 patch[1], Sashiko raised the following\nconcern[2]:\n\n\u003e If the filesystem is initially mounted with the discard option,\n\u003e deleting files will populate sbi-\u003es_discard_list and queue\n\u003e s_discard_work. If it is then remounted with nodiscard, the\n\u003e EXT4_MOUNT_DISCARD flag is cleared, but the pending s_discard_work is\n\u003e neither cancelled nor flushed.\n\n[1] https://lore.kernel.org/r/20260319094545.19291-1-qiang.zhang@linux.dev/\n[2] https://sashiko.dev/#/patchset/20260319094545.19291-1-qiang.zhang%40linux.dev\n\nThe concern was valid, but it had nothing to do with the patch[1].\nOne of the problems with Sashiko in its current (early) form is that\nit will detect pre-existing issues and report it as a problem with the\npatch that it is reviewing.\n\nIn practice, it would be hard to hit deliberately (unless you are a\nmalicious syzkaller fuzzer), since it would involve mounting the file\nsystem with -o discard, and then deleting a large number of files,\nremounting the file system with -o nodiscard, and then immediately\nunmounting the file system before the queued discard work has a change\nto drain on its own.\n\nFix it because it\u0027s a real bug, and to avoid Sashiko from raising this\nconcern when analyzing future patches to mballoc.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43065",
"url": "https://www.suse.com/security/cve/CVE-2026-43065"
},
{
"category": "external",
"summary": "SUSE Bug 1264243 for CVE-2026-43065",
"url": "https://bugzilla.suse.com/1264243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2026-43065"
},
{
"cve": "CVE-2026-43066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix iloc.bh leak in ext4_fc_replay_inode() error paths\n\nDuring code review, Joseph found that ext4_fc_replay_inode() calls\next4_get_fc_inode_loc() to get the inode location, which holds a\nreference to iloc.bh that must be released via brelse().\n\nHowever, several error paths jump to the \u0027out\u0027 label without\nreleasing iloc.bh:\n\n - ext4_handle_dirty_metadata() failure\n - sync_dirty_buffer() failure\n - ext4_mark_inode_used() failure\n - ext4_iget() failure\n\nFix this by introducing an \u0027out_brelse\u0027 label placed just before\nthe existing \u0027out\u0027 label to ensure iloc.bh is always released.\n\nAdditionally, make ext4_fc_replay_inode() propagate errors\nproperly instead of always returning 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43066",
"url": "https://www.suse.com/security/cve/CVE-2026-43066"
},
{
"category": "external",
"summary": "SUSE Bug 1264245 for CVE-2026-43066",
"url": "https://bugzilla.suse.com/1264245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43066"
},
{
"cve": "CVE-2026-43068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocate block from corrupted group in ext4_mb_find_by_goal()\n\nThere\u0027s issue as follows:\n...\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 2243 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 2239 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): error count since last fsck: 1\nEXT4-fs (mmcblk0p1): initial error at time 1765597433: ext4_mb_generate_buddy:760\nEXT4-fs (mmcblk0p1): last error at time 1765597433: ext4_mb_generate_buddy:760\n...\n\nAccording to the log analysis, blocks are always requested from the\ncorrupted block group. This may happen as follows:\next4_mb_find_by_goal\n ext4_mb_load_buddy\n ext4_mb_load_buddy_gfp\n ext4_mb_init_cache\n ext4_read_block_bitmap_nowait\n ext4_wait_block_bitmap\n ext4_validate_block_bitmap\n if (!grp || EXT4_MB_GRP_BBITMAP_CORRUPT(grp))\n return -EFSCORRUPTED; // There\u0027s no logs.\n if (err)\n return err; // Will return error\next4_lock_group(ac-\u003eac_sb, group);\n if (unlikely(EXT4_MB_GRP_BBITMAP_CORRUPT(e4b-\u003ebd_info))) // Unreachable\n goto out;\n\nAfter commit 9008a58e5dce (\"ext4: make the bitmap read routines return\nreal error codes\") merged, Commit 163a203ddb36 (\"ext4: mark block group\nas corrupt on block bitmap error\") is no real solution for allocating\nblocks from corrupted block groups. This is because if\n\u0027EXT4_MB_GRP_BBITMAP_CORRUPT(e4b-\u003ebd_info)\u0027 is true, then\n\u0027ext4_mb_load_buddy()\u0027 may return an error. This means that the block\nallocation will fail.\nTherefore, check block group if corrupted when ext4_mb_load_buddy()\nreturns error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43068",
"url": "https://www.suse.com/security/cve/CVE-2026-43068"
},
{
"category": "external",
"summary": "SUSE Bug 1264255 for CVE-2026-43068",
"url": "https://bugzilla.suse.com/1264255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43068"
},
{
"cve": "CVE-2026-43074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: defer struct eventpoll free to RCU grace period\n\nIn certain situations, ep_free() in eventpoll.c will kfree the epi-\u003eep\neventpoll struct while it still being used by another concurrent thread.\nDefer the kfree() to an RCU callback to prevent UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43074",
"url": "https://www.suse.com/security/cve/CVE-2026-43074"
},
{
"category": "external",
"summary": "SUSE Bug 1264263 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "external",
"summary": "SUSE Bug 1265307 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1265307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43074"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ioam6: fix OOB and missing lock\n\nWhen trace-\u003etype.bit6 is set:\n\n if (trace-\u003etype.bit6) {\n ...\n queue = skb_get_tx_queue(dev, skb);\n qdisc = rcu_dereference(queue-\u003eqdisc);\n\nThis code can lead to an out-of-bounds access of the dev-\u003e_tx[] array\nwhen is_input is true. In such a case, the packet is on the RX path and\nskb-\u003equeue_mapping contains the RX queue index of the ingress device. If\nthe ingress device has more RX queues than the egress device (dev) has\nTX queues, skb_get_queue_mapping(skb) will exceed dev-\u003enum_tx_queues.\nAdd a check to avoid this situation since skb_get_tx_queue() does not\nclamp the index. This issue has also revealed that per queue visibility\ncannot be accurate and will be replaced later as a new feature.\n\nWhile at it, add missing lock around qdisc_qstats_qlen_backlog(). The\nfunction __ioam6_fill_trace_data() is called from both softirq and\nprocess contexts, hence the use of spin_lock_bh() here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43083",
"url": "https://www.suse.com/security/cve/CVE-2026-43083"
},
{
"category": "external",
"summary": "SUSE Bug 1264266 for CVE-2026-43083",
"url": "https://bugzilla.suse.com/1264266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43083"
},
{
"cve": "CVE-2026-43101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()\n\nWe need to check __in6_dev_get() for possible NULL value, as\nsuggested by Yiming Qian.\n\nAlso add skb_dst_dev_rcu() instead of skb_dst_dev(),\nand two missing READ_ONCE().\n\nNote that @dev can\u0027t be NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43101",
"url": "https://www.suse.com/security/cve/CVE-2026-43101"
},
{
"category": "external",
"summary": "SUSE Bug 1264239 for CVE-2026-43101",
"url": "https://bugzilla.suse.com/1264239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43101"
},
{
"cve": "CVE-2026-43109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86: shadow stacks: proper error handling for mmap lock\n\n\uae40\uc601\ubbfc reports that shstk_pop_sigframe() doesn\u0027t check for errors from\nmmap_read_lock_killable(), which is a silly oversight, and also shows\nthat we haven\u0027t marked those functions with \"__must_check\", which would\nhave immediately caught it.\n\nSo let\u0027s fix both issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43109",
"url": "https://www.suse.com/security/cve/CVE-2026-43109"
},
{
"category": "external",
"summary": "SUSE Bug 1264484 for CVE-2026-43109",
"url": "https://bugzilla.suse.com/1264484"
},
{
"category": "external",
"summary": "SUSE Bug 1269282 for CVE-2026-43109",
"url": "https://bugzilla.suse.com/1269282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43109"
},
{
"cve": "CVE-2026-43112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43112",
"url": "https://www.suse.com/security/cve/CVE-2026-43112"
},
{
"category": "external",
"summary": "SUSE Bug 1264437 for CVE-2026-43112",
"url": "https://bugzilla.suse.com/1264437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43112"
},
{
"cve": "CVE-2026-43119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status\n\n__hci_cmd_sync_sk() sets hdev-\u003ereq_status under hdev-\u003ereq_lock:\n\n hdev-\u003ereq_status = HCI_REQ_PEND;\n\nHowever, several other functions read or write hdev-\u003ereq_status without\nholding any lock:\n\n - hci_send_cmd_sync() reads req_status in hci_cmd_work (workqueue)\n - hci_cmd_sync_complete() reads/writes from HCI event completion\n - hci_cmd_sync_cancel() / hci_cmd_sync_cancel_sync() read/write\n - hci_abort_conn() reads in connection abort path\n\nSince __hci_cmd_sync_sk() runs on hdev-\u003ereq_workqueue while\nhci_send_cmd_sync() runs on hdev-\u003eworkqueue, these are different\nworkqueues that can execute concurrently on different CPUs. The plain\nC accesses constitute a data race.\n\nAdd READ_ONCE()/WRITE_ONCE() annotations on all concurrent accesses\nto hdev-\u003ereq_status to prevent potential compiler optimizations that\ncould affect correctness (e.g., load fusing in the wait_event\ncondition or store reordering).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43119",
"url": "https://www.suse.com/security/cve/CVE-2026-43119"
},
{
"category": "external",
"summary": "SUSE Bug 1264561 for CVE-2026-43119",
"url": "https://bugzilla.suse.com/1264561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43119"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nEFI/CPER: don\u0027t dump the entire memory region\n\nThe current logic at cper_print_fw_err() doesn\u0027t check if the\nerror record length is big enough to handle offset. On a bad firmware,\nif the ofset is above the actual record, length -= offset will\nunderflow, making it dump the entire memory.\n\nThe end result can be:\n\n - the logic taking a lot of time dumping large regions of memory;\n - data disclosure due to the memory dumps;\n - an OOPS, if it tries to dump an unmapped memory region.\n\nFix it by checking if the section length is too small before doing\na hex dump.\n\n[ rjw: Subject tweaks ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43171",
"url": "https://www.suse.com/security/cve/CVE-2026-43171"
},
{
"category": "external",
"summary": "SUSE Bug 1264549 for CVE-2026-43171",
"url": "https://bugzilla.suse.com/1264549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43171"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()\n\nThe kfd_event_page_set() function writes KFD_SIGNAL_EVENT_LIMIT * 8\nbytes via memset without checking the buffer size parameter. This allows\nunprivileged userspace to trigger an out-of bounds kernel memory write\nby passing a small buffer, leading to potential privilege\nescalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43206",
"url": "https://www.suse.com/security/cve/CVE-2026-43206"
},
{
"category": "external",
"summary": "SUSE Bug 1264551 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "external",
"summary": "SUSE Bug 1266668 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1266668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43206"
},
{
"cve": "CVE-2026-43234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: avoid NETDEV_CHANGEMTU event when unregistering slave\n\nsyzbot is reporting\n\n unregister_netdevice: waiting for netdevsim0 to become free. Usage count = 3\n ref_tracker: netdev@ffff88807dcf8618 has 1/2 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4400 [inline]\n netdev_hold include/linux/netdevice.h:4429 [inline]\n inetdev_init+0x201/0x4e0 net/ipv4/devinet.c:286\n inetdev_event+0x251/0x1610 net/ipv4/devinet.c:1600\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_mtu net/core/dev.c:2318 [inline]\n netif_set_mtu_ext+0x5aa/0x800 net/core/dev.c:9886\n netif_set_mtu+0xd7/0x1b0 net/core/dev.c:9907\n dev_set_mtu+0x126/0x260 net/core/dev_api.c:248\n team_port_del+0xb07/0xcb0 drivers/net/team/team_core.c:1333\n team_del_slave drivers/net/team/team_core.c:1936 [inline]\n team_device_event+0x207/0x5b0 drivers/net/team/team_core.c:2929\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2281 [inline]\n call_netdevice_notifiers net/core/dev.c:2295 [inline]\n __dev_change_net_namespace+0xcb7/0x2050 net/core/dev.c:12592\n do_setlink+0x2ce/0x4590 net/core/rtnetlink.c:3060\n rtnl_changelink net/core/rtnetlink.c:3776 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3935 [inline]\n rtnl_newlink+0x15a9/0x1be0 net/core/rtnetlink.c:4072\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\n\nproblem. Ido Schimmel found steps to reproduce\n\n ip link add name team1 type team\n ip link add name dummy1 mtu 1499 master team1 type dummy\n ip netns add ns1\n ip link set dev dummy1 netns ns1\n ip -n ns1 link del dev dummy1\n\nand also found that the same issue was fixed in the bond driver in\ncommit f51048c3e07b (\"bonding: avoid NETDEV_CHANGEMTU event when\nunregistering slave\").\n\nLet\u0027s do similar thing for the team driver, with commit ad7c7b2172c3 (\"net:\nhold netdev instance lock during sysfs operations\") and commit 303a8487a657\n(\"net: s/__dev_set_mtu/__netif_set_mtu/\") also applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43234",
"url": "https://www.suse.com/security/cve/CVE-2026-43234"
},
{
"category": "external",
"summary": "SUSE Bug 1264409 for CVE-2026-43234",
"url": "https://bugzilla.suse.com/1264409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43234"
},
{
"cve": "CVE-2026-43239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: prevent races in -\u003equery_interfaces()\n\nIt was possible for two query interface works to be concurrently trying\nto update the interfaces.\n\nPrevent this by checking and updating iface_last_update under\niface_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43239",
"url": "https://www.suse.com/security/cve/CVE-2026-43239"
},
{
"category": "external",
"summary": "SUSE Bug 1264444 for CVE-2026-43239",
"url": "https://bugzilla.suse.com/1264444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43239"
},
{
"cve": "CVE-2026-43249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/xen: protect xen_9pfs_front_free against concurrent calls\n\nThe xenwatch thread can race with other back-end change notifications\nand call xen_9pfs_front_free() twice, hitting the observed general\nprotection fault due to a double-free. Guard the teardown path so only\none caller can release the front-end state at a time, preventing the\ncrash.\n\nThis is a fix for the following double-free:\n\n[ 27.052347] Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 27.052357] CPU: 0 UID: 0 PID: 32 Comm: xenwatch Not tainted 6.18.0-02087-g51ab33fc0a8b-dirty #60 PREEMPT(none)\n[ 27.052363] RIP: e030:xen_9pfs_front_free+0x1d/0x150\n[ 27.052368] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54 55 48 89 fd 48 c7 c7 48 d0 92 85 53 e8 cb cb 05 00 48 8b 45 08 48 8b 55 00 \u003c48\u003e 3b 28 0f 85 f9 28 35 fe 48 3b 6a 08 0f 85 ef 28 35 fe 48 89 42\n[ 27.052377] RSP: e02b:ffffc9004016fdd0 EFLAGS: 00010246\n[ 27.052381] RAX: 6b6b6b6b6b6b6b6b RBX: ffff88800d66e400 RCX: 0000000000000000\n[ 27.052385] RDX: 6b6b6b6b6b6b6b6b RSI: 0000000000000000 RDI: 0000000000000000\n[ 27.052389] RBP: ffff88800a887040 R08: 0000000000000000 R09: 0000000000000000\n[ 27.052393] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888009e46b68\n[ 27.052397] R13: 0000000000000200 R14: 0000000000000000 R15: ffff88800a887040\n[ 27.052404] FS: 0000000000000000(0000) GS:ffff88808ca57000(0000) knlGS:0000000000000000\n[ 27.052408] CS: e030 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 27.052412] CR2: 00007f9714004360 CR3: 0000000004834000 CR4: 0000000000050660\n[ 27.052418] Call Trace:\n[ 27.052420] \u003cTASK\u003e\n[ 27.052422] xen_9pfs_front_changed+0x5d5/0x720\n[ 27.052426] ? xenbus_otherend_changed+0x72/0x140\n[ 27.052430] ? __pfx_xenwatch_thread+0x10/0x10\n[ 27.052434] xenwatch_thread+0x94/0x1c0\n[ 27.052438] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 27.052442] kthread+0xf8/0x240\n[ 27.052445] ? __pfx_kthread+0x10/0x10\n[ 27.052449] ? __pfx_kthread+0x10/0x10\n[ 27.052452] ret_from_fork+0x16b/0x1a0\n[ 27.052456] ? __pfx_kthread+0x10/0x10\n[ 27.052459] ret_from_fork_asm+0x1a/0x30\n[ 27.052463] \u003c/TASK\u003e\n[ 27.052465] Modules linked in:\n[ 27.052471] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43249",
"url": "https://www.suse.com/security/cve/CVE-2026-43249"
},
{
"category": "external",
"summary": "SUSE Bug 1264476 for CVE-2026-43249",
"url": "https://bugzilla.suse.com/1264476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43249"
},
{
"cve": "CVE-2026-43252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: in-kernel: always set ID as avail when rm endp\n\nSyzkaller managed to find a combination of actions that was generating\nthis warning:\n\n WARNING: net/mptcp/pm_kernel.c:1074 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1074 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_fullmesh net/mptcp/pm_kernel.c:1446 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_set_flags_all net/mptcp/pm_kernel.c:1474 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_set_flags+0x5de/0x640 net/mptcp/pm_kernel.c:1538, CPU#1: syz.7.48/2535\n Modules linked in:\n CPU: 1 UID: 0 PID: 2535 Comm: syz.7.48 Not tainted 6.18.0-03987-gea5f5e676cf5 #17 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 25.10 PC (i440FX + PIIX, 1996), BIOS 1.17.0-debian-1.17.0-1 04/01/2014\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_kernel.c:1074 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_kernel.c:1446 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags_all net/mptcp/pm_kernel.c:1474 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x5de/0x640 net/mptcp/pm_kernel.c:1538\n Code: 89 c7 e8 c5 8c 73 fe e9 f7 fd ff ff 49 83 ef 80 e8 b7 8c 73 fe 4c 89 ff be 03 00 00 00 e8 4a 29 e3 fe eb ac e8 a3 8c 73 fe 90 \u003c0f\u003e 0b 90 e9 3d ff ff ff e8 95 8c 73 fe b8 a1 ff ff ff eb 1a e8 89\n RSP: 0018:ffffc9001535b820 EFLAGS: 00010287\n netdevsim0: tun_chr_ioctl cmd 1074025677\n RAX: ffffffff82da294d RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc900096d0000 RSI: 00000000000006d6 RDI: 00000000000006d7\n netdevsim0: linktype set to 823\n RBP: ffff88802cdb2240 R08: 00000000000104ae R09: ffffffffffffffff\n R10: ffffffff82da27d4 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff88801246d8c0 R14: ffffc9001535b8b8 R15: ffff88802cdb1800\n FS: 00007fc6ac5a76c0(0000) GS:ffff8880f90c8000(0000) knlGS:0000000000000000\n netlink: \u0027syz.3.50\u0027: attribute type 5 has an invalid length.\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n netlink: 1232 bytes leftover after parsing attributes in process `syz.3.50\u0027.\n CR2: 0000200000010000 CR3: 0000000025b1a000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_set_flags net/mptcp/pm_netlink.c:277 [inline]\n mptcp_pm_nl_set_flags_doit+0x1d7/0x210 net/mptcp/pm_netlink.c:282\n genl_family_rcv_msg_doit+0x117/0x180 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x3a8/0x3f0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16d/0x240 net/netlink/af_netlink.c:2550\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x3e9/0x4c0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x4ab/0x5b0 net/netlink/af_netlink.c:1894\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0xc9/0xf0 net/socket.c:733\n ____sys_sendmsg+0x272/0x3b0 net/socket.c:2608\n ___sys_sendmsg+0x2de/0x320 net/socket.c:2662\n __sys_sendmsg net/socket.c:2694 [inline]\n __do_sys_sendmsg net/socket.c:2699 [inline]\n __se_sys_sendmsg net/socket.c:2697 [inline]\n __x64_sys_sendmsg+0x110/0x1a0 net/socket.c:2697\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xed/0x360 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7fc6adb66f6d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fc6ac5a6ff8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007fc6addf5fa0 RCX: 00007fc6adb66f6d\n RDX: 0000000000048084 RSI: 00002000000002c0 RDI: 000000000000000e\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43252",
"url": "https://www.suse.com/security/cve/CVE-2026-43252"
},
{
"category": "external",
"summary": "SUSE Bug 1264300 for CVE-2026-43252",
"url": "https://bugzilla.suse.com/1264300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43252"
},
{
"cve": "CVE-2026-43261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Add support for TSV110 Spectre-BHB mitigation\n\nThe TSV110 processor is vulnerable to the Spectre-BHB (Branch History\nBuffer) attack, which can be exploited to leak information through\nbranch prediction side channels. This commit adds the MIDR of TSV110\nto the list for software mitigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43261",
"url": "https://www.suse.com/security/cve/CVE-2026-43261"
},
{
"category": "external",
"summary": "SUSE Bug 1264430 for CVE-2026-43261",
"url": "https://bugzilla.suse.com/1264430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43261"
},
{
"cve": "CVE-2026-43284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: esp: avoid in-place decrypt on shared skb frags\n\nMSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP\nmarks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(),\nso later paths that may modify packet data can first make a private\ncopy. The IPv4/IPv6 datagram append paths did not set this flag when\nsplicing pages into UDP skbs.\n\nThat leaves an ESP-in-UDP packet made from shared pipe pages looking\nlike an ordinary uncloned nonlinear skb. ESP input then takes the no-COW\nfast path for uncloned skbs without a frag_list and decrypts in place\nover data that is not owned privately by the skb.\n\nMark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching\nTCP. Also make ESP input fall back to skb_cow_data() when the flag is\npresent, so ESP does not decrypt externally backed frags in place.\nPrivate nonlinear skb frags still use the existing fast path.\n\nThis intentionally does not change ESP output. In esp_output_head(),\nthe path that appends the ESP trailer to existing skb tailroom without\ncalling skb_cow_data() is not reachable for nonlinear skbs:\nskb_tailroom() returns zero when skb-\u003edata_len is nonzero, while ESP\ntailen is positive. Thus ESP output will either use the separate\ndestination-frag path or fall back to skb_cow_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43284",
"url": "https://www.suse.com/security/cve/CVE-2026-43284"
},
{
"category": "external",
"summary": "SUSE Bug 1264449 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "external",
"summary": "SUSE Bug 1264459 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264459"
},
{
"category": "external",
"summary": "SUSE Bug 1265383 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1265383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43284"
},
{
"cve": "CVE-2026-43296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Workaround SQM/PSE stalls by disabling sticky\n\nNIX SQ manager sticky mode is known to cause stalls when multiple SQs\nshare an SMQ and transmit concurrently. Additionally, PSE may deadlock\non transitions between sticky and non-sticky transmissions. There is\nalso a credit drop issue observed when certain condition clocks are\ngated.\n\nwork around these hardware errata by:\n- Disabling SQM sticky operation:\n - Clear TM6 (bit 15)\n - Clear TM11 (bit 14)\n- Disabling sticky -\u003e non-sticky transition path that can deadlock PSE:\n - Clear TM5 (bit 23)\n- Preventing credit drops by keeping the control-flow clock enabled:\n - Set TM9 (bit 21)\n\nThese changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this\nconfiguration the SQM/PSE maintain forward progress under load without\ncredit loss, at the cost of disabling sticky optimizations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43296",
"url": "https://www.suse.com/security/cve/CVE-2026-43296"
},
{
"category": "external",
"summary": "SUSE Bug 1264805 for CVE-2026-43296",
"url": "https://bugzilla.suse.com/1264805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43296"
},
{
"cve": "CVE-2026-43325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t send a 6E related command when not supported\n\nMCC_ALLOWED_AP_TYPE_CMD is related to 6E support. Do not send it if the\ndevice doesn\u0027t support 6E.\nApparently, the firmware is mistakenly advertising support for this\ncommand even on AX201 which does not support 6E and then the firmware\ncrashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43325",
"url": "https://www.suse.com/security/cve/CVE-2026-43325"
},
{
"category": "external",
"summary": "SUSE Bug 1265110 for CVE-2026-43325",
"url": "https://bugzilla.suse.com/1265110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43325"
},
{
"cve": "CVE-2026-43333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: reject direct access to nullable PTR_TO_BUF pointers\n\ncheck_mem_access() matches PTR_TO_BUF via base_type() which strips\nPTR_MAYBE_NULL, allowing direct dereference without a null check.\n\nMap iterator ctx-\u003ekey and ctx-\u003evalue are PTR_TO_BUF | PTR_MAYBE_NULL.\nOn stop callbacks these are NULL, causing a kernel NULL dereference.\n\nAdd a type_may_be_null() guard to the PTR_TO_BUF branch, matching the\nexisting PTR_TO_BTF_ID pattern.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43333",
"url": "https://www.suse.com/security/cve/CVE-2026-43333"
},
{
"category": "external",
"summary": "SUSE Bug 1264726 for CVE-2026-43333",
"url": "https://bugzilla.suse.com/1264726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43333"
},
{
"cve": "CVE-2026-43338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43338"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reserve enough transaction items for qgroup ioctls\n\nCurrently our qgroup ioctls don\u0027t reserve any space, they just do a\ntransaction join, which does not reserve any space, neither for the quota\ntree updates nor for the delayed refs generated when updating the quota\ntree. The quota root uses the global block reserve, which is fine most of\nthe time since we don\u0027t expect a lot of updates to the quota root, or to\nbe too close to -ENOSPC such that other critical metadata updates need to\nresort to the global reserve.\n\nHowever this is not optimal, as not reserving proper space may result in a\ntransaction abort due to not reserving space for delayed refs and then\nabusing the use of the global block reserve.\n\nFor example, the following reproducer (which is unlikely to model any\nreal world use case, but just to illustrate the problem), triggers such a\ntransaction abort due to -ENOSPC when running delayed refs:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/nullb0\n MNT=/mnt/nullb0\n\n umount $DEV \u0026\u003e /dev/null\n # Limit device to 1G so that it\u0027s much faster to reproduce the issue.\n mkfs.btrfs -f -b 1G $DEV\n mount -o commit=600 $DEV $MNT\n\n fallocate -l 800M $MNT/filler\n btrfs quota enable $MNT\n\n for ((i = 1; i \u003c= 400000; i++)); do\n btrfs qgroup create 1/$i $MNT\n done\n\n umount $MNT\n\nWhen running this, we can see in dmesg/syslog that a transaction abort\nhappened:\n\n [436.490] BTRFS error (device nullb0): failed to run delayed ref for logical 30408704 num_bytes 16384 type 176 action 1 ref_mod 1: -28\n [436.493] ------------[ cut here ]------------\n [436.494] BTRFS: Transaction aborted (error -28)\n [436.495] WARNING: fs/btrfs/extent-tree.c:2247 at btrfs_run_delayed_refs+0xd9/0x110 [btrfs], CPU#4: umount/2495372\n [436.497] Modules linked in: btrfs loop (...)\n [436.508] CPU: 4 UID: 0 PID: 2495372 Comm: umount Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [436.510] Tainted: [W]=WARN\n [436.511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [436.513] RIP: 0010:btrfs_run_delayed_refs+0xdf/0x110 [btrfs]\n [436.514] Code: 0f 82 ea (...)\n [436.518] RSP: 0018:ffffd511850b7d78 EFLAGS: 00010292\n [436.519] RAX: 00000000ffffffe4 RBX: ffff8f120dad37e0 RCX: 0000000002040001\n [436.520] RDX: 0000000000000002 RSI: 00000000ffffffe4 RDI: ffffffffc090fd80\n [436.522] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffffc04d1867\n [436.523] R10: ffff8f18dc1fffa8 R11: 0000000000000003 R12: ffff8f173aa89400\n [436.524] R13: 0000000000000000 R14: ffff8f173aa89400 R15: 0000000000000000\n [436.526] FS: 00007fe59045d840(0000) GS:ffff8f192e22e000(0000) knlGS:0000000000000000\n [436.527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [436.528] CR2: 00007fe5905ff2b0 CR3: 000000060710a002 CR4: 0000000000370ef0\n [436.530] Call Trace:\n [436.530] \u003cTASK\u003e\n [436.530] btrfs_commit_transaction+0x73/0xc00 [btrfs]\n [436.531] ? btrfs_attach_transaction_barrier+0x1e/0x70 [btrfs]\n [436.532] sync_filesystem+0x7a/0x90\n [436.533] generic_shutdown_super+0x28/0x180\n [436.533] kill_anon_super+0x12/0x40\n [436.534] btrfs_kill_super+0x12/0x20 [btrfs]\n [436.534] deactivate_locked_super+0x2f/0xb0\n [436.534] cleanup_mnt+0xea/0x180\n [436.535] task_work_run+0x58/0xa0\n [436.535] exit_to_user_mode_loop+0xed/0x480\n [436.536] ? __x64_sys_umount+0x68/0x80\n [436.536] do_syscall_64+0x2a5/0xf20\n [436.537] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [436.537] RIP: 0033:0x7fe5906b6217\n [436.538] Code: 0d 00 f7 (...)\n [436.540] RSP: 002b:00007ffcd87a61f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n [436.541] RAX: 0000000000000000 RBX: 00005618b9ecadc8 RCX: 00007fe5906b6217\n [436.541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005618b9ecb100\n [436.542] RBP: 0000000000000000 R08: 00007ffcd87a4fe0 R09: 00000000ffffffff\n [436.544] R10: 0000000000000103 R11: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43338",
"url": "https://www.suse.com/security/cve/CVE-2026-43338"
},
{
"category": "external",
"summary": "SUSE Bug 1264716 for CVE-2026-43338",
"url": "https://bugzilla.suse.com/1264716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43338"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43341"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: ioam6: prevent schema length wraparound in trace fill\n\nioam6_fill_trace_data() stores the schema contribution to the trace\nlength in a u8. With bit 22 enabled and the largest schema payload,\nsclen becomes 1 + 1020 / 4, wraps from 256 to 0, and bypasses the\nremaining-space check. __ioam6_fill_trace_data() then positions the\nwrite cursor without reserving the schema area but still copies the\n4-byte schema header and the full schema payload, overrunning the trace\nbuffer.\n\nKeep sclen in an unsigned int so the remaining-space check and the write\ncursor calculation both see the full schema length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43341",
"url": "https://www.suse.com/security/cve/CVE-2026-43341"
},
{
"category": "external",
"summary": "SUSE Bug 1265044 for CVE-2026-43341",
"url": "https://bugzilla.suse.com/1265044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43341"
},
{
"cve": "CVE-2026-43345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix event ring index not programmed for IPA v5.0+\n\nFor IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to\nCH_C_CNTXT_1. The v5.0 register definition intended to define this\nfield in the CH_C_CNTXT_1 fmask array but used the old identifier of\nERINDEX instead of CH_ERINDEX.\n\nWithout a valid event ring, GSI channels could never signal transfer\ncompletions. This caused gsi_channel_trans_quiesce() to block\nforever in wait_for_completion().\n\nAt least for IPA v5.2 this resolves an issue seen where runtime\nsuspend, system suspend, and remoteproc stop all hanged forever. It\nalso meant the IPA data path was completely non functional.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43345",
"url": "https://www.suse.com/security/cve/CVE-2026-43345"
},
{
"category": "external",
"summary": "SUSE Bug 1265103 for CVE-2026-43345",
"url": "https://bugzilla.suse.com/1265103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43345"
},
{
"cve": "CVE-2026-43359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort on set received ioctl due to item overflow\n\nIf the set received ioctl fails due to an item overflow when attempting to\nadd the BTRFS_UUID_KEY_RECEIVED_SUBVOL we have to abort the transaction\nsince we did some metadata updates before.\n\nThis means that if a user calls this ioctl with the same received UUID\nfield for a lot of subvolumes, we will hit the overflow, trigger the\ntransaction abort and turn the filesystem into RO mode. A malicious user\ncould exploit this, and this ioctl does not even requires that a user\nhas admin privileges (CAP_SYS_ADMIN), only that he/she owns the subvolume.\n\nFix this by doing an early check for item overflow before starting a\ntransaction. This is also race safe because we are holding the subvol_sem\nsemaphore in exclusive (write) mode.\n\nA test case for fstests will follow soon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43359",
"url": "https://www.suse.com/security/cve/CVE-2026-43359"
},
{
"category": "external",
"summary": "SUSE Bug 1264719 for CVE-2026-43359",
"url": "https://bugzilla.suse.com/1264719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43359"
},
{
"cve": "CVE-2026-43360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort on file creation due to name hash collision\n\nIf we attempt to create several files with names that result in the same\nhash, we have to pack them in same dir item and that has a limit inherent\nto the leaf size. However if we reach that limit, we trigger a transaction\nabort and turns the filesystem into RO mode. This allows for a malicious\nuser to disrupt a system, without the need to have administration\nprivileges/capabilities.\n\nReproducer:\n\n $ cat exploit-hash-collisions.sh\n #!/bin/bash\n\n DEV=/dev/sdi\n MNT=/mnt/sdi\n\n # Use smallest node size to make the test faster and require fewer file\n # names that result in hash collision.\n mkfs.btrfs -f --nodesize 4K $DEV\n mount $DEV $MNT\n\n # List of names that result in the same crc32c hash for btrfs.\n declare -a names=(\n \u0027foobar\u0027\n \u0027%a8tYkxfGMLWRGr55QSeQc4PBNH9PCLIvR6jZnkDtUUru1t@RouaUe_L:@xGkbO3nCwvLNYeK9vhE628gss:T$yZjZ5l-Nbd6CbC$M=hqE-ujhJICXyIxBvYrIU9-TDC\u0027\n \u0027AQci3EUB%shMsg-N%frgU:02ByLs=IPJU0OpgiWit5nexSyxZDncY6WB:=zKZuk5Zy0DD$Ua78%MelgBuMqaHGyKsJUFf9s=UW80PcJmKctb46KveLSiUtNmqrMiL9-Y0I_l5Fnam04CGIg=8@U:Z\u0027\n \u0027CvVqJpJzueKcuA$wqwePfyu7VxuWNN3ho$p0zi2H8QFYK$7YlEqOhhb%:hHgjhIjW5vnqWHKNP4\u0027\n \u0027ET:vk@rFU4tsvMB0$C_p=xQHaYZjvoF%-BTc%wkFW8yaDAPcCYoR%x$FH5O:\u0027\n \u0027HwTon%v7SGSP4FE08jBwwiu5aot2CFKXHTeEAa@38fUcNGOWvE@Mz6WBeDH_VooaZ6AgsXPkVGwy9l@@ZbNXabUU9csiWrrOp0MWUdfi$EZ3w9GkIqtz7I_eOsByOkBOO\u0027\n \u0027Ij%2VlFGXSuPvxJGf5UWy6O@1svxGha%b@=%wjkq:CIgE6u7eJOjmQY5qTtxE2Rjbis9@us\u0027\n \u0027KBkjG5%9R8K9sOG8UTnAYjxLNAvBmvV5vz3IiZaPmKuLYO03-6asI9lJ_j4@6Xo$KZicaLWJ3Pv8XEwVeUPMwbHYWwbx0pYvNlGMO9F:ZhHAwyctnGy%_eujl%WPd4U2BI7qooOSr85J-C2V$LfY\u0027\n \u0027NcRfDfuUQ2=zP8K3CCF5dFcpfiOm6mwenShsAb_F%n6GAGC7fT2JFFn:c35X-3aYwoq7jNX5$ZJ6hI3wnZs$7KgGi7wjulffhHNUxAT0fRRLF39vJ@NvaEMxsMO\u0027\n \u0027Oj42AQAEzRoTxa5OuSKIr=A_lwGMy132v4g3Pdq1GvUG9874YseIFQ6QU\u0027\n \u0027Ono7avN5GjC:_6dBJ_\u0027\n \u0027WHmN2gnmaN-9dVDy4aWo:yNGFzz8qsJyJhWEWcud7$QzN2D9R0efIWWEdu5kwWr73NZm4=@CoCDxrrZnRITr-kGtU_cfW2:%2_am\u0027\n \u0027WiFnuTEhAG9FEC6zopQmj-A-$LDQ0T3WULz%ox3UZAPybSV6v1Z$b4L_XBi4M4BMBtJZpz93r9xafpB77r:lbwvitWRyo$odnAUYlYMmU4RvgnNd--e=I5hiEjGLETTtaScWlQp8mYsBovZwM2k\u0027\n \u0027XKyH=OsOAF3p%uziGF_ZVr$ivrvhVgD@1u%5RtrV-gl_vqAwHkK@x7YwlxX3qT6WKKQ%PR56NrUBU2dOAOAdzr2=5nJuKPM-T-$ZpQfCL7phxQbUcb:BZOTPaFExc-qK-gDRCDW2\u0027\n \u0027d3uUR6OFEwZr%ns1XH_@tbxA@cCPmbBRLdyh7p6V45H$P2$F%w0RqrD3M0g8aGvWpoTFMiBdOTJXjD:JF7=h9a_43xBywYAP%r$SPZi%zDg%ql-KvkdUCtF9OLaQlxmd\u0027\n \u0027ePTpbnit%hyNm@WELlpKzNZYOzOTf8EQ$sEfkMy1VOfIUu3coyvIr13-Y7Sv5v-Ivax2Go_GQRFMU1b3362nktT9WOJf3SpT%z8sZmM3gvYQBDgmKI%%RM-G7hyrhgYflOw%z::ZRcv5O:lDCFm\u0027\n \u0027evqk743Y@dvZAiG5J05L_ROFV@$2%rVWJ2%3nxV72-W7$e$-SK3tuSHA2mBt$qloC5jwNx33GmQUjD%akhBPu=VJ5g$xhlZiaFtTrjeeM5x7dt4cHpX0cZkmfImndYzGmvwQG:$euFYmXn$_2rA9mKZ\u0027\n \u0027gkgUtnihWXsZQTEkrMAWIxir09k3t7jk_IK25t1:cy1XWN0GGqC%FrySdcmU7M8MuPO_ppkLw3=Dfr0UuBAL4%GFk2$Ma10V1jDRGJje%Xx9EV2ERaWKtjpwiZwh0gCSJsj5UL7CR8RtW5opCVFKGGy8Cky\u0027\n \u0027hNgsG_8lNRik3PvphqPm0yEH3P%%fYG:kQLY=6O-61Wa6nrV_WVGR6TLB09vHOv%g4VQRP8Gzx7VXUY1qvZyS\u0027\n \u0027isA7JVzN12xCxVPJZ_qoLm-pTBuhjjHMvV7o=F:EaClfYNyFGlsfw-Kf%uxdqW-kwk1sPl2vhbjyHU1A6$hz\u0027\n \u0027kiJ_fgcdZFDiOptjgH5PN9-PSyLO4fbk_:u5_2tz35lV_iXiJ6cx7pwjTtKy-XGaQ5IefmpJ4N_ZqGsqCsKuqOOBgf9LkUdffHet@Wu\u0027\n \u0027lvwtxyhE9:%Q3UxeHiViUyNzJsy:fm38pg_b6s25JvdhOAT=1s0$pG25x=LZ2rlHTszj=gN6M4zHZYr_qrB49i=pA--@WqWLIuX7o1S_SfS@2FSiUZN\u0027\n \u0027rC24cw3UBDZ=5qJBUMs9e$=S4Y94ni%Z8639vnrGp=0Hv4z3dNFL0fBLmQ40=EYIY:Z=SLc@QLMSt2zsss2ZXrP7j4=\u0027\n \u0027uwGl2s-fFrf@GqS=DQqq2I0LJSsOmM%xzTjS:lzXguE3wChdMoHYtLRKPvfaPOZF2fER@j53evbKa7R%A7r4%YEkD=kicJe@SFiGtXHbKe4gCgPAYbnVn\u0027\n \u0027UG37U6KKua2bgc:IHzRs7BnB6FD:2Mt5Cc5NdlsW%$1tyvnfz7S27FvNkroXwAW:mBZLA1@qa9WnDbHCDmQmfPMC9z-Eq6QT0jhhPpqyymaD:R02ghwYo%yx7SAaaq-:x33LYpei$5g8DMl3C\u0027\n \u0027y2vjek0FE1PDJC0qpfnN:x8k2wCFZ9xiUF2ege=JnP98R%wxjKkdfEiLWvQzmnW\u0027\n \u00278-HCSgH5B%K7P8_jaVtQhBXpBk:pE-$P7ts58U0J@iR9YZntMPl7j$s62yAJO@_9eanFPS54b=UTw$94C-t=HLxT8n6o9P=QnIxq-f1=Ne2dvhe6WbjEQtc\u0027\n \u0027YPPh:IFt2mtR6XWSmjHptXL_hbSYu8bMw-JP8@PNyaFkdNFsk$M=xfL6LDKCDM-mSyGA_2MBwZ8Dr4=R1D%7-mC\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43360",
"url": "https://www.suse.com/security/cve/CVE-2026-43360"
},
{
"category": "external",
"summary": "SUSE Bug 1264720 for CVE-2026-43360",
"url": "https://bugzilla.suse.com/1264720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43360"
},
{
"cve": "CVE-2026-43361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort when snapshotting received subvolumes\n\nCurrently a user can trigger a transaction abort by snapshotting a\npreviously received snapshot a bunch of times until we reach a\nBTRFS_UUID_KEY_RECEIVED_SUBVOL item overflow (the maximum item size we\ncan store in a leaf). This is very likely not common in practice, but\nif it happens, it turns the filesystem into RO mode. The snapshot, send\nand set_received_subvol and subvol_setflags (used by receive) don\u0027t\nrequire CAP_SYS_ADMIN, just inode_owner_or_capable(). A malicious user\ncould use this to turn a filesystem into RO mode and disrupt a system.\n\nReproducer script:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/sdi\n MNT=/mnt/sdi\n\n # Use smallest node size to make the test faster.\n mkfs.btrfs -f --nodesize 4K $DEV\n mount $DEV $MNT\n\n # Create a subvolume and set it to RO so that it can be used for send.\n btrfs subvolume create $MNT/sv\n touch $MNT/sv/foo\n btrfs property set $MNT/sv ro true\n\n # Send and receive the subvolume into snaps/sv.\n mkdir $MNT/snaps\n btrfs send $MNT/sv | btrfs receive $MNT/snaps\n\n # Now snapshot the received subvolume, which has a received_uuid, a\n # lot of times to trigger the leaf overflow.\n total=500\n for ((i = 1; i \u003c= $total; i++)); do\n echo -ne \"\\rCreating snapshot $i/$total\"\n btrfs subvolume snapshot -r $MNT/snaps/sv $MNT/snaps/sv_$i \u003e /dev/null\n done\n echo\n\n umount $MNT\n\nWhen running the test:\n\n $ ./test.sh\n (...)\n Create subvolume \u0027/mnt/sdi/sv\u0027\n At subvol /mnt/sdi/sv\n At subvol sv\n Creating snapshot 496/500ERROR: Could not create subvolume: Value too large for defined data type\n Creating snapshot 497/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 498/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 499/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 500/500ERROR: Could not create subvolume: Read-only file system\n\nAnd in dmesg/syslog:\n\n $ dmesg\n (...)\n [251067.627338] BTRFS warning (device sdi): insert uuid item failed -75 (0x4628b21c4ac8d898, 0x2598bee2b1515c91) type 252!\n [251067.629212] ------------[ cut here ]------------\n [251067.630033] BTRFS: Transaction aborted (error -75)\n [251067.630871] WARNING: fs/btrfs/transaction.c:1907 at create_pending_snapshot.cold+0x52/0x465 [btrfs], CPU#10: btrfs/615235\n [251067.632851] Modules linked in: btrfs dm_zero (...)\n [251067.644071] CPU: 10 UID: 0 PID: 615235 Comm: btrfs Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [251067.646165] Tainted: [W]=WARN\n [251067.646733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [251067.648735] RIP: 0010:create_pending_snapshot.cold+0x55/0x465 [btrfs]\n [251067.649984] Code: f0 48 0f (...)\n [251067.653313] RSP: 0018:ffffce644908fae8 EFLAGS: 00010292\n [251067.653987] RAX: 00000000ffffff01 RBX: ffff8e5639e63a80 RCX: 00000000ffffffd3\n [251067.655042] RDX: ffff8e53faa76b00 RSI: 00000000ffffffb5 RDI: ffffffffc0919750\n [251067.656077] RBP: ffffce644908fbd8 R08: 0000000000000000 R09: ffffce644908f820\n [251067.657068] R10: ffff8e5adc1fffa8 R11: 0000000000000003 R12: ffff8e53c0431bd0\n [251067.658050] R13: ffff8e5414593600 R14: ffff8e55efafd000 R15: 00000000ffffffb5\n [251067.659019] FS: 00007f2a4944b3c0(0000) GS:ffff8e5b27dae000(0000) knlGS:0000000000000000\n [251067.660115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [251067.660943] CR2: 00007ffc5aa57898 CR3: 00000005813a2003 CR4: 0000000000370ef0\n [251067.661972] Call Trace:\n [251067.662292] \u003cTASK\u003e\n [251067.662653] create_pending_snapshots+0x97/0xc0 [btrfs]\n [251067.663413] btrfs_commit_transaction+0x26e/0xc00 [btrfs]\n [251067.664257] ? btrfs_qgroup_convert_reserved_meta+0x35/0x390 [btrfs]\n [251067.665238] ? _raw_spin_unlock+0x15/0x30\n [251067.665837] ? record_root_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43361",
"url": "https://www.suse.com/security/cve/CVE-2026-43361"
},
{
"category": "external",
"summary": "SUSE Bug 1264722 for CVE-2026-43361",
"url": "https://bugzilla.suse.com/1264722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43361"
},
{
"cve": "CVE-2026-43362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix in-place encryption corruption in SMB2_write()\n\nSMB2_write() places write payload in iov[1..n] as part of rq_iov.\nsmb3_init_transform_rq() pointer-shares rq_iov, so crypt_message()\nencrypts iov[1] in-place, replacing the original plaintext with\nciphertext. On a replayable error, the retry sends the same iov[1]\nwhich now contains ciphertext instead of the original data,\nresulting in corruption.\n\nThe corruption is most likely to be observed when connections are\nunstable, as reconnects trigger write retries that re-send the\nalready-encrypted data.\n\nThis affects SFU mknod, MF symlinks, etc. On kernels before\n6.10 (prior to the netfs conversion), sync writes also used\nthis path and were similarly affected. The async write path\nwasn\u0027t unaffected as it uses rq_iter which gets deep-copied.\n\nFix by moving the write payload into rq_iter via iov_iter_kvec(),\nso smb3_init_transform_rq() deep-copies it before encryption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43362",
"url": "https://www.suse.com/security/cve/CVE-2026-43362"
},
{
"category": "external",
"summary": "SUSE Bug 1264989 for CVE-2026-43362",
"url": "https://bugzilla.suse.com/1264989"
},
{
"category": "external",
"summary": "SUSE Bug 1264990 for CVE-2026-43362",
"url": "https://bugzilla.suse.com/1264990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43362"
},
{
"cve": "CVE-2026-43405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Use u32 for non-negative values in ceph_monmap_decode()\n\nThis patch fixes unnecessary implicit conversions that change signedness\nof blob_len and num_mon in ceph_monmap_decode().\nCurrently blob_len and num_mon are (signed) int variables. They are used\nto hold values that are always non-negative and get assigned in\nceph_decode_32_safe(), which is meant to assign u32 values. Both\nvariables are subsequently used as unsigned values, and the value of\nnum_mon is further assigned to monmap-\u003enum_mon, which is of type u32.\nTherefore, both variables should be of type u32. This is especially\nrelevant for num_mon. If the value read from the incoming message is\nvery large, it is interpreted as a negative value, and the check for\nnum_mon \u003e CEPH_MAX_MON does not catch it. This leads to the attempt to\nallocate a very large chunk of memory for monmap, which will most likely\nfail. In this case, an unnecessary attempt to allocate memory is\nperformed, and -ENOMEM is returned instead of -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43405",
"url": "https://www.suse.com/security/cve/CVE-2026-43405"
},
{
"category": "external",
"summary": "SUSE Bug 1264741 for CVE-2026-43405",
"url": "https://bugzilla.suse.com/1264741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43405"
},
{
"cve": "CVE-2026-43406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in process_message_header()\n\nIf the message frame is (maliciously) corrupted in a way that the\nlength of the control segment ends up being less than the size of the\nmessage header or a different frame is made to look like a message\nframe, out-of-bounds reads may ensue in process_message_header().\n\nPerform an explicit bounds check before decoding the message header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43406",
"url": "https://www.suse.com/security/cve/CVE-2026-43406"
},
{
"category": "external",
"summary": "SUSE Bug 1265073 for CVE-2026-43406",
"url": "https://bugzilla.suse.com/1265073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43406"
},
{
"cve": "CVE-2026-43407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()\n\nThis patch fixes an out-of-bounds access in ceph_handle_auth_reply()\nthat can be triggered by a message of type CEPH_MSG_AUTH_REPLY. In\nceph_handle_auth_reply(), the value of the payload_len field of such a\nmessage is stored in a variable of type int. A value greater than\nINT_MAX leads to an integer overflow and is interpreted as a negative\nvalue. This leads to decrementing the pointer address by this value and\nsubsequently accessing it because ceph_decode_need() only checks that\nthe memory access does not exceed the end address of the allocation.\n\nThis patch fixes the issue by changing the data type of payload_len to\nu32. Additionally, the data type of result_msg_len is changed to u32,\nas it is also a variable holding a non-negative length.\n\nAlso, an additional layer of sanity checks is introduced, ensuring that\ndirectly after reading it from the message, payload_len and\nresult_msg_len are not greater than the overall segment length.\n\nBUG: KASAN: slab-out-of-bounds in ceph_handle_auth_reply+0x642/0x7a0 [libceph]\nRead of size 4 at addr ffff88811404df14 by task kworker/20:1/262\n\nCPU: 20 UID: 0 PID: 262 Comm: kworker/20:1 Not tainted 6.19.2 #5 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nWorkqueue: ceph-msgr ceph_con_workfn [libceph]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x76/0xa0\n print_report+0xd1/0x620\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? kasan_complete_mode_report_info+0x72/0x210\n kasan_report+0xe7/0x130\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n __asan_report_load_n_noabort+0xf/0x20\n ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n mon_dispatch+0x973/0x23d0 [libceph]\n ? apparmor_socket_recvmsg+0x6b/0xa0\n ? __pfx_mon_dispatch+0x10/0x10 [libceph]\n ? __kasan_check_write+0x14/0x30i\n ? mutex_unlock+0x7f/0xd0\n ? __pfx_mutex_unlock+0x10/0x10\n ? __pfx_do_recvmsg+0x10/0x10 [libceph]\n ceph_con_process_message+0x1f1/0x650 [libceph]\n process_message+0x1e/0x450 [libceph]\n ceph_con_v2_try_read+0x2e48/0x6c80 [libceph]\n ? __pfx_ceph_con_v2_try_read+0x10/0x10 [libceph]\n ? save_fpregs_to_fpstate+0xb0/0x230\n ? raw_spin_rq_unlock+0x17/0xa0\n ? finish_task_switch.isra.0+0x13b/0x760\n ? __switch_to+0x385/0xda0\n ? __kasan_check_write+0x14/0x30\n ? mutex_lock+0x8d/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n ceph_con_workfn+0x248/0x10c0 [libceph]\n process_one_work+0x629/0xf80\n ? __kasan_check_write+0x14/0x30\n worker_thread+0x87f/0x1570\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? __pfx_try_to_wake_up+0x10/0x10\n ? kasan_print_address_stack_frame+0x1f7/0x280\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x396/0x830\n ? __pfx__raw_spin_lock_irq+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ? __kasan_check_write+0x14/0x30\n ? recalc_sigpending+0x180/0x210\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x3f7/0x610\n ? __pfx_ret_from_fork+0x10/0x10\n ? __switch_to+0x385/0xda0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n[ idryomov: replace if statements with ceph_decode_need() for\n payload_len and result_msg_len ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43407",
"url": "https://www.suse.com/security/cve/CVE-2026-43407"
},
{
"category": "external",
"summary": "SUSE Bug 1265020 for CVE-2026-43407",
"url": "https://bugzilla.suse.com/1265020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43407"
},
{
"cve": "CVE-2026-43411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix divide-by-zero in tipc_sk_filter_connect()\n\nA user can set conn_timeout to any value via\nsetsockopt(TIPC_CONN_TIMEOUT), including values less than 4. When a\nSYN is rejected with TIPC_ERR_OVERLOAD and the retry path in\ntipc_sk_filter_connect() executes:\n\n delay %= (tsk-\u003econn_timeout / 4);\n\nIf conn_timeout is in the range [0, 3], the integer division yields 0,\nand the modulo operation triggers a divide-by-zero exception, causing a\nkernel oops/panic.\n\nFix this by clamping conn_timeout to a minimum of 4 at the point of use\nin tipc_sk_filter_connect().\n\nOops: divide error: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 119 Comm: poc-F144 Not tainted 7.0.0-rc2+\nRIP: 0010:tipc_sk_filter_rcv (net/tipc/socket.c:2236 net/tipc/socket.c:2362)\nCall Trace:\n tipc_sk_backlog_rcv (include/linux/instrumented.h:82 include/linux/atomic/atomic-instrumented.h:32 include/net/sock.h:2357 net/tipc/socket.c:2406)\n __release_sock (include/net/sock.h:1185 net/core/sock.c:3213)\n release_sock (net/core/sock.c:3797)\n tipc_connect (net/tipc/socket.c:2570)\n __sys_connect (include/linux/file.h:62 include/linux/file.h:83 net/socket.c:2098)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43411",
"url": "https://www.suse.com/security/cve/CVE-2026-43411"
},
{
"category": "external",
"summary": "SUSE Bug 1264672 for CVE-2026-43411",
"url": "https://bugzilla.suse.com/1264672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43411"
},
{
"cve": "CVE-2026-43413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix NULL pointer exception during user_scan()\n\nuser_scan() invokes updated sas_user_scan() for channel 0, and if\nsuccessful, iteratively scans remaining channels (1 to shost-\u003emax_channel)\nvia scsi_scan_host_selected() in commit 37c4e72b0651 (\"scsi: Fix\nsas_user_scan() to handle wildcard and multi-channel scans\"). However,\nhisi_sas supports only one channel, and the current value of max_channel is\n1. sas_user_scan() for channel 1 will trigger the following NULL pointer\nexception:\n\n[ 441.554662] Unable to handle kernel NULL pointer dereference at virtual address 00000000000008b0\n[ 441.554699] Mem abort info:\n[ 441.554710] ESR = 0x0000000096000004\n[ 441.554718] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 441.554723] SET = 0, FnV = 0\n[ 441.554726] EA = 0, S1PTW = 0\n[ 441.554730] FSC = 0x04: level 0 translation fault\n[ 441.554735] Data abort info:\n[ 441.554737] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 441.554742] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 441.554747] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 441.554752] user pgtable: 4k pages, 48-bit VAs, pgdp=00000828377a6000\n[ 441.554757] [00000000000008b0] pgd=0000000000000000, p4d=0000000000000000\n[ 441.554769] Internal error: Oops: 0000000096000004 [#1] SMP\n[ 441.629589] Modules linked in: arm_spe_pmu arm_smmuv3_pmu tpm_tis_spi hisi_uncore_sllc_pmu hisi_uncore_pa_pmu hisi_uncore_l3c_pmu hisi_uncore_hha_pmu hisi_uncore_ddrc_pmu hisi_uncore_cpa_pmu hns3_pmu hisi_ptt hisi_pcie_pmu tpm_tis_core spidev spi_hisi_sfc_v3xx hisi_uncore_pmu spi_dw_mmio fuse hclge hclge_common hisi_sec2 hisi_hpre hisi_zip hisi_qm hns3 hisi_sas_v3_hw sm3_ce sbsa_gwdt hnae3 hisi_sas_main uacce hisi_dma i2c_hisi dm_mirror dm_region_hash dm_log dm_mod\n[ 441.670819] CPU: 46 UID: 0 PID: 6994 Comm: bash Kdump: loaded Not tainted 7.0.0-rc2+ #84 PREEMPT\n[ 441.691327] pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[ 441.698277] pc : sas_find_dev_by_rphy+0x44/0x118\n[ 441.702896] lr : sas_find_dev_by_rphy+0x3c/0x118\n[ 441.707502] sp : ffff80009abbba40\n[ 441.710805] x29: ffff80009abbba40 x28: ffff082819a40008 x27: ffff082810c37c08\n[ 441.717930] x26: ffff082810c37c28 x25: ffff082819a40290 x24: ffff082810c37c00\n[ 441.725054] x23: 0000000000000000 x22: 0000000000000001 x21: ffff082819a40000\n[ 441.732179] x20: ffff082819a40290 x19: 0000000000000000 x18: 0000000000000020\n[ 441.739304] x17: 0000000000000000 x16: ffffb5dad6bda690 x15: 00000000ffffffff\n[ 441.746428] x14: ffff082814c3b26c x13: 00000000ffffffff x12: ffff082814c3b26a\n[ 441.753553] x11: 00000000000000c0 x10: 000000000000003a x9 : ffffb5dad5ea94f4\n[ 441.760678] x8 : 000000000000003a x7 : ffff80009abbbab0 x6 : 0000000000000030\n[ 441.767802] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n[ 441.774926] x2 : ffff08280f35a300 x1 : ffffb5dad7127180 x0 : 0000000000000000\n[ 441.782053] Call trace:\n[ 441.784488] sas_find_dev_by_rphy+0x44/0x118 (P)\n[ 441.789095] sas_target_alloc+0x24/0xb0\n[ 441.792920] scsi_alloc_target+0x290/0x330\n[ 441.797010] __scsi_scan_target+0x88/0x258\n[ 441.801096] scsi_scan_channel+0x74/0xb8\n[ 441.805008] scsi_scan_host_selected+0x170/0x188\n[ 441.809615] sas_user_scan+0xfc/0x148\n[ 441.813267] store_scan+0x10c/0x180\n[ 441.816743] dev_attr_store+0x20/0x40\n[ 441.820398] sysfs_kf_write+0x84/0xa8\n[ 441.824054] kernfs_fop_write_iter+0x130/0x1c8\n[ 441.828487] vfs_write+0x2c0/0x370\n[ 441.831880] ksys_write+0x74/0x118\n[ 441.835271] __arm64_sys_write+0x24/0x38\n[ 441.839182] invoke_syscall+0x50/0x120\n[ 441.842919] el0_svc_common.constprop.0+0xc8/0xf0\n[ 441.847611] do_el0_svc+0x24/0x38\n[ 441.850913] el0_svc+0x38/0x158\n[ 441.854043] el0t_64_sync_handler+0xa0/0xe8\n[ 441.858214] el0t_64_sync+0x1ac/0x1b0\n[ 441.861865] Code: aa1303e0 97ff70a8 34ffff80 d10a4273 (f9445a75)\n[ 441.867946] ---[ end trace 0000000000000000 ]---\n\nTherefore\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43413",
"url": "https://www.suse.com/security/cve/CVE-2026-43413"
},
{
"category": "external",
"summary": "SUSE Bug 1264671 for CVE-2026-43413",
"url": "https://bugzilla.suse.com/1264671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43413"
},
{
"cve": "CVE-2026-43414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Completely fix fcport double free\n\nIn qla24xx_els_dcmd_iocb() sp-\u003efree is set to qla2x00_els_dcmd_sp_free().\nWhen an error happens, this function is called by qla2x00_sp_release(),\nwhen kref_put() releases the first and the last reference.\n\nqla2x00_els_dcmd_sp_free() frees fcport by calling qla2x00_free_fcport().\nDoing it one more time after kref_put() is a bad idea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43414",
"url": "https://www.suse.com/security/cve/CVE-2026-43414"
},
{
"category": "external",
"summary": "SUSE Bug 1264669 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "external",
"summary": "SUSE Bug 1264670 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43414"
},
{
"cve": "CVE-2026-43455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmctp: route: hold key-\u003elock in mctp_flow_prepare_output()\n\nmctp_flow_prepare_output() checks key-\u003edev and may call\nmctp_dev_set_key(), but it does not hold key-\u003elock while doing so.\n\nmctp_dev_set_key() and mctp_dev_release_key() are annotated with\n__must_hold(\u0026key-\u003elock), so key-\u003edev access is intended to be\nserialized by key-\u003elock. The mctp_sendmsg() transmit path reaches\nmctp_flow_prepare_output() via mctp_local_output() -\u003e mctp_dst_output()\nwithout holding key-\u003elock, so the check-and-set sequence is racy.\n\nExample interleaving:\n\n CPU0 CPU1\n ---- ----\n mctp_flow_prepare_output(key, devA)\n if (!key-\u003edev) // sees NULL\n mctp_flow_prepare_output(\n key, devB)\n if (!key-\u003edev) // still NULL\n mctp_dev_set_key(devB, key)\n mctp_dev_hold(devB)\n key-\u003edev = devB\n mctp_dev_set_key(devA, key)\n mctp_dev_hold(devA)\n key-\u003edev = devA // overwrites devB\n\nNow both devA and devB references were acquired, but only the final\nkey-\u003edev value is tracked for release. One reference can be lost,\ncausing a resource leak as mctp_dev_release_key() would only decrease\nthe reference on one dev.\n\nFix by taking key-\u003elock around the key-\u003edev check and\nmctp_dev_set_key() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43455",
"url": "https://www.suse.com/security/cve/CVE-2026-43455"
},
{
"category": "external",
"summary": "SUSE Bug 1264765 for CVE-2026-43455",
"url": "https://bugzilla.suse.com/1264765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43455"
},
{
"cve": "CVE-2026-43469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: Decrement re_receiving on the early exit paths\n\nIn the event that rpcrdma_post_recvs() fails to create a work request\n(due to memory allocation failure, say) or otherwise exits early, we\nshould decrement ep-\u003ere_receiving before returning. Otherwise we will\nhang in rpcrdma_xprt_drain() as re_receiving will never reach zero and\nthe completion will never be triggered.\n\nOn a system with high memory pressure, this can appear as the following\nhung task:\n\n INFO: task kworker/u385:17:8393 blocked for more than 122 seconds.\n Tainted: G S E 6.19.0 #3\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u385:17 state:D stack:0 pid:8393 tgid:8393 ppid:2 task_flags:0x4248060 flags:0x00080000\n Workqueue: xprtiod xprt_autoclose [sunrpc]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x48b/0x18b0\n ? ib_post_send_mad+0x247/0xae0 [ib_core]\n schedule+0x27/0xf0\n schedule_timeout+0x104/0x110\n __wait_for_common+0x98/0x180\n ? __pfx_schedule_timeout+0x10/0x10\n wait_for_completion+0x24/0x40\n rpcrdma_xprt_disconnect+0x444/0x460 [rpcrdma]\n xprt_rdma_close+0x12/0x40 [rpcrdma]\n xprt_autoclose+0x5f/0x120 [sunrpc]\n process_one_work+0x191/0x3e0\n worker_thread+0x2e3/0x420\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x230\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x273/0x2b0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43469",
"url": "https://www.suse.com/security/cve/CVE-2026-43469"
},
{
"category": "external",
"summary": "SUSE Bug 1265143 for CVE-2026-43469",
"url": "https://bugzilla.suse.com/1265143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43469"
},
{
"cve": "CVE-2026-43470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: return EISDIR on nfs3_proc_create if d_alias is a dir\n\nIf we found an alias through nfs3_do_create/nfs_add_or_obtain\n/d_splice_alias which happens to be a dir dentry, we don\u0027t return\nany error, and simply forget about this alias, but the original\ndentry we were adding and passed as parameter remains negative.\n\nThis later causes an oops on nfs_atomic_open_v23/finish_open since we\nsupply a negative dentry to do_dentry_open.\n\nThis has been observed running lustre-racer, where dirs and files are\ncreated/removed concurrently with the same name and O_EXCL is not\nused to open files (frequent file redirection).\n\nWhile d_splice_alias typically returns a directory alias or NULL, we\nexplicitly check d_is_dir() to ensure that we don\u0027t attempt to perform\nfile operations (like finish_open) on a directory inode, which triggers\nthe observed oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43470",
"url": "https://www.suse.com/security/cve/CVE-2026-43470"
},
{
"category": "external",
"summary": "SUSE Bug 1265128 for CVE-2026-43470",
"url": "https://bugzilla.suse.com/1265128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43470"
},
{
"cve": "CVE-2026-43483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated\n\nExplicitly set/clear CR8 write interception when AVIC is (de)activated to\nfix a bug where KVM leaves the interception enabled after AVIC is\nactivated. E.g. if KVM emulates INIT=\u003eWFS while AVIC is deactivated, CR8\nwill remain intercepted in perpetuity.\n\nOn its own, the dangling CR8 intercept is \"just\" a performance issue, but\ncombined with the TPR sync bug fixed by commit d02e48830e3f (\"KVM: SVM:\nSync TPR from LAPIC into VMCB::V_TPR even if AVIC is active\"), the danging\nintercept is fatal to Windows guests as the TPR seen by hardware gets\nwildly out of sync with reality.\n\nNote, VMX isn\u0027t affected by the bug as TPR_THRESHOLD is explicitly ignored\nwhen Virtual Interrupt Delivery is enabled, i.e. when APICv is active in\nKVM\u0027s world. I.e. there\u0027s no need to trigger update_cr8_intercept(), this\nis firmly an SVM implementation flaw/detail.\n\nWARN if KVM gets a CR8 write #VMEXIT while AVIC is active, as KVM should\nnever enter the guest with AVIC enabled and CR8 writes intercepted.\n\n[Squash fix to avic_deactivate_vmcb. - Paolo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43483",
"url": "https://www.suse.com/security/cve/CVE-2026-43483"
},
{
"category": "external",
"summary": "SUSE Bug 1265240 for CVE-2026-43483",
"url": "https://bugzilla.suse.com/1265240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43483"
},
{
"cve": "CVE-2026-43491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit the maximum server registration per node\n\nCurrent code does no bound checking on the number of servers added per\nnode. A malicious client can flood NEW_SERVER messages and exhaust memory.\n\nFix this issue by limiting the maximum number of server registrations to\n256 per node. If the NEW_SERVER message is received for an old port, then\ndon\u0027t restrict it as it will get replaced. While at it, also rate limit\nthe error messages in the failure path of qrtr_ns_worker().\n\nNote that the limit of 256 is chosen based on the current platform\nrequirements. If requirement changes in the future, this limit can be\nincreased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43491",
"url": "https://www.suse.com/security/cve/CVE-2026-43491"
},
{
"category": "external",
"summary": "SUSE Bug 1265628 for CVE-2026-43491",
"url": "https://bugzilla.suse.com/1265628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43491"
},
{
"cve": "CVE-2026-43499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtmutex: Use waiter::task instead of current in remove_waiter()\n\nremove_waiter() is used by the slowlock paths, but it is also used for\nproxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from\nfutex_requeue().\n\nIn the latter case waiter::task is not current, but remove_waiter()\noperates on current for the dequeue operation. That results in several\nproblems:\n\n 1) the rbtree dequeue happens without waiter::task::pi_lock being held\n\n 2) the waiter task\u0027s pi_blocked_on state is not cleared, which leaves a\n dangling pointer primed for UAF around.\n\n 3) rt_mutex_adjust_prio_chain() operates on the wrong top priority waiter\n task\n\nUse waiter::task instead of current in all related operations in\nremove_waiter() to cure those problems.\n\n[ tglx: Fixup rt_mutex_adjust_prio_chain(), add a comment and amend the\n \tchangelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43499",
"url": "https://www.suse.com/security/cve/CVE-2026-43499"
},
{
"category": "external",
"summary": "SUSE Bug 1266001 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "external",
"summary": "SUSE Bug 1266014 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43499"
},
{
"cve": "CVE-2026-43501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43501"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: rpl: reserve mac_len headroom when recompressed SRH grows\n\nipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header, swaps\nthe next segment into ipv6_hdr-\u003edaddr, recompresses, then pulls the old\nheader and pushes the new one plus the IPv6 header back. The\nrecompressed header can be larger than the received one when the swap\nreduces the common-prefix length the segments share with daddr (CmprI=0,\nCmprE\u003e0, seg[0][0] != daddr[0] gives the maximum +8 bytes).\n\npskb_expand_head() was gated on segments_left == 0, so on earlier\nsegments the push consumed unchecked headroom. Once skb_push() leaves\nfewer than skb-\u003emac_len bytes in front of data,\nskb_mac_header_rebuild()\u0027s call to:\n\n\tskb_set_mac_header(skb, -skb-\u003emac_len);\n\nwill store (data - head) - mac_len into the u16 mac_header field, which\nwraps to ~65530, and the following memmove() writes mac_len bytes ~64KiB\npast skb-\u003ehead.\n\nA single AF_INET6/SOCK_RAW/IPV6_HDRINCL packet over lo with a two\nsegment type-3 SRH (CmprI=0, CmprE=15) reaches headroom 8 after one\npass; KASAN reports a 14-byte OOB write in ipv6_rthdr_rcv.\n\nFix this by expanding the head whenever the remaining room is less than\nthe push size plus mac_len, and request that much extra so the rebuilt\nMAC header fits afterwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43501",
"url": "https://www.suse.com/security/cve/CVE-2026-43501"
},
{
"category": "external",
"summary": "SUSE Bug 1266009 for CVE-2026-43501",
"url": "https://bugzilla.suse.com/1266009"
},
{
"category": "external",
"summary": "SUSE Bug 1266015 for CVE-2026-43501",
"url": "https://bugzilla.suse.com/1266015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43501"
},
{
"cve": "CVE-2026-43503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: propagate shared-frag marker through frag-transfer helpers\n\nTwo frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail\nto propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()-\u003eflags when\nmoving frags from source to destination. __pskb_copy_fclone() defers\nthe rest of the shinfo metadata to skb_copy_header() after copying\nfrag descriptors, but that helper only carries over gso_{size,segs,\ntype} and never touches skb_shinfo()-\u003eflags; skb_shift() moves frag\ndescriptors directly and leaves flags untouched. As a result, the\ndestination skb keeps a reference to the same externally-owned or\npage-cache-backed pages while reporting skb_has_shared_frag() as\nfalse.\n\nThe mismatch is harmful in any in-place writer that uses\nskb_has_shared_frag() to decide whether shared pages must be detoured\nthrough skb_cow_data(). ESP input is one such writer (esp4.c,\nesp6.c), and a single nft \u0027dup to \u003clocal\u003e\u0027 rule -- or any other\nnf_dup_ipv4() / xt_TEE caller -- is enough to land a pskb_copy()\u0027d\nskb in esp_input() with the marker stripped, letting an unprivileged\nuser write into the page cache of a root-owned read-only file via\nauthencesn-ESN stray writes.\n\nSet SKBFL_SHARED_FRAG on the destination whenever frag descriptors\nwere actually moved from the source. skb_copy() and skb_copy_expand()\nshare skb_copy_header() too but linearize all paged data into freshly\nallocated head storage and emerge with nr_frags == 0, so\nskb_has_shared_frag() returns false on its own; they need no change.\n\nThe same omission exists in skb_gro_receive() and skb_gro_receive_list().\nThe former moves the incoming skb\u0027s frag descriptors into the\naccumulator\u0027s last sub-skb via two paths (a direct frag-move loop and\nthe head_frag + memcpy path); the latter chains the incoming skb whole\nonto p\u0027s frag_list. Downstream skb_segment() reads only\nskb_shinfo(p)-\u003eflags, and skb_segment_list() reuses each sub-skb\u0027s\nshinfo as the nskb -- both p and lp must carry the marker.\n\nThe same omission also exists in tcp_clone_payload(), which builds an\nMTU probe skb by moving frag descriptors from skbs on sk_write_queue\ninto a freshly allocated nskb. The helper falls into the same family\nand warrants the same fix for consistency; no TCP TX-side in-place\nwriter is currently known to reach a user page through this gap, but\na future consumer depending on the marker would regress silently.\n\nThe same omission exists in skb_segment(): the per-iteration flag\nmerge takes only head_skb\u0027s flag, and the inner switch that rebinds\nfrag_skb to list_skb on head_skb-frags exhaustion does not fold the\nnew frag_skb\u0027s flag into nskb. Fold frag_skb\u0027s flag at both sites\nso segments drawing frags from frag_list members carry the marker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43503",
"url": "https://www.suse.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "SUSE Bug 1265209 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265209"
},
{
"category": "external",
"summary": "SUSE Bug 1265960 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "external",
"summary": "SUSE Bug 1266229 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1266229"
},
{
"category": "external",
"summary": "SUSE Bug 1269878 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1269878"
},
{
"category": "external",
"summary": "SUSE Bug 1270098 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1270098"
},
{
"category": "external",
"summary": "SUSE Bug 1270100 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1270100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43503"
},
{
"cve": "CVE-2026-45840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: cap upcall PID array size and pre-size vport replies\n\nThe vport netlink reply helpers allocate a fixed-size skb with\nnlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\narray via ovs_vport_get_upcall_portids(). Since\novs_vport_set_upcall_portids() accepts any non-zero multiple of\nsizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\narray large enough to overflow the reply buffer, causing nla_put() to\nfail with -EMSGSIZE and hitting BUG_ON(err \u003c 0). On systems with\nunprivileged user namespaces enabled (e.g., Ubuntu default), this is\nreachable via unshare -Urn since OVS vport mutation operations use\nGENL_UNS_ADMIN_PERM.\n\n kernel BUG at net/openvswitch/datapath.c:2414!\n Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n genl_rcv_msg (net/netlink/genetlink.c:1194)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sys_sendto (net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nReject attempts to set more PIDs than nr_cpu_ids in\novs_vport_set_upcall_portids(), and pre-compute the worst-case reply\nsize in ovs_vport_cmd_msg_size() based on that bound, similar to the\nexisting ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\nused by the per-CPU dispatch configuration on the datapath side\n(ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\ntwo sides stay consistent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45840",
"url": "https://www.suse.com/security/cve/CVE-2026-45840"
},
{
"category": "external",
"summary": "SUSE Bug 1266397 for CVE-2026-45840",
"url": "https://bugzilla.suse.com/1266397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45840"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: reject VJ receive packets on instances with no rstate array\n\nslhc_init() accepts rslots == 0 as a valid configuration, with the\ndocumented meaning of \u0027no receive compression\u0027. In that case the\nallocation loop in slhc_init() is skipped, so comp-\u003erstate stays\nNULL and comp-\u003erslot_limit stays 0 (from the kzalloc of struct\nslcompress).\n\nThe receive helpers do not defend against that configuration.\nslhc_uncompress() dereferences comp-\u003erstate[x] when the VJ header\ncarries an explicit connection ID, and slhc_remember() later assigns\ncs = \u0026comp-\u003erstate[...] after only comparing the packet\u0027s slot number\nto comp-\u003erslot_limit. Because rslot_limit is 0, slot 0 passes the\nrange check, and the code dereferences a NULL rstate.\n\nThe configuration is reachable in-tree through PPP. PPPIOCSMAXCID\nstores its argument in a signed int, and (val \u003e\u003e 16) uses arithmetic\nshift. Passing 0xffff0000 therefore sign-extends to -1, so val2 + 1\nis 0 and ppp_generic.c ends up calling slhc_init(0, 1). Because\n/dev/ppp open is gated by ns_capable(CAP_NET_ADMIN), the whole path\nis reachable from an unprivileged user namespace. Once the malformed\nVJ state is installed, any inbound VJ-compressed or VJ-uncompressed\nframe that selects slot 0 crashes the kernel in softirq context:\n\n Oops: general protection fault, probably for non-canonical\n address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:slhc_uncompress (drivers/net/slip/slhc.c:519)\n Call Trace:\n \u003cTASK\u003e\n ppp_receive_nonmp_frame (drivers/net/ppp/ppp_generic.c:2466)\n ppp_input (drivers/net/ppp/ppp_generic.c:2359)\n ppp_async_process (drivers/net/ppp/ppp_async.c:492)\n tasklet_action_common (kernel/softirq.c:926)\n handle_softirqs (kernel/softirq.c:623)\n run_ksoftirqd (kernel/softirq.c:1055)\n smpboot_thread_fn (kernel/smpboot.c:160)\n kthread (kernel/kthread.c:436)\n ret_from_fork (arch/x86/kernel/process.c:164)\n \u003c/TASK\u003e\n\nReject the receive side on such instances instead of touching rstate.\nslhc_uncompress() falls through to its existing \u0027bad\u0027 label, which\nbumps sls_i_error and enters the toss state. slhc_remember() mirrors\nthat with an explicit sls_i_error increment followed by slhc_toss();\nthe sls_i_runt counter is not used here because a missing rstate is\nan internal configuration state, not a runt packet.\n\nThe transmit path is unaffected: the only in-tree caller that picks\nrslots from userspace (ppp_generic.c) still supplies tslots \u003e= 1, and\nslip.c always calls slhc_init(16, 16), so comp-\u003etstate remains valid\nand slhc_compress() continues to work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45842",
"url": "https://www.suse.com/security/cve/CVE-2026-45842"
},
{
"category": "external",
"summary": "SUSE Bug 1266400 for CVE-2026-45842",
"url": "https://bugzilla.suse.com/1266400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45842"
},
{
"cve": "CVE-2026-45843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: bound decode() reads against the compressed packet length\n\nslhc_uncompress() parses a VJ-compressed TCP header by advancing a\npointer through the packet via decode() and pull16(). Neither helper\nbounds-checks against isize, and decode() masks its return with\n\u0026 0xffff so it can never return the -1 that callers test for -- those\nerror paths are dead code.\n\nA short compressed frame whose change byte requests optional fields\nlets decode() read past the end of the packet. The over-read bytes\nare folded into the cached cstate and reflected into subsequent\nreconstructed packets.\n\nMake decode() and pull16() take the packet end pointer and return -1\nwhen exhausted. Add a bounds check before the TCP-checksum read.\nThe existing == -1 tests now do what they were always meant to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45843",
"url": "https://www.suse.com/security/cve/CVE-2026-45843"
},
{
"category": "external",
"summary": "SUSE Bug 1266395 for CVE-2026-45843",
"url": "https://bugzilla.suse.com/1266395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45843"
},
{
"cve": "CVE-2026-45846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst()\n\nbareudp_fill_metadata_dst() passes bareudp-\u003esock to\nudp_tunnel6_dst_lookup() in the IPv6 path without a NULL check.\nThe socket is only created in bareudp_open() and NULLed in\nbareudp_stop(), so calling this function while the device is down\ntriggers a NULL dereference via sock-\u003esk.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n RIP: 0010:udp_tunnel6_dst_lookup (net/ipv6/ip6_udp_tunnel.c:160)\n Call Trace:\n \u003cTASK\u003e\n bareudp_fill_metadata_dst (drivers/net/bareudp.c:532)\n do_execute_actions (net/openvswitch/actions.c:901)\n ovs_execute_actions (net/openvswitch/actions.c:1589)\n ovs_packet_cmd_execute (net/openvswitch/datapath.c:700)\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1114)\n genl_rcv_msg (net/netlink/genetlink.c:1209)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n \u003c/TASK\u003e\n\nAdd a NULL check returning -ESHUTDOWN, consistent with the xmit paths\nin the same driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45846",
"url": "https://www.suse.com/security/cve/CVE-2026-45846"
},
{
"category": "external",
"summary": "SUSE Bug 1266394 for CVE-2026-45846",
"url": "https://bugzilla.suse.com/1266394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45846"
},
{
"cve": "CVE-2026-45852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix double free in rxe_srq_from_init\n\nIn rxe_srq_from_init(), the queue pointer \u0027q\u0027 is assigned to\n\u0027srq-\u003erq.queue\u0027 before copying the SRQ number to user space.\nIf copy_to_user() fails, the function calls rxe_queue_cleanup()\nto free the queue, but leaves the now-invalid pointer in\n\u0027srq-\u003erq.queue\u0027.\n\nThe caller of rxe_srq_from_init() (rxe_create_srq) eventually\ncalls rxe_srq_cleanup() upon receiving the error, which triggers\na second rxe_queue_cleanup() on the same memory, leading to a\ndouble free.\n\nThe call trace looks like this:\n kmem_cache_free+0x.../0x...\n rxe_queue_cleanup+0x1a/0x30 [rdma_rxe]\n rxe_srq_cleanup+0x42/0x60 [rdma_rxe]\n rxe_elem_release+0x31/0x70 [rdma_rxe]\n rxe_create_srq+0x12b/0x1a0 [rdma_rxe]\n ib_create_srq_user+0x9a/0x150 [ib_core]\n\nFix this by moving \u0027srq-\u003erq.queue = q\u0027 after copy_to_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45852",
"url": "https://www.suse.com/security/cve/CVE-2026-45852"
},
{
"category": "external",
"summary": "SUSE Bug 1266711 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "external",
"summary": "SUSE Bug 1266727 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45852"
},
{
"cve": "CVE-2026-45856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send\n\nib_uverbs_post_send() uses cmd.wqe_size from userspace without any\nvalidation before passing it to kmalloc() and using the allocated\nbuffer as struct ib_uverbs_send_wr.\n\nIf a user provides a small wqe_size value (e.g., 1), kmalloc() will\nsucceed, but subsequent accesses to user_wr-\u003eopcode, user_wr-\u003enum_sge,\nand other fields will read beyond the allocated buffer, resulting in\nan out-of-bounds read from kernel heap memory. This could potentially\nleak sensitive kernel information to userspace.\n\nAdditionally, providing an excessively large wqe_size can trigger a\nWARNING in the memory allocation path, as reported by syzkaller.\n\nThis is inconsistent with ib_uverbs_unmarshall_recv() which properly\nvalidates that wqe_size \u003e= sizeof(struct ib_uverbs_recv_wr) before\nproceeding.\n\nAdd the same validation for ib_uverbs_post_send() to ensure wqe_size\nis at least sizeof(struct ib_uverbs_send_wr).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45856",
"url": "https://www.suse.com/security/cve/CVE-2026-45856"
},
{
"category": "external",
"summary": "SUSE Bug 1266720 for CVE-2026-45856",
"url": "https://bugzilla.suse.com/1266720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45856"
},
{
"cve": "CVE-2026-45862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Flush cache for PASID table before using it\n\nWhen writing the address of a freshly allocated zero-initialized PASID\ntable to a PASID directory entry, do that after the CPU cache flush for\nthis PASID table, not before it, to avoid the time window when this\nPASID table may be already used by non-coherent IOMMU hardware while\nits contents in RAM is still some random old data, not zero-initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45862",
"url": "https://www.suse.com/security/cve/CVE-2026-45862"
},
{
"category": "external",
"summary": "SUSE Bug 1266705 for CVE-2026-45862",
"url": "https://bugzilla.suse.com/1266705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45862"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix watch_id bounds checking in debug address watch v2\n\nThe address watch clear code receives watch_id as an unsigned value\n(u32), but some helper functions were using a signed int and checked\nbits by shifting with watch_id.\n\nIf a very large watch_id is passed from userspace, it can be converted\nto a negative value. This can cause invalid shifts and may access\nmemory outside the watch_points array.\n\ndrm/amdkfd: Fix watch_id bounds checking in debug address watch v2\n\nFix this by checking that watch_id is within MAX_WATCH_ADDRESSES before\nusing it. Also use BIT(watch_id) to test and clear bits safely.\n\nThis keeps the behavior unchanged for valid watch IDs and avoids\nundefined behavior for invalid ones.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_debug.c:448\nkfd_dbg_trap_clear_dev_address_watch() error: buffer overflow\n\u0027pdd-\u003ewatch_points\u0027 4 \u003c= u32max user_rl=\u00270-3,2147483648-u32max\u0027 uncapped\n\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_debug.c\n 433 int kfd_dbg_trap_clear_dev_address_watch(struct kfd_process_device *pdd,\n 434 uint32_t watch_id)\n 435 {\n 436 int r;\n 437\n 438 if (!kfd_dbg_owns_dev_watch_id(pdd, watch_id))\n\nkfd_dbg_owns_dev_watch_id() doesn\u0027t check for negative values so if\nwatch_id is larger than INT_MAX it leads to a buffer overflow.\n(Negative shifts are undefined).\n\n 439 return -EINVAL;\n 440\n 441 if (!pdd-\u003edev-\u003ekfd-\u003eshared_resources.enable_mes) {\n 442 r = debug_lock_and_unmap(pdd-\u003edev-\u003edqm);\n 443 if (r)\n 444 return r;\n 445 }\n 446\n 447 amdgpu_gfx_off_ctrl(pdd-\u003edev-\u003eadev, false);\n--\u003e 448 pdd-\u003ewatch_points[watch_id] = pdd-\u003edev-\u003ekfd2kgd-\u003eclear_address_watch(\n 449 pdd-\u003edev-\u003eadev,\n 450 watch_id);\n\nv2: (as per, Jonathan Kim)\n - Add early watch_id \u003e= MAX_WATCH_ADDRESSES validation in the set path to\n match the clear path.\n - Drop the redundant bounds check in kfd_dbg_owns_dev_watch_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45878",
"url": "https://www.suse.com/security/cve/CVE-2026-45878"
},
{
"category": "external",
"summary": "SUSE Bug 1266767 for CVE-2026-45878",
"url": "https://bugzilla.suse.com/1266767"
},
{
"category": "external",
"summary": "SUSE Bug 1266768 for CVE-2026-45878",
"url": "https://bugzilla.suse.com/1266768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45878"
},
{
"cve": "CVE-2026-45886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_xdp_store_bytes proto for read-only arg\n\nWhile making some maps in Cilium read-only from the BPF side, we noticed\nthat the bpf_xdp_store_bytes proto is incorrect. In particular, the\nverifier was throwing the following error:\n\n ; ret = ctx_store_bytes(ctx, l3_off + offsetof(struct iphdr, saddr),\n \u0026nat-\u003eaddress, 4, 0);\n 635: (79) r1 = *(u64 *)(r10 -144) ; R1=ctx() R10=fp0 fp-144=ctx()\n 636: (b4) w2 = 26 ; R2=26\n 637: (b4) w4 = 4 ; R4=4\n 638: (b4) w5 = 0 ; R5=0\n 639: (85) call bpf_xdp_store_bytes#190\n write into map forbidden, value_size=6 off=0 size=4\n\nnat comes from a BPF_F_RDONLY_PROG map, so R3 is a PTR_TO_MAP_VALUE.\nThe verifier checks the helper\u0027s memory access to R3 in\ncheck_mem_size_reg, as it reaches ARG_CONST_SIZE argument. The third\nargument has expected type ARG_PTR_TO_UNINIT_MEM, which includes the\nMEM_WRITE flag. The verifier thus checks for a BPF_WRITE access on R3.\nGiven R3 points to a read-only map, the check fails.\n\nConversely, ARG_PTR_TO_UNINIT_MEM can also lead to the helper reading\nfrom uninitialized memory.\n\nThis patch simply fixes the expected argument type to match that of\nbpf_skb_store_bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45886",
"url": "https://www.suse.com/security/cve/CVE-2026-45886"
},
{
"category": "external",
"summary": "SUSE Bug 1266810 for CVE-2026-45886",
"url": "https://bugzilla.suse.com/1266810"
},
{
"category": "external",
"summary": "SUSE Bug 1266851 for CVE-2026-45886",
"url": "https://bugzilla.suse.com/1266851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45886"
},
{
"cve": "CVE-2026-45894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clear Present bit before tearing down PASID entry\n\nThe Intel VT-d Scalable Mode PASID table entry consists of 512 bits (64\nbytes). When tearing down an entry, the current implementation zeros the\nentire 64-byte structure immediately using multiple 64-bit writes.\n\nSince the IOMMU hardware may fetch these 64 bytes using multiple\ninternal transactions (e.g., four 128-bit bursts), updating or zeroing\nthe entire entry while it is active (P=1) risks a \"torn\" read. If a\nhardware fetch occurs simultaneously with the CPU zeroing the entry, the\nhardware could observe an inconsistent state, leading to unpredictable\nbehavior or spurious faults.\n\nFollow the \"Guidance to Software for Invalidations\" in the VT-d spec\n(Section 6.5.3.3) by implementing the recommended ownership handshake:\n\n1. Clear only the \u0027Present\u0027 (P) bit of the PASID entry.\n2. Use a dma_wmb() to ensure the cleared bit is visible to hardware\n before proceeding.\n3. Execute the required invalidation sequence (PASID cache, IOTLB, and\n Device-TLB flush) to ensure the hardware has released all cached\n references.\n4. Only after the flushes are complete, zero out the remaining fields\n of the PASID entry.\n\nAlso, add a dma_wmb() in pasid_set_present() to ensure that all other\nfields of the PASID entry are visible to the hardware before the Present\nbit is set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45894",
"url": "https://www.suse.com/security/cve/CVE-2026-45894"
},
{
"category": "external",
"summary": "SUSE Bug 1266895 for CVE-2026-45894",
"url": "https://bugzilla.suse.com/1266895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45894"
},
{
"cve": "CVE-2026-45910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix race condition in QP timer handlers\n\nI encontered the following warning:\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:249 at rxe_sched_task+0x1c8/0x238 [rdma_rxe], CPU#0: swapper/0/0\n...\n libsha1 [last unloaded: ip6_udp_tunnel]\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G C 6.19.0-rc5-64k-v8+ #37 PREEMPT\n Tainted: [C]=CRAP\n Hardware name: Raspberry Pi 4 Model B Rev 1.2\n Call trace:\n rxe_sched_task+0x1c8/0x238 [rdma_rxe] (P)\n retransmit_timer+0x130/0x188 [rdma_rxe]\n call_timer_fn+0x68/0x4d0\n __run_timers+0x630/0x888\n...\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:38 at rxe_sched_task+0x1c0/0x238 [rdma_rxe], CPU#0: swapper/0/0\n...\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:111 at do_work+0x488/0x5c8 [rdma_rxe], CPU#3: kworker/u17:4/93400\n...\n refcount_t: underflow; use-after-free.\n WARNING: lib/refcount.c:28 at refcount_warn_saturate+0x138/0x1a0, CPU#3: kworker/u17:4/93400\n\nThe issue is caused by a race condition between retransmit_timer() and\nrxe_destroy_qp, leading to the Queue Pair\u0027s (QP) reference count dropping\nto zero during timer handler execution.\n\nIt seems this warning is harmless because rxe_qp_do_cleanup() will flush\nall pending timers and requests.\n\nExample of flow causing the issue:\n\nCPU0 CPU1\nretransmit_timer() {\n spin_lock_irqsave\n rxe_destroy_qp()\n __rxe_cleanup()\n __rxe_put() // qp-\u003eref_count decrease to 0\n rxe_qp_do_cleanup() {\n if (qp-\u003evalid) {\n rxe_sched_task() {\n WARN_ON(rxe_read(task-\u003eqp) \u003c= 0);\n }\n }\n spin_unlock_irqrestore\n}\n spin_lock_irqsave\n qp-\u003evalid = 0\n spin_unlock_irqrestore\n }\n\nEnsure the QP\u0027s reference count is maintained and its validity is checked\nwithin the timer callbacks by adding calls to rxe_get(qp) and corresponding\nrxe_put(qp) after use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45910",
"url": "https://www.suse.com/security/cve/CVE-2026-45910"
},
{
"category": "external",
"summary": "SUSE Bug 1266889 for CVE-2026-45910",
"url": "https://bugzilla.suse.com/1266889"
},
{
"category": "external",
"summary": "SUSE Bug 1266907 for CVE-2026-45910",
"url": "https://bugzilla.suse.com/1266907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45910"
},
{
"cve": "CVE-2026-45932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix tcx/netkit detach permissions when prog fd isn\u0027t given\n\nThis commit fixes a security issue where BPF_PROG_DETACH on tcx or\nnetkit devices could be executed by any user when no program fd was\nprovided, bypassing permission checks. The fix adds a capability\ncheck for CAP_NET_ADMIN or CAP_SYS_ADMIN in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45932",
"url": "https://www.suse.com/security/cve/CVE-2026-45932"
},
{
"category": "external",
"summary": "SUSE Bug 1266827 for CVE-2026-45932",
"url": "https://bugzilla.suse.com/1266827"
},
{
"category": "external",
"summary": "SUSE Bug 1266829 for CVE-2026-45932",
"url": "https://bugzilla.suse.com/1266829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45932"
},
{
"cve": "CVE-2026-45940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix oops when split header is enabled\n\nFor GMAC4, when split header is enabled, in some rare cases, the\nhardware does not fill buf2 of the first descriptor with payload.\nThus we cannot assume buf2 is always fully filled if it is not\nthe last descriptor. Otherwise, the length of buf2 of the second\ndescriptor will be calculated wrong and cause an oops:\n\nUnable to handle kernel paging request at virtual address ffff00019246bfc0\n...\nx2 : 0000000000000040 x1 : ffff00019246bfc0 x0 : ffff00009246c000\nCall trace:\n dcache_inval_poc+0x28/0x58 (P)\n dma_direct_sync_single_for_cpu+0x38/0x6c\n __dma_sync_single_for_cpu+0x34/0x6c\n stmmac_napi_poll_rx+0x8f0/0xb60\n __napi_poll.constprop.0+0x30/0x144\n net_rx_action+0x160/0x274\n handle_softirqs+0x1b8/0x1fc\n...\n\nTo fix this, the PL bit-field in RDES3 register is used for all\ndescriptors, whether it is the last descriptor or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45940",
"url": "https://www.suse.com/security/cve/CVE-2026-45940"
},
{
"category": "external",
"summary": "SUSE Bug 1266916 for CVE-2026-45940",
"url": "https://bugzilla.suse.com/1266916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45940"
},
{
"cve": "CVE-2026-45961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix memory leaks in gfs2_fill_super error path\n\nFix two memory leaks in the gfs2_fill_super() error handling path when\ntransitioning a filesystem to read-write mode fails.\n\nFirst leak: kthread objects (thread_struct, task_struct, etc.)\nWhen gfs2_freeze_lock_shared() fails after init_threads() succeeds, the\ncreated kernel threads (logd and quotad) are never destroyed. This\noccurs because the fail_per_node label doesn\u0027t call\ngfs2_destroy_threads().\n\nSecond leak: quota bitmap buffer (8192 bytes)\nWhen gfs2_make_fs_rw() fails after gfs2_quota_init() succeeds but\nbefore other operations complete, the allocated quota bitmap is never\nfreed.\n\nThe fix moves thread cleanup to the fail_per_node label to handle all\nerror paths uniformly. gfs2_destroy_threads() is safe to call\nunconditionally as it checks for NULL pointers. Quota cleanup is added\nin gfs2_make_fs_rw() to properly handle the withdrawal case where\nquota initialization succeeds but the filesystem is then withdrawn.\n\nThread leak backtrace (gfs2_freeze_lock_shared failure):\n unreferenced object 0xffff88801d7bca80 (size 4480):\n copy_process+0x3a1/0x4670 kernel/fork.c:2422\n kernel_clone+0xf3/0x6e0 kernel/fork.c:2779\n kthread_create_on_node+0x100/0x150 kernel/kthread.c:478\n init_threads+0xab/0x350 fs/gfs2/ops_fstype.c:611\n gfs2_fill_super+0xe5c/0x1240 fs/gfs2/ops_fstype.c:1265\n\nQuota leak backtrace (gfs2_make_fs_rw failure):\n unreferenced object 0xffff88812de7c000 (size 8192):\n gfs2_quota_init+0xe5/0x820 fs/gfs2/quota.c:1409\n gfs2_make_fs_rw+0x7a/0xe0 fs/gfs2/super.c:149\n gfs2_fill_super+0xfbb/0x1240 fs/gfs2/ops_fstype.c:1275",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45961",
"url": "https://www.suse.com/security/cve/CVE-2026-45961"
},
{
"category": "external",
"summary": "SUSE Bug 1266933 for CVE-2026-45961",
"url": "https://bugzilla.suse.com/1266933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2026-45961"
},
{
"cve": "CVE-2026-45964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix gss_auth kref leak in gss_alloc_msg error path\n\nCommit 5940d1cf9f42 (\"SUNRPC: Rebalance a kref in auth_gss.c\") added\na kref_get(\u0026gss_auth-\u003ekref) call to balance the gss_put_auth() done\nin gss_release_msg(), but forgot to add a corresponding kref_put()\non the error path when kstrdup_const() fails.\n\nIf service_name is non-NULL and kstrdup_const() fails, the function\njumps to err_put_pipe_version which calls put_pipe_version() and\nkfree(gss_msg), but never releases the gss_auth reference. This leads\nto a kref leak where the gss_auth structure is never freed.\n\nAdd a forward declaration for gss_free_callback() and call kref_put()\nin the err_put_pipe_version error path to properly release the\nreference taken earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45964",
"url": "https://www.suse.com/security/cve/CVE-2026-45964"
},
{
"category": "external",
"summary": "SUSE Bug 1266698 for CVE-2026-45964",
"url": "https://bugzilla.suse.com/1266698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45964"
},
{
"cve": "CVE-2026-45965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix invalid deref of rawdata when export_binary is unset\n\nIf the export_binary parameter is disabled on runtime, profiles that\nwere loaded before that will still have their rawdata stored in\napparmorfs, with a symbolic link to the rawdata on the policy\ndirectory. When one of those profiles are replaced, the rawdata is set\nto NULL, but when trying to resolve the symbolic links to rawdata for\nthat profile, it will try to dereference profile-\u003erawdata-\u003ename when\nprofile-\u003erawdata is now NULL causing an oops. Fix it by checking if\nrawdata is set.\n\n[ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088\n[ 168.657420] #PF: supervisor read access in kernel mode\n[ 168.660619] #PF: error_code(0x0000) - not-present page\n[ 168.663613] PGD 0 P4D 0\n[ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary)\n[ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330\n[ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 \u003c48\u003e 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8\n[ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282\n[ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158\n[ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80\n[ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000\n[ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80\n[ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0\n[ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000\n[ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0\n[ 168.701696] Call Trace:\n[ 168.702325] \u003cTASK\u003e\n[ 168.702995] rawdata_get_link_data+0x1c/0x30\n[ 168.704145] vfs_readlink+0xd4/0x160\n[ 168.705152] do_readlinkat+0x114/0x180\n[ 168.706214] __x64_sys_readlink+0x1e/0x30\n[ 168.708653] x64_sys_call+0x1d77/0x26b0\n[ 168.709525] do_syscall_64+0x81/0x500\n[ 168.710348] ? do_statx+0x72/0xb0\n[ 168.711109] ? putname+0x3e/0x80\n[ 168.711845] ? __x64_sys_statx+0xb7/0x100\n[ 168.712711] ? x64_sys_call+0x10fc/0x26b0\n[ 168.713577] ? do_syscall_64+0xbf/0x500\n[ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0\n[ 168.715404] ? irqentry_exit+0xb2/0x740\n[ 168.716359] ? exc_page_fault+0x90/0x1b0\n[ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45965",
"url": "https://www.suse.com/security/cve/CVE-2026-45965"
},
{
"category": "external",
"summary": "SUSE Bug 1267208 for CVE-2026-45965",
"url": "https://bugzilla.suse.com/1267208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45965"
},
{
"cve": "CVE-2026-45970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: alb: fix UAF in rlb_arp_recv during bond up/down\n\nThe ALB RX path may access rx_hashtbl concurrently with bond\nteardown. During rapid bond up/down cycles, rlb_deinitialize()\nfrees rx_hashtbl while RX handlers are still running, leading\nto a null pointer dereference detected by KASAN.\n\nHowever, the root cause is that rlb_arp_recv() can still be accessed\nafter setting recv_probe to NULL, which is actually a use-after-free\n(UAF) issue. That is the reason for using the referenced commit in the\nFixes tag.\n\n[ 214.174138] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001d: 0000 [#1] SMP KASAN PTI\n[ 214.186478] KASAN: null-ptr-deref in range [0x00000000000000e8-0x00000000000000ef]\n[ 214.194933] CPU: 30 UID: 0 PID: 2375 Comm: ping Kdump: loaded Not tainted 6.19.0-rc8+ #2 PREEMPT(voluntary)\n[ 214.205907] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.14.0 01/14/2022\n[ 214.214357] RIP: 0010:rlb_arp_recv+0x505/0xab0 [bonding]\n[ 214.220320] Code: 0f 85 2b 05 00 00 48 b8 00 00 00 00 00 fc ff df 40 0f b6 ed 48 c1 e5 06 49 03 ad 78 01 00 00 48 8d 7d 28 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6\n 04 02 84 c0 74 06 0f 8e 12 05 00 00 80 7d 28 00 0f 84 8c 00\n[ 214.241280] RSP: 0018:ffffc900073d8870 EFLAGS: 00010206\n[ 214.247116] RAX: dffffc0000000000 RBX: ffff888168556822 RCX: ffff88816855681e\n[ 214.255082] RDX: 000000000000001d RSI: dffffc0000000000 RDI: 00000000000000e8\n[ 214.263048] RBP: 00000000000000c0 R08: 0000000000000002 R09: ffffed11192021c8\n[ 214.271013] R10: ffff8888c9010e43 R11: 0000000000000001 R12: 1ffff92000e7b119\n[ 214.278978] R13: ffff8888c9010e00 R14: ffff888168556822 R15: ffff888168556810\n[ 214.286943] FS: 00007f85d2d9cb80(0000) GS:ffff88886ccb3000(0000) knlGS:0000000000000000\n[ 214.295966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 214.302380] CR2: 00007f0d047b5e34 CR3: 00000008a1c2e002 CR4: 00000000001726f0\n[ 214.310347] Call Trace:\n[ 214.313070] \u003cIRQ\u003e\n[ 214.315318] ? __pfx_rlb_arp_recv+0x10/0x10 [bonding]\n[ 214.320975] bond_handle_frame+0x166/0xb60 [bonding]\n[ 214.326537] ? __pfx_bond_handle_frame+0x10/0x10 [bonding]\n[ 214.332680] __netif_receive_skb_core.constprop.0+0x576/0x2710\n[ 214.339199] ? __pfx_arp_process+0x10/0x10\n[ 214.343775] ? sched_balance_find_src_group+0x98/0x630\n[ 214.349513] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10\n[ 214.356513] ? arp_rcv+0x307/0x690\n[ 214.360311] ? __pfx_arp_rcv+0x10/0x10\n[ 214.364499] ? __lock_acquire+0x58c/0xbd0\n[ 214.368975] __netif_receive_skb_one_core+0xae/0x1b0\n[ 214.374518] ? __pfx___netif_receive_skb_one_core+0x10/0x10\n[ 214.380743] ? lock_acquire+0x10b/0x140\n[ 214.385026] process_backlog+0x3f1/0x13a0\n[ 214.389502] ? process_backlog+0x3aa/0x13a0\n[ 214.394174] __napi_poll.constprop.0+0x9f/0x370\n[ 214.399233] net_rx_action+0x8c1/0xe60\n[ 214.403423] ? __pfx_net_rx_action+0x10/0x10\n[ 214.408193] ? lock_acquire.part.0+0xbd/0x260\n[ 214.413058] ? sched_clock_cpu+0x6c/0x540\n[ 214.417540] ? mark_held_locks+0x40/0x70\n[ 214.421920] handle_softirqs+0x1fd/0x860\n[ 214.426302] ? __pfx_handle_softirqs+0x10/0x10\n[ 214.431264] ? __neigh_event_send+0x2d6/0xf50\n[ 214.436131] do_softirq+0xb1/0xf0\n[ 214.439830] \u003c/IRQ\u003e\n\nThe issue is reproducible by repeatedly running\nip link set bond0 up/down while receiving ARP messages, where\nrlb_arp_recv() can race with rlb_deinitialize() and dereference\na freed rx_hashtbl entry.\n\nFix this by setting recv_probe to NULL and then calling\nsynchronize_net() to wait for any concurrent RX processing to finish.\nThis ensures that no RX handler can access rx_hashtbl after it is freed\nin bond_alb_deinitialize().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45970",
"url": "https://www.suse.com/security/cve/CVE-2026-45970"
},
{
"category": "external",
"summary": "SUSE Bug 1267205 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "external",
"summary": "SUSE Bug 1267206 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45970"
},
{
"cve": "CVE-2026-45974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45974",
"url": "https://www.suse.com/security/cve/CVE-2026-45974"
},
{
"category": "external",
"summary": "SUSE Bug 1266922 for CVE-2026-45974",
"url": "https://bugzilla.suse.com/1266922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45974"
},
{
"cve": "CVE-2026-45983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: never defer requests during idmap lookup\n\nDuring v4 request compound arg decoding, some ops (e.g. SETATTR)\ncan trigger idmap lookup upcalls. When those upcall responses get\ndelayed beyond the allowed time limit, cache_check() will mark the\nrequest for deferral and cause it to be dropped.\n\nThis prevents nfs4svc_encode_compoundres from being executed, and\nthus the session slot flag NFSD4_SLOT_INUSE never gets cleared.\nSubsequent client requests will fail with NFSERR_JUKEBOX, given\nthat the slot will be marked as in-use, making the SEQUENCE op\nfail.\n\nFix this by making sure that the RQ_USEDEFERRAL flag is always\nclear during nfs4svc_decode_compoundargs(), since no v4 request\nshould ever be deferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45983",
"url": "https://www.suse.com/security/cve/CVE-2026-45983"
},
{
"category": "external",
"summary": "SUSE Bug 1266697 for CVE-2026-45983",
"url": "https://bugzilla.suse.com/1266697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45983"
},
{
"cve": "CVE-2026-45984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix use-after-free in iomap inline data write path\n\nThe inline data buffer head (dibh) is being released prematurely in\ngfs2_iomap_begin() via release_metapath() while iomap-\u003einline_data\nstill points to dibh-\u003eb_data. This causes a use-after-free when\niomap_write_end_inline() later attempts to write to the inline data\narea.\n\nThe bug sequence:\n1. gfs2_iomap_begin() calls gfs2_meta_inode_buffer() to read inode\n metadata into dibh\n2. Sets iomap-\u003einline_data = dibh-\u003eb_data + sizeof(struct gfs2_dinode)\n3. Calls release_metapath() which calls brelse(dibh), dropping refcount\n to 0\n4. kswapd reclaims the page (~39ms later in the syzbot report)\n5. iomap_write_end_inline() tries to memcpy() to iomap-\u003einline_data\n6. KASAN detects use-after-free write to freed memory\n\nFix by storing dibh in iomap-\u003eprivate and incrementing its refcount\nwith get_bh() in gfs2_iomap_begin(). The buffer is then properly\nreleased in gfs2_iomap_end() after the inline write completes,\nensuring the page stays alive for the entire iomap operation.\n\nNote: A C reproducer is not available for this issue. The fix is based\non analysis of the KASAN report and code review showing the buffer head\nis freed before use.\n\n[agruenba: Take buffer head reference in gfs2_iomap_begin() to avoid\nleaks in gfs2_iomap_get() and gfs2_iomap_alloc().]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45984",
"url": "https://www.suse.com/security/cve/CVE-2026-45984"
},
{
"category": "external",
"summary": "SUSE Bug 1267214 for CVE-2026-45984",
"url": "https://bugzilla.suse.com/1267214"
},
{
"category": "external",
"summary": "SUSE Bug 1267215 for CVE-2026-45984",
"url": "https://bugzilla.suse.com/1267215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45984"
},
{
"cve": "CVE-2026-46004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: caiaq: Handle probe errors properly\n\nThe probe procedure of setup_card() in caiaq driver doesn\u0027t treat the\nerror cases gracefully, e.g. the error from snd_card_register() calls\nsnd_card_free() but continues. This would lead to a UAF for the\nfurther calls like snd_usb_caiaq_control_init(), as Berk suggested in\nanother patch in the link below.\n\nHowever, the problem is not only that; in general, this function drops\nthe all error handlings (as it\u0027s a void function) although its caller\ncan propagate an error to snd_probe(), which eventually calls\nsnd_card_free() as a proper error path. That said, we should treat\neach error case in setup_card(), and just return the error code\npromptly, which is then handled later as a fatal error in snd_probe().\n\nThis patch achieves it by changing the setup_card() to return an error\ncode. Also, the superfluous snd_card_free() call is removed, too.\n\nNote that card-\u003eprivate_free can be set still safely at returning an\nerror. All called functions in card_free() have checks of the\nunassigned resources or NULL checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46004",
"url": "https://www.suse.com/security/cve/CVE-2026-46004"
},
{
"category": "external",
"summary": "SUSE Bug 1267222 for CVE-2026-46004",
"url": "https://bugzilla.suse.com/1267222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46004"
},
{
"cve": "CVE-2026-46005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix a resource leak in xfs_alloc_buftarg()\n\nIn the error path, call fs_put_dax() to drop the DAX\ndevice reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46005",
"url": "https://www.suse.com/security/cve/CVE-2026-46005"
},
{
"category": "external",
"summary": "SUSE Bug 1267431 for CVE-2026-46005",
"url": "https://bugzilla.suse.com/1267431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46005"
},
{
"cve": "CVE-2026-46021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Fix thermal zone governor cleanup issues\n\nIf thermal_zone_device_register_with_trips() fails after adding\na thermal governor to the thermal zone being registered, the\ngovernor is not removed from it as appropriate which may lead to\na memory leak.\n\nIn turn, thermal_zone_device_unregister() calls thermal_set_governor()\nwithout acquiring the thermal zone lock beforehand which may race with\na governor update via sysfs and may lead to a use-after-free in that\ncase.\n\nAddress these issues by adding two thermal_set_governor() calls, one to\nthermal_release() to remove the governor from the given thermal zone,\nand one to the thermal zone registration error path to cover failures\npreceding the thermal zone device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46021",
"url": "https://www.suse.com/security/cve/CVE-2026-46021"
},
{
"category": "external",
"summary": "SUSE Bug 1267220 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "external",
"summary": "SUSE Bug 1267221 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46021"
},
{
"cve": "CVE-2026-46024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()\n\nIf a message of type CEPH_MSG_AUTH_REPLY contains a zero value for both\nprotocol and result, this is currently not treated as an error. In case\nof ac-\u003enegotiating == true and ac-\u003eprotocol \u003e 0, this leads to setting\nac-\u003eprotocol = 0 and ac-\u003eops = NULL. Thereafter, the check for\nac-\u003eprotocol != protocol returns false, and init_protocol() is not\ncalled. Subsequently, ac-\u003eops-\u003ehandle_reply() is called, which leads to\na null pointer dereference, because ac-\u003eops is still NULL.\n\nThis patch changes the check for ac-\u003eprotocol != protocol to\n!ac-\u003eprotocol, as this also includes the case when the protocol was set\nto zero in the message. This causes the message to be treated as\ncontaining a bad auth protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46024",
"url": "https://www.suse.com/security/cve/CVE-2026-46024"
},
{
"category": "external",
"summary": "SUSE Bug 1267218 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "external",
"summary": "SUSE Bug 1267219 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267219"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46024"
},
{
"cve": "CVE-2026-46037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: icmp: validate reply type before using icmp_pointers\n\nExtended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type.\nThat value is outside the range covered by icmp_pointers[], which only\ndescribes the traditional ICMP types up to NR_ICMP_TYPES.\n\nAvoid consulting icmp_pointers[] for reply types outside that range, and\nuse array_index_nospec() for the remaining in-range lookup. Normal ICMP\nreplies keep their existing behavior unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46037",
"url": "https://www.suse.com/security/cve/CVE-2026-46037"
},
{
"category": "external",
"summary": "SUSE Bug 1267361 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "external",
"summary": "SUSE Bug 1267362 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46037"
},
{
"cve": "CVE-2026-46043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv\n\nrxe_rcv() currently checks only that the incoming packet is at least\nheader_size(pkt) bytes long before payload_size() is used.\n\nHowever, payload_size() subtracts both the attacker-controlled BTH pad\nfield and RXE_ICRC_SIZE from pkt-\u003epaylen:\n\n payload_size = pkt-\u003epaylen - offset[RXE_PAYLOAD] - bth_pad(pkt)\n - RXE_ICRC_SIZE\n\nThis means a short packet can still make payload_size() underflow even\nif it includes enough bytes for the fixed headers. Simply requiring\nheader_size(pkt) + RXE_ICRC_SIZE is not sufficient either, because a\npacket with a forged non-zero BTH pad can still leave payload_size()\nnegative and pass an underflowed value to later receive-path users.\n\nFix this by validating pkt-\u003epaylen against the full minimum length\nrequired by payload_size(): header_size(pkt) + bth_pad(pkt) +\nRXE_ICRC_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46043",
"url": "https://www.suse.com/security/cve/CVE-2026-46043"
},
{
"category": "external",
"summary": "SUSE Bug 1266901 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "external",
"summary": "SUSE Bug 1266902 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46043"
},
{
"cve": "CVE-2026-46079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrbd: fix null-ptr-deref when device_add_disk() fails\n\ndo_rbd_add() publishes the device with device_add() before calling\ndevice_add_disk(). If device_add_disk() fails after device_add()\nsucceeds, the error path calls rbd_free_disk() directly and then later\nfalls through to rbd_dev_device_release(), which calls rbd_free_disk()\nagain. This double teardown can leave blk-mq cleanup operating on\ninvalid state and trigger a null-ptr-deref in\n__blk_mq_free_map_and_rqs(), reached from blk_mq_free_tag_set().\n\nFix this by following the normal remove ordering: call device_del()\nbefore rbd_dev_device_release() when device_add_disk() fails after\ndevice_add(). That keeps the teardown sequence consistent and avoids\nre-entering disk cleanup through the wrong path.\n\nThe bug was first flagged by an experimental analysis tool we are\ndeveloping for kernel memory-management bugs while analyzing\nv6.13-rc1. The tool is still under development and is not yet publicly\navailable.\n\nWe reproduced the bug on v7.0 with a real Ceph backend and a QEMU x86_64\nguest booted with KASAN and CONFIG_FAILSLAB enabled. The reproducer\nconfines failslab injections to the __add_disk() range and injects\nfail-nth while mapping an RBD image through\n/sys/bus/rbd/add_single_major.\n\nOn the unpatched kernel, fail-nth=4 reliably triggered the fault:\n\n\tOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n\tKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n\tCPU: 0 UID: 0 PID: 273 Comm: bash Not tainted 7.0.0-01247-gd60bc1401583 #6 PREEMPT(lazy)\n\tHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n\tRIP: 0010:__blk_mq_free_map_and_rqs+0x8c/0x240\n\tCode: 00 00 48 8b 6b 60 41 89 f4 49 c1 e4 03 4c 01 e5 45 85 ed 0f 85 0a 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 e9 48 c1 e9 03 \u003c80\u003e 3c 01 00 0f 85 31 01 00 00 4c 8b 6d 00 4d 85 ed 0f 84 e2 00 00\n\tRSP: 0018:ff1100000ab0fac8 EFLAGS: 00000246\n\tRAX: dffffc0000000000 RBX: ff1100000c4806a0 RCX: 0000000000000000\n\tRDX: 0000000000000002 RSI: 0000000000000000 RDI: ff1100000c4806f4\n\tRBP: 0000000000000000 R08: 0000000000000001 R09: ffe21c000189001b\n\tR10: ff1100000c4800df R11: ff1100006cf37be0 R12: 0000000000000000\n\tR13: 0000000000000000 R14: ff1100000c480700 R15: ff1100000c480004\n\tFS: 00007f0fbe8fe740(0000) GS:ff110000e5851000(0000) knlGS:0000000000000000\n\tCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\tCR2: 00007fe53473b2e0 CR3: 0000000012eef000 CR4: 00000000007516f0\n\tPKRU: 55555554\n\tCall Trace:\n\t \u003cTASK\u003e\n\t blk_mq_free_tag_set+0x77/0x460\n\t do_rbd_add+0x1446/0x2b80\n\t ? __pfx_do_rbd_add+0x10/0x10\n\t ? lock_acquire+0x18c/0x300\n\t ? find_held_lock+0x2b/0x80\n\t ? sysfs_file_kobj+0xb6/0x1b0\n\t ? __pfx_sysfs_kf_write+0x10/0x10\n\t kernfs_fop_write_iter+0x2f4/0x4a0\n\t vfs_write+0x98e/0x1000\n\t ? expand_files+0x51f/0x850\n\t ? __pfx_vfs_write+0x10/0x10\n\t ksys_write+0xf2/0x1d0\n\t ? __pfx_ksys_write+0x10/0x10\n\t do_syscall_64+0x115/0x690\n\t entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\tRIP: 0033:0x7f0fbea15907\n\tCode: 10 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24\n\tRSP: 002b:00007ffe22346ea8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n\tRAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0fbea15907\n\tRDX: 0000000000000058 RSI: 0000563ace6c0ef0 RDI: 0000000000000001\n\tRBP: 0000563ace6c0ef0 R08: 0000563ace6c0ef0 R09: 6b6435726d694141\n\tR10: 5250337279762f78 R11: 0000000000000246 R12: 0000000000000058\n\tR13: 00007f0fbeb1c780 R14: ff1100000c480700 R15: ff1100000c480004\n\t \u003c/TASK\u003e\n\nWith this fix applied, rerunning the reproducer over fail-nth=1..256\nyields no KASAN reports.\n\n[ idryomov: rename err_out_device_del -\u003e err_out_device ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46079",
"url": "https://www.suse.com/security/cve/CVE-2026-46079"
},
{
"category": "external",
"summary": "SUSE Bug 1266452 for CVE-2026-46079",
"url": "https://bugzilla.suse.com/1266452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46079"
},
{
"cve": "CVE-2026-46083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix resource leaks on device setup failure\n\nMake sure to call controller cleanup() if spi_setup() fails while\nregistering a device to avoid leaking any resources allocated by\nsetup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46083",
"url": "https://www.suse.com/security/cve/CVE-2026-46083"
},
{
"category": "external",
"summary": "SUSE Bug 1266696 for CVE-2026-46083",
"url": "https://bugzilla.suse.com/1266696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46083"
},
{
"cve": "CVE-2026-46090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: aloop: Fix peer runtime UAF during format-change stop\n\nloopback_check_format() may stop the capture side when playback starts\nwith parameters that no longer match a running capture stream. Commit\n826af7fa62e3 (\"ALSA: aloop: Fix racy access at PCM trigger\") moved\nthe peer lookup under cable-\u003elock, but the actual snd_pcm_stop() still\nruns after dropping that lock.\n\nA concurrent close can clear the capture entry from cable-\u003estreams[] and\ndetach or free its runtime while the playback trigger path still holds a\nstale peer substream pointer.\n\nKeep a per-cable count of in-flight peer stops before dropping\ncable-\u003elock, and make free_cable() wait for those stops before\ndetaching the runtime. This preserves the existing behavior while\nmaking the peer runtime lifetime explicit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46090",
"url": "https://www.suse.com/security/cve/CVE-2026-46090"
},
{
"category": "external",
"summary": "SUSE Bug 1267531 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "external",
"summary": "SUSE Bug 1267895 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46090"
},
{
"cve": "CVE-2026-46094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bounds check in check_xattrs() to prevent out-of-bounds access\n\nThe bounds check for the next xattr entry in check_xattrs() uses\n(void *)next \u003e= end, which allows next to point within sizeof(u32)\nbytes of end. On the next loop iteration, IS_LAST_ENTRY() reads 4\nbytes via *(__u32 *)(entry), which can overrun the valid xattr region.\n\nFor example, if next lands at end - 1, the check passes since\nnext \u003c end, but IS_LAST_ENTRY() reads 4 bytes starting at end - 1,\naccessing 3 bytes beyond the valid region.\n\nFix this by changing the check to (void *)next + sizeof(u32) \u003e end,\nensuring there is always enough space for the IS_LAST_ENTRY() read\non the subsequent iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46094",
"url": "https://www.suse.com/security/cve/CVE-2026-46094"
},
{
"category": "external",
"summary": "SUSE Bug 1266927 for CVE-2026-46094",
"url": "https://bugzilla.suse.com/1266927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46094"
},
{
"cve": "CVE-2026-46101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: reject zero shift in nft_bitwise\n\nReject zero shift operands for nft_bitwise left and right shift\nexpressions during initialization.\n\nThe carry propagation logic computes the carry from the adjacent 32-bit\nword using BITS_PER_TYPE(u32) - shift. A zero shift operand turns this\ninto a 32-bit shift, which is undefined behaviour.\n\nReject zero shift operands in the control plane, alongside the existing\ncheck for values greater than or equal to 32, so malformed rules never\nreach the packet path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46101",
"url": "https://www.suse.com/security/cve/CVE-2026-46101"
},
{
"category": "external",
"summary": "SUSE Bug 1266878 for CVE-2026-46101",
"url": "https://bugzilla.suse.com/1266878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46101"
},
{
"cve": "CVE-2026-46110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Prevent NULL deref when RX memory exhausted\n\nThe CPU receives frames from the MAC through conventional DMA: the CPU\nallocates buffers for the MAC, then the MAC fills them and returns\nownership to the CPU. For each hardware RX queue, the CPU and MAC\ncoordinate through a shared ring array of DMA descriptors: one\ndescriptor per DMA buffer. Each descriptor includes the buffer\u0027s\nphysical address and a status flag (\"OWN\") indicating which side owns\nthe buffer: OWN=0 for CPU, OWN=1 for MAC. The CPU is only allowed to set\nthe flag and the MAC is only allowed to clear it, and both must move\nthrough the ring in sequence: thus the ring is used for both\n\"submissions\" and \"completions.\"\n\nIn the stmmac driver, stmmac_rx() bookmarks its position in the ring\nwith the `cur_rx` index. The main receive loop in that function checks\nfor rx_descs[cur_rx].own=0, gives the corresponding buffer to the\nnetwork stack (NULLing the pointer), and increments `cur_rx` modulo the\nring size. After the loop exits, stmmac_rx_refill(), which bookmarks its\nposition with `dirty_rx`, allocates fresh buffers and rearms the\ndescriptors (setting OWN=1). If it fails any allocation, it simply stops\nearly (leaving OWN=0) and will retry where it left off when next called.\n\nThis means descriptors have a three-stage lifecycle (terms my own):\n- `empty` (OWN=1, buffer valid)\n- `full` (OWN=0, buffer valid and populated)\n- `dirty` (OWN=0, buffer NULL)\n\nBut because stmmac_rx() only checks OWN, it confuses `full`/`dirty`. In\nthe past (see \u0027Fixes:\u0027), there was a bug where the loop could cycle\n`cur_rx` all the way back to the first descriptor it dirtied, resulting\nin a NULL dereference when mistaken for `full`. The aforementioned\ncommit resolved that *specific* failure by capping the loop\u0027s iteration\nlimit at `dma_rx_size - 1`, but this is only a partial fix: if the\nprevious stmmac_rx_refill() didn\u0027t complete, then there are leftover\n`dirty` descriptors that the loop might encounter without needing to\ncycle fully around. The current code therefore panics (see \u0027Closes:\u0027)\nwhen stmmac_rx_refill() is memory-starved long enough for `cur_rx` to\ncatch up to `dirty_rx`.\n\nFix this by explicitly checking, before advancing `cur_rx`, if the next\nentry is dirty; exit the loop if so. This prevents processing of the\nfinal, used descriptor until stmmac_rx_refill() succeeds, but\nfully prevents the `cur_rx == dirty_rx` ambiguity as the previous bugfix\nintended: so remove the clamp as well. Since stmmac_rx_zc() is a\ncopy-paste-and-tweak of stmmac_rx() and the code structure is identical,\nany fix to stmmac_rx() will also need a corresponding fix for\nstmmac_rx_zc(). Therefore, apply the same check there.\n\nIn stmmac_rx() (not stmmac_rx_zc()), a related bug remains: after the\nMAC sets OWN=0 on the final descriptor, it will be unable to send any\nfurther DMA-complete IRQs until it\u0027s given more `empty` descriptors.\nCurrently, the driver simply *hopes* that the next stmmac_rx_refill()\nsucceeds, risking an indefinite stall of the receive process if not. But\nthis is not a regression, so it can be addressed in a future change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46110",
"url": "https://www.suse.com/security/cve/CVE-2026-46110"
},
{
"category": "external",
"summary": "SUSE Bug 1266759 for CVE-2026-46110",
"url": "https://bugzilla.suse.com/1266759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46110"
},
{
"cve": "CVE-2026-46111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: fix potential UAF in create_big_sync\n\nAdd hci_conn_valid() check in create_big_sync() to detect stale\nconnections before proceeding with BIG creation. Handle the\nresulting -ECANCELED in create_big_complete() and re-validate the\nconnection under hci_dev_lock() before dereferencing, matching the\npattern used by create_le_conn_complete() and create_pa_complete().\n\nKeep the hci_conn object alive across the async boundary by taking\na reference via hci_conn_get() when queueing create_big_sync(), and\ndropping it in the completion callback. The refcount and the lock\nare complementary: the refcount keeps the object allocated, while\nhci_dev_lock() serializes hci_conn_hash_del()\u0027s list_del_rcu() on\nhdev-\u003econn_hash, as required by hci_conn_del().\n\nhci_conn_put() is called outside hci_dev_unlock() so the final put\n(which resolves to kfree() via bt_link_release) does not run under\nhdev-\u003elock, though the release path would be safe either way.\n\nWithout this, create_big_complete() would unconditionally\ndereference the conn pointer on error, causing a use-after-free\nvia hci_connect_cfm() and hci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46111",
"url": "https://www.suse.com/security/cve/CVE-2026-46111"
},
{
"category": "external",
"summary": "SUSE Bug 1267626 for CVE-2026-46111",
"url": "https://bugzilla.suse.com/1267626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46111"
},
{
"cve": "CVE-2026-46113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Fix shadow paging use-after-free due to unexpected GFN\n\nThe shadow MMU computes GFNs for direct shadow pages using sp-\u003egfn plus\nthe SPTE index. This assumption breaks for shadow paging if the guest\npage tables are modified between VM entries (similar to commit\naad885e77496, \"KVM: x86/mmu: Drop/zap existing present SPTE even\nwhen creating an MMIO SPTE\", 2026-03-27). The flow is as follows:\n\n- a PDE is installed for a 2MB mapping, and a page in that area is\n accessed. KVM creates a kvm_mmu_page consisting of 512 4KB pages;\n the kvm_mmu_page is marked by FNAME(fetch) as direct-mapped because\n the guest\u0027s mapping is a huge page (and thus contiguous).\n\n- the PDE mapping is changed from outside the guest.\n\n- the guest accesses another page in the same 2MB area. KVM installs\n a new leaf SPTE and rmap entry; the SPTE uses the \"correct\" GFN\n (i.e. based on the new mapping, as changed in the previous step) but\n that GFN is outside of the [sp-\u003egfn, sp-\u003egfn + 511] range; therefore\n the rmap entry cannot be found and removed when the kvm_mmu_page\n is zapped.\n\n- the memslot that covers the first 2MB mapping is deleted, and the\n kvm_mmu_page for the now-invalid GPA is zapped. However, rmap_remove()\n only looks at the [sp-\u003egfn, sp-\u003egfn + 511] range established in step 1,\n and fails to find the rmap entry that was recorded by step 3.\n\n- any operation that causes an rmap walk for the same page accessed\n by step 3 then walks a stale rmap and dereferences a freed kvm_mmu_page.\n This includes dirty logging or MMU notifier invalidations (e.g., from\n MADV_DONTNEED).\n\nThe underlying issue is that KVM\u0027s walking of shadow PTEs assumes that\nif a SPTE is present when KVM wants to install a non-leaf SPTE, then the\nexisting kvm_mmu_page must be for the correct gfn. Because the only way\nfor the gfn to be wrong is if KVM messed up and failed to zap a SPTE...\nwhich shouldn\u0027t happen, but *actually* only happens in response to a\nguest write.\n\nThat bug dates back literally forever, as even the first version of KVM\nassumes that the GFN matches and walks into the \"wrong\" shadow page.\nHowever, that was only an imprecision until 2032a93d66fa (\"KVM: MMU:\nDon\u0027t allocate gfns page for direct mmu pages\") came along.\n\nFix it by checking for a target gfn mismatch and zapping the existing\nSPTE. That way the old SP and rmap entries are gone, KVM installs\nthe rmap in the right location, and everyone is happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46113",
"url": "https://www.suse.com/security/cve/CVE-2026-46113"
},
{
"category": "external",
"summary": "SUSE Bug 1266969 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "external",
"summary": "SUSE Bug 1266970 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46113"
},
{
"cve": "CVE-2026-46114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads\n\natomic_write_reply() at drivers/infiniband/sw/rxe/rxe_resp.c\nunconditionally dereferences 8 bytes at payload_addr(pkt):\n\n value = *(u64 *)payload_addr(pkt);\n\ncheck_rkey() previously accepted an ATOMIC_WRITE request with pktlen ==\nresid == 0 because the length validation only compared pktlen against\nresid. A remote initiator that sets the RETH length to 0 therefore reaches\natomic_write_reply() with a zero-byte logical payload, and the responder\nreads sizeof(u64) bytes from past the logical end of the packet into\nskb-\u003ehead tailroom, then writes those 8 bytes into the attacker\u0027s MR via\nrxe_mr_do_atomic_write(). That is a remote disclosure of 4 bytes of kernel\ntailroom per probe (the other 4 bytes are the packet\u0027s own trailing ICRC).\n\nIBA oA19-28 defines ATOMIC_WRITE as exactly 8 bytes. Anything else is\nprotocol-invalid. Hoist a strict length check into check_rkey() so the\nresponder never reaches the unchecked dereference, and keep the existing\nWRITE-family length logic for the normal RDMA WRITE path.\n\nReproduced on mainline with an unmodified rxe driver: a sustained\nzero-length ATOMIC_WRITE probe repeatedly leaks adjacent skb head-buffer\nbytes into the attacker\u0027s MR, including recognisable kernel strings and\npartial kernel-direct-map pointer words. With this patch applied the\nresponder rejects the PDU and the MR stays all-zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46114",
"url": "https://www.suse.com/security/cve/CVE-2026-46114"
},
{
"category": "external",
"summary": "SUSE Bug 1266972 for CVE-2026-46114",
"url": "https://bugzilla.suse.com/1266972"
},
{
"category": "external",
"summary": "SUSE Bug 1266973 for CVE-2026-46114",
"url": "https://bugzilla.suse.com/1266973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46114"
},
{
"cve": "CVE-2026-46119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix slab-out-of-bounds access in auth message processing\n\nIf a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY\ncontains a positive value in its result field, it is treated as an\nerror code by ceph_handle_auth_reply() and returned to\nhandle_auth_reply(). Thereafter, an attempt is made to send the\npreallocated message of type CEPH_MSG_AUTH, where the returned value is\ninterpreted as the size of the front segment to send. If the result\nvalue in the message is greater than the size of the memory buffer\nallocated for the front segment, an out-of-bounds access occurs, and\nthe content of the memory region beyond this buffer is sent out.\n\nThis patch fixes the issue by treating only negative values in the\nresult field as errors. Positive values are therefore treated as success\nin the same way as a zero value. Additionally, a BUG_ON is added to\n__send_prepared_auth_request() comparing the len parameter to\nfront_alloc_len to prevent sending the message if it exceeds the bounds\nof the allocation and to make it easier to catch any logic flaws leading\nto this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46119",
"url": "https://www.suse.com/security/cve/CVE-2026-46119"
},
{
"category": "external",
"summary": "SUSE Bug 1267628 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "external",
"summary": "SUSE Bug 1267894 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46119"
},
{
"cve": "CVE-2026-46120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: Use cached t-\u003enet in ip6erspan_changelink().\n\nAfter commit 5e72ce3e3980 (\"net: ipv6: Use link netns in newlink() of\nrtnl_link_ops\"), ip6erspan_newlink() correctly resolves the per-netns\nip6gre hash via link_net. ip6erspan_changelink() was not converted in\nthat series and still uses dev_net(dev), which diverges from the\ndevice\u0027s creation netns after IFLA_NET_NS_FD migration.\n\nThis re-inserts the tunnel into the wrong per-netns hash. The\noriginal netns keeps a stale entry. When that netns is later\ndestroyed, ip6gre_exit_rtnl_net() walks the stale entry, producing a\nslab-use-after-free reported by KASAN, followed by a kernel BUG at\nnet/core/dev.c (LIST_POISON1) in unregister_netdevice_many_notify().\n\nReachable from an unprivileged user namespace (unshare --user\n--map-root-user --net).\n\nip6gre_changelink() earlier in the same file already uses the cached\nt-\u003enet; only ip6erspan_changelink() has the wrong shape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46120",
"url": "https://www.suse.com/security/cve/CVE-2026-46120"
},
{
"category": "external",
"summary": "SUSE Bug 1267640 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "external",
"summary": "SUSE Bug 1267893 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46120"
},
{
"cve": "CVE-2026-46123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: virtio_bt: clamp rx length before skb_put\n\nvirtbt_rx_work() calls skb_put(skb, len) where len comes directly\nfrom virtqueue_get_buf() with no validation against the buffer we\nposted to the device. The RX skb is allocated in virtbt_add_inbuf()\nand exposed to virtio as exactly 1000 bytes via sg_init_one().\n\nChecking len against skb_tailroom(skb) is not sufficient because\nalloc_skb() can leave more tailroom than the 1000 bytes actually\nhanded to the device. A malicious or buggy backend can therefore\nreport used.len between 1001 and skb_tailroom(skb), causing skb_put()\nto include uninitialized kernel heap bytes that were never written by\nthe device.\n\nThe same path also accepts len == 0, in which case skb_put(skb, 0)\nleaves the skb empty but virtbt_rx_handle() still reads the pkt_type\nbyte from skb-\u003edata, consuming uninitialized memory.\n\nDefine VIRTBT_RX_BUF_SIZE once and reuse it in alloc_skb() and\nsg_init_one(), and gate virtbt_rx_work() on that same constant so\nthe bound checked matches the buffer actually exposed to the device.\nReject used.len == 0 in the same gate so an empty completion can\nno longer reach virtbt_rx_handle().\n\nUse bt_dev_err_ratelimited() because the length value comes from an\nuntrusted backend that can otherwise flood the kernel log.\n\nSame class of bug as commit c04db81cd028 (\"net/9p: Fix buffer\noverflow in USB transport layer\"), which hardened the USB 9p\ntransport against unchecked device-reported length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46123",
"url": "https://www.suse.com/security/cve/CVE-2026-46123"
},
{
"category": "external",
"summary": "SUSE Bug 1267621 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "external",
"summary": "SUSE Bug 1267622 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46123"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger\n\nCurrently the runtime.oss.trigger field may be accessed concurrently\nwithout protection, which may lead to the data race. And, in this\ncase, it may lead to more severe problem because it\u0027s a bit field; as\nwriting the data, it may overwrite other bit fields as well, which\nconfuses the operation completely, as spotted by fuzzing.\n\nFix it by covering runtime.oss.trigger bit fled also with the existing\nparams_lock mutex in both snd_pcm_oss_get_trigger() and\nsnd_pcm_oss_poll().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46157",
"url": "https://www.suse.com/security/cve/CVE-2026-46157"
},
{
"category": "external",
"summary": "SUSE Bug 1267726 for CVE-2026-46157",
"url": "https://bugzilla.suse.com/1267726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46157"
},
{
"cve": "CVE-2026-46159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak\n\nbtrfs_ioctl_space_info() has a TOCTOU race between two passes over the\nblock group RAID type lists. The first pass counts entries to determine\nthe allocation size, then the second pass fills the buffer. The\ngroups_sem rwlock is released between passes, allowing concurrent block\ngroup removal to reduce the entry count.\n\nWhen the second pass fills fewer entries than the first pass counted,\ncopy_to_user() copies the full alloc_size bytes including trailing\nuninitialized kmalloc bytes to userspace.\n\nFix by copying only total_spaces entries (the actually-filled count from\nthe second pass) instead of alloc_size bytes, and switch to kzalloc so\nany future copy size mismatch cannot leak heap data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46159",
"url": "https://www.suse.com/security/cve/CVE-2026-46159"
},
{
"category": "external",
"summary": "SUSE Bug 1267652 for CVE-2026-46159",
"url": "https://bugzilla.suse.com/1267652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46159"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: xfrm6: release dst on error in xfrm6_rcv_encap()\n\nxfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not\nalready have a dst attached. ip6_route_input_lookup() returns a\nreferenced dst entry even when the lookup resolves to an error route.\n\nIf dst-\u003eerror is set, xfrm6_rcv_encap() drops the skb without attaching\nthe dst to the skb and without releasing the reference returned by the\nlookup. Repeated packets hitting this path therefore leak dst entries.\n\nRelease the dst before jumping to the drop path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46172",
"url": "https://www.suse.com/security/cve/CVE-2026-46172"
},
{
"category": "external",
"summary": "SUSE Bug 1266903 for CVE-2026-46172",
"url": "https://bugzilla.suse.com/1266903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46172"
},
{
"cve": "CVE-2026-46176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()\n\nmlx5_ib_dev_res_srq_init() allocates two SRQs, s0 and s1. When\nib_create_srq() fails for s1, the error branch destroys s0 but falls\nthrough and unconditionally assigns the freed s0 and the ERR_PTR s1 to\ndevr-\u003es0 and devr-\u003es1.\n\nThis leads to several problems: the lock-free fast path checks\n\"if (devr-\u003es1) return 0;\" and treats the ERR_PTR as already initialised;\nusers in mlx5_ib_create_qp() dereference the freed SRQ or ERR_PTR via\nto_msrq(devr-\u003es0)-\u003emsrq.srqn; and mlx5_ib_dev_res_cleanup() dereferences\nthe ERR_PTR and double-frees s0 on teardown.\n\nFix by adding the same `goto unlock` in the s1 failure path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46176",
"url": "https://www.suse.com/security/cve/CVE-2026-46176"
},
{
"category": "external",
"summary": "SUSE Bug 1266816 for CVE-2026-46176",
"url": "https://bugzilla.suse.com/1266816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46176"
},
{
"cve": "CVE-2026-46181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()\n\nSashiko points out the radix_tree itself is RCU safe, but nothing ever\nfrees the mlx4_srq struct with RCU, and it isn\u0027t even accessed within the\nRCU critical section. It also will crash if an event is delivered before\nthe srq object is finished initializing.\n\nUse the spinlock since it isn\u0027t easy to make RCU work, use\nrefcount_inc_not_zero() to protect against partially initialized objects,\nand order the refcount_set() to be after the srq is fully initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46181",
"url": "https://www.suse.com/security/cve/CVE-2026-46181"
},
{
"category": "external",
"summary": "SUSE Bug 1266826 for CVE-2026-46181",
"url": "https://bugzilla.suse.com/1266826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46181"
},
{
"cve": "CVE-2026-46197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: validate SVM ioctl nattr against buffer size\n\nValidate nattr field against the buffer size, preventing\nout-of-bounds buffer access via user-controlled attribute count.\n\n(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46197",
"url": "https://www.suse.com/security/cve/CVE-2026-46197"
},
{
"category": "external",
"summary": "SUSE Bug 1267381 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "external",
"summary": "SUSE Bug 1267382 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46197"
},
{
"cve": "CVE-2026-46209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()\n\ndrm_gem_fb_init_with_funcs() computes sub-sampled plane dimensions\nusing plain integer division:\n\n unsigned int width = mode_cmd-\u003ewidth / (i ? info-\u003ehsub : 1);\n unsigned int height = mode_cmd-\u003eheight / (i ? info-\u003evsub : 1);\n\nHowever, the ioctl-level framebuffer_check() in drm_framebuffer.c uses\ndrm_format_info_plane_width/height() which round up dimensions via\nDIV_ROUND_UP(). This inconsistency corrupts the subsequent GEM object\nsize check for certain pixel format and dimension combinations.\n\nFor example, with NV12 (vsub=2) and a 1-pixel-tall framebuffer the\nGEM size validation path sees height=0 instead of height=1. The\nexpression (height - 1) then wraps to UINT_MAX as an unsigned int,\ncausing min_size to overflow and wrap back to a small value. A tiny\nGEM object therefore passes the size guard, yet when the GPU accesses\nthe chroma plane it will read or write memory beyond the object\u0027s\nbounds.\n\nFix by replacing the open-coded divisions with drm_format_info_plane_width()\nand drm_format_info_plane_height(), which use DIV_ROUND_UP() and match\nthe calculation already used in framebuffer_check().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46209",
"url": "https://www.suse.com/security/cve/CVE-2026-46209"
},
{
"category": "external",
"summary": "SUSE Bug 1267663 for CVE-2026-46209",
"url": "https://bugzilla.suse.com/1267663"
},
{
"category": "external",
"summary": "SUSE Bug 1267891 for CVE-2026-46209",
"url": "https://bugzilla.suse.com/1267891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46209"
},
{
"cve": "CVE-2026-46227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep-\u003easocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs. The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep-\u003easocs), and optionally close the new socket which frees the\nassociation via kfree_rcu(). The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc-\u003ebase.sk\" and \"asoc-\u003ebase.dead\" checks, but nothing\nrevalidates @tmp. After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint\u0027s list head (type\nconfusion of \u0026newep-\u003easocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched-\u003einit_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns. @asoc is known to still be on ep-\u003easocs at that point: the\nonly callers that list_del an association from ep-\u003easocs are\nsctp_association_free() (which sets asoc-\u003ebase.dead) and\nsctp_assoc_migrate() (which changes asoc-\u003ebase.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err \u003c 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits \u0027continue\u0027 before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46227",
"url": "https://www.suse.com/security/cve/CVE-2026-46227"
},
{
"category": "external",
"summary": "SUSE Bug 1267697 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "external",
"summary": "SUSE Bug 1267698 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46227"
},
{
"cve": "CVE-2026-46244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong - points to extension header start) and l4proto\n(correct - e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()\u0027s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()\u0027s calculated transport header offset is\npreserved, thereby fixing the desynchronization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46244",
"url": "https://www.suse.com/security/cve/CVE-2026-46244"
},
{
"category": "external",
"summary": "SUSE Bug 1267654 for CVE-2026-46244",
"url": "https://bugzilla.suse.com/1267654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
}
]
}
SUSE-SU-2026:22436-1
Vulnerability from csaf_suse - Published: 2026-06-30 23:09 - Updated: 2026-06-30 23:09| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2026-31414: netfilter: nf_conntrack_expect: use expect-\u003ehelper (bsc#1262085).\n- CVE-2026-31429: net: skb: fix cross-cache free of KFENCE-allocated skb head (bsc#1262392).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n- CVE-2026-31492: RDMA/irdma: Initialize free_qp completion before using it (bsc#1262748).\n- CVE-2026-31495: netfilter: ctnetlink: use netlink policy range checks (bsc#1262798).\n- CVE-2026-31499: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() (bsc#1262674).\n- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).\n- CVE-2026-31555: futex: Clear stale exiting pointer in futex_lock_pi() retry path (bsc#1263178).\n- CVE-2026-31592: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock (bsc#1263123).\n- CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).\n- CVE-2026-31665: kABI: netfilter: nft_ct: fix use-after-free in timeout object destroy (bsc#1263137).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31680: net: ipv6: flowlabel: defer exclusive option free until RCU teardown (bsc#1263563).\n- CVE-2026-31693: cifs: some missing initializations on replay (bsc#1267744).\n- CVE-2026-31697: crypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed (bsc#1264116).\n- CVE-2026-31698: crypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).\n- CVE-2026-31699: crypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed (bsc#1263879).\n- CVE-2026-31752: bridge: br_nd_send: validate ND option lengths (bsc#1264045).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).\n- CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43035: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak (bsc#1263996).\n- CVE-2026-43036: net: use skb_header_pointer() for TCPv4 GSO frag_off check (bsc#1263993).\n- CVE-2026-43049: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (bsc#1264080).\n- CVE-2026-43053: xfs: close crash window in attr dabtree inactivation (bsc#1264084).\n- CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43083: net: ioam6: fix OOB and missing lock (bsc#1264266).\n- CVE-2026-43101: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (bsc#1264239).\n- CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437).\n- CVE-2026-43119: Bluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status (bsc#1264561).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43171: EFI/CPER: do not dump the entire memory region (bsc#1264549).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43239: smb: client: prevent races in -\u003equery_interfaces() (bsc#1264444).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43345: net: ipa: fix event ring index not programmed for IPA v5.0+ (bsc#1265103).\n- CVE-2026-43405: libceph: Use u32 for non-negative values in ceph_monmap_decode() (bsc#1264741).\n- CVE-2026-43469: xprtrdma: Decrement re_receiving on the early exit paths (bsc#1265143).\n- CVE-2026-43491: net: qrtr: ns: Limit the maximum server registration per node (bsc#1265628).\n- CVE-2026-45840: openvswitch: cap upcall PID array size and pre-size vport replies (bsc#1266397).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45862: iommu/vt-d: Flush cache for PASID table before using it (bsc#1266705).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45894: iommu/vt-d: Clear Present bit before tearing down PASID entry (bsc#1266895).\n- CVE-2026-45940: net: stmmac: fix oops when split header is enabled (bsc#1266916).\n- CVE-2026-45961: gfs2: fix memory leaks in gfs2_fill_super error path (bsc#1266933).\n- CVE-2026-45964: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path (bsc#1266698).\n- CVE-2026-45965: apparmor: fix invalid deref of rawdata when export_binary is unset (bsc#1267208).\n- CVE-2026-45974: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found (bsc#1266922).\n- CVE-2026-46005: xfs: fix a resource leak in xfs_alloc_buftarg() (bsc#1267431).\n- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).\n- CVE-2026-46101: netfilter: reject zero shift in nft_bitwise (bsc#1266878).\n- CVE-2026-46119: libceph: Fix slab-out-of-bounds access in auth message processing (bsc#1267628).\n- CVE-2026-46120: ip6_gre: Use cached t-\u003enet in ip6erspan_changelink() (bsc#1267640).\n- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).\n- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46172: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (bsc#1266903).\n- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).\n- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).\n- CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync (bsc#1267654).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Suppress UBSAN warning caused by field misuse (git-fixes).\n- ACPI: IPMI: Fix message kref handling on dead device (git-fixes).\n- ACPI: NFIT: core: Fix possible NULL pointer dereference (git-fixes).\n- ALSA: aloop: Drop superfluous break (git-fixes).\n- ALSA: cmipci: check snd_ctl_new1() return value (git-fixes).\n- ALSA: core: Fix unintuitive behavior of snd_power_ref_and_wait() (git-fixes).\n- ALSA: es1938: check snd_ctl_new1() return value (git-fixes).\n- ALSA: gus: check snd_ctl_new1() return value (git-fixes).\n- ALSA: ice1712: check snd_ctl_new1() return value (git-fixes).\n- ALSA: seq: Clear variable event pointer on read (git-fixes).\n- ALSA: seq: Fix partial userptr event expansion (git-fixes).\n- ALSA: seq: midi: Serialize output teardown with event_input (git-fixes).\n- ALSA: usb-audio: Propagate US-16x08 write errors in route/mix EQ-switch put callbacks (git-fixes).\n- ALSA: usb-audio: Propagate errors in scarlett_ctl_enum_put() (git-fixes).\n- ALSA: usb-audio: Roll back quirk control caches on write errors (git-fixes).\n- ALSA: usb-audio: Update Babyface Pro control caches only after successful writes (git-fixes).\n- ALSA: usb-audio: Update US-16x08 EQ/comp shadow state after successful writes (git-fixes).\n- ALSA: virtio: Add missing 384 kHz PCM rate mapping (git-fixes).\n- ALSA: ymfpci: check snd_ctl_new1() return value (git-fixes).\n- ASoC: SOF: ipc3-control: Fix TOCTOU in bytes_put and bytes_get (git-fixes).\n- ASoC: SOF: ipc3-control: Fix heap overflow in bytes_ext put/get (git-fixes).\n- ASoC: SOF: ipc3-control: Use overflow checks in control_update size calc (git-fixes).\n- ASoC: SOF: ipc3-control: Validate size in snd_sof_update_control (git-fixes).\n- ASoC: SOF: ipc4-control: Fix TOCTOU in sof_ipc4_bytes_put (git-fixes).\n- ASoC: SOF: topology: validate vendor array size before parsing (git-fixes).\n- ASoC: adau1372: Clear PLL_EN on failed PLL lock without reset GPIO (git-fixes).\n- ASoC: codecs: hdac_hdmi: Validate written enum value (git-fixes).\n- ASoC: cs35l56: Cleanup if component_probe fails (git-fixes).\n- ASoC: cs35l56: Do not leave parent IRQ disabled if system_suspend fails (git-fixes).\n- ASoC: cs35l56: Fix missing calls to wm_adsp2_remove() (git-fixes).\n- ASoC: fsl: fsl_audmix: Validate written enum values (git-fixes).\n- ASoC: meson: aiu: Validate written enum values (git-fixes).\n- ASoC: tegra: tegra210_ahub: Validate written enum value (git-fixes).\n- ASoC: topology: Check PCM and DAI name strings before use (git-fixes).\n- ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (git-fixes).\n- Bluetooth: btmtksdio: fix infinite loop in btmtksdio_txrx_work() (git-fixes).\n- Bluetooth: btusb: fix use-after-free on marvell probe failure (git-fixes).\n- Bluetooth: btusb: fix use-after-free on registration failure (git-fixes).\n- Bluetooth: btusb: fix wakeup irq devres lifetime (git-fixes).\n- Bluetooth: btusb: fix wakeup source leak on probe failure (git-fixes).\n- Bluetooth: eir: Fix stack OOB write when prepending the Flags AD (git-fixes).\n- Bluetooth: hci: validate codec capability element length (git-fixes).\n- Bluetooth: vhci: validate devcoredump state before side effects (git-fixes).\n- Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-fixes).\n- KVM: SEV: Ignore MMIO requests of length \u00270\u0027 (git-fixes).\n- KVM: SEV: Ignore Port I/O requests of length \u00270\u0027 (git-fixes).\n- KVM: SVM: Allow KVM_SET_NESTED_STATE to clear GIF when SVME==0 (git-fixes).\n- KVM: SVM: Do not set GIF when clearing EFER.SVME (git-fixes).\n- KVM: SVM: Flush the current TLB when transitioning from xAVIC =\u003e x2AVIC (git-fixes).\n- KVM: SVM: check validity of VMCB controls when returning from SMM (git-fixes).\n- KVM: arm64: Discard PC update state on vcpu reset (git-fixes).\n- KVM: arm64: Guard against NULL vcpu on VHE hyp panic path (git-fixes).\n- KVM: arm64: PMU: Preserve AArch32 counter low bits (git-fixes).\n- KVM: arm64: Treat vCPU with pending SError as runnable (git-fixes).\n- KVM: arm64: Wake-up from WFI when iqrchip is in userspace (git-fixes).\n- KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits (git-fixes).\n- KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes).\n- KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation (git-fixes).\n- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode (git-fixes).\n- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state (git-fixes).\n- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes).\n- KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes).\n- PM: sleep: Use complete() in device_pm_sleep_init() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in get_manuf_info() (git-fixes).\n- USB: serial: kl5kusb105: fix bulk-out buffer overflow (git-fixes).\n- X.509: Fix validation of ASN.1 certificate header (git-fixes).\n- add bugnumber to existing mana_ib change (bsc#1267682)\n- agp/amd64: Fix broken error propagation in agp_amd64_probe() (git-fixes).\n- batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (git-fixes).\n- batman-adv: tp_meter: add only finished tp_vars to lists (git-fixes).\n- batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (git-fixes).\n- batman-adv: tp_meter: avoid window underflow (git-fixes).\n- batman-adv: tp_meter: fix fast recovery precondition (git-fixes).\n- batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (git-fixes).\n- batman-adv: tp_meter: initialize dec_cwnd explicitly (git-fixes).\n- batman-adv: tp_meter: initialize dup_acks explicitly (git-fixes).\n- batman-adv: tp_meter: keep unacked list in ascending ordered (git-fixes).\n- bnxt_en: Fix NULL pointer dereference (bsc#1268307).\n- crypto: af_alg - Cap AEAD AD length to 0x80000000 (git-fixes).\n- crypto: amlogic - avoid double cleanup in meson_crypto_probe() (git-fixes).\n- crypto: asymmetric_keys - fix OOB read in pefile_digest_pe_contents (git-fixes).\n- crypto: atmel-sha204a - fix blocking and non-blocking rng logic (git-fixes).\n- crypto: cavium/cpt - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: ccp - Fix snp_filter_reserved_mem_regions() off-by-one (git-fixes).\n- crypto: ccp - Treat zero-length cert chain as query for blob lengths (git-fixes).\n- crypto: drbg - Fix drbg_max_addtl() on 64-bit kernels (git-fixes).\n- crypto: drbg - Fix returning success on failure in CTR_DRBG (git-fixes).\n- crypto: drbg - Fix the fips_enabled priority boost (git-fixes).\n- crypto: ecc - Fix carry overflow in vli multiplication (git-fixes).\n- crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve (git-fixes).\n- crypto: hisilicon/qm - disable error report before flr (git-fixes).\n- crypto: marvell/octeontx - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: pcrypt - restore callback for non-parallel fallback (git-fixes).\n- crypto: qat - protect service table iterations with service_lock (git-fixes).\n- crypto: qat - validate RSA CRT component lengths (git-fixes).\n- crypto: rng - Free default RNG on module exit (git-fixes).\n- driver core: reject devices with unregistered buses (git-fixes).\n- driver core: use READ_ONCE() for dev-\u003edriver in dev_has_sync_state() (git-fixes).\n- drm/amd/display: Add missing kdoc for ALLM parameters (git-fixes).\n- drm/amdgpu: fix integer overflow in amdgpu_gem_align_pitch() (git-fixes).\n- drm/amdgpu: set sub_block_index for mca ras sub-blocks (git-fixes).\n- drm/amdkfd: Validate CRIU-restored IDs before idr_alloc (git-fixes).\n- drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS() (git-fixes).\n- drm/dp/mst: fix OOB reads in remote DPCD/I2C sideband reply parsers (git-fixes).\n- drm/dp/mst: fix OOB reads on 2-byte fields in sideband reply parsers (git-fixes).\n- drm/dp/mst: fix buffer overflows in sideband chunk accumulation (git-fixes).\n- drm/hisilicon/hibmc: move display contrl config to hibmc_probe() (git-fixes).\n- drm/hisilicon/hibmc: use clock to look up the PLL value (git-fixes).\n- drm/hyperv: use VMBUS_RING_SIZE() (git-fixes).\n- drm/i915/gem: Fix phys BO pread/pwrite with offset (git-fixes).\n- drm/msm/dp: Fix the ISR_* enum values (git-fixes).\n- drm/msm/dp: fix HPD state status bit shift value (git-fixes).\n- drm/nouveau/bios: specify correct display fuse register for Ampere and Ada (git-fixes).\n- drm/radeon: fix integer overflow in radeon_align_pitch() (git-fixes).\n- drm/radeon: fix memory leak in radeon_ring_restore() on lock failure (git-fixes).\n- drm/rockchip: cdn-dp: add missing check in cdn_dp_config_video() (git-fixes).\n- drm/tegra: Fix iommu_map_sgtable() return value check (git-fixes).\n- drm/tegra: dc: Fix device node reference leak in tegra_dc_has_output() (git-fixes).\n- drm/tidss: Drop extra drm_mode_config_reset() call (git-fixes).\n- drm/tidss: Fix missing drm_bridge_add() call (git-fixes).\n- drm/vc4: fix krealloc() memory leak (git-fixes).\n- drm/virtio: Fix driver removal with disabled KMS (git-fixes).\n- drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() (git-fixes).\n- ethtool: provide customized dim profile management (bsc#1261256).\n- fbdev: broadsheetfb: fix potential memory leak in broadsheetfb_probe() (git-fixes).\n- fbdev: hecubafb: fix potential memory leak in hecubafb_probe() (git-fixes).\n- fbdev: i740fb: fix potential memory leak in i740fb_probe() (git-fixes).\n- fbdev: metronomefb: fix potential memory leak in metronomefb_probe() (git-fixes).\n- fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode (git-fixes).\n- fbdev: nvidia: fix potential memory leak in nvidiafb_probe() (git-fixes).\n- fbdev: radeon: fix potential memory leak in radeonfb_pci_register() (git-fixes).\n- fbdev: s3fb: fix potential memory leak in s3_pci_probe() (git-fixes).\n- fbdev: sm501fb: Fix buffer errors in OF binding code (git-fixes).\n- fbdev: sm712: Fix operator precedence in big_swap macro (git-fixes).\n- fbdev: tdfxfb: fix potential memory leak in tdfxfb_probe() (git-fixes).\n- fbdev: tridentfb: fix potential memory leak in trident_pci_probe() (git-fixes).\n- fbdev: uvesafb: fix potential memory leak in uvesafb_probe() (git-fixes).\n- fbdev: vesafb: fix memory leak in vesafb_probe() (git-fixes).\n- firmware: arm_scmi: Fix OOB in scmi_power_name_get() (git-fixes).\n- firmware: arm_scmi: Read sensor config as 32-bit value (git-fixes).\n- firmware_loader: Fix recursive lock in device_cache_fw_images() (git-fixes).\n- firmware_loader: fix device reference leak in firmware_upload_register() (git-fixes).\n- gpio: mvebu: fix NULL pointer dereference in suspend/resume (git-fixes).\n- gpu: host1x: Allow entries in BO caches to be freed (git-fixes).\n- gpu: host1x: Fix iommu_map_sgtable() return value check (git-fixes).\n- hv: utils: handle and propagate errors in kvp_register (git-fixes).\n- hwmon: (it87) Clamp negative values to zero in set_fan() (git-fixes).\n- hwrng: jh7110 - fix refcount leak in starfive_trng_read() (git-fixes).\n- hwrng: virtio: clamp device-reported used.len at copy_data() (git-fixes).\n- hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).\n- i2c: core: fix irq domain leak on adapter registration failure (git-fixes).\n- i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (git-fixes).\n- i2c: stm32f7: fix timing computation ignoring i2c-analog-filter (git-fixes).\n- i2c: tegra: Fix NOIRQ suspend/resume (git-fixes).\n- linux/dim: move useful macros to .h file (bsc#1261256).\n- misc: fastrpc: Fix NULL pointer dereference in rpmsg callback (git-fixes).\n- misc: fastrpc: fix DMA address corruption due to find_vma misuse (git-fixes).\n- misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (git-fixes).\n- misc: fastrpc: fix use-after-free race in fastrpc_map_create (git-fixes).\n- net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).\n- net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).\n- net: mana: Add support for RX CQE Coalescing (bsc#1261256).\n- of: cpu: add check in __of_find_n_match_cpu_property() (git-fixes).\n- slimbus: qcom-ngd-ctrl: fix OF node refcount (git-fixes).\n- soc: fsl: qe: panic on ioremap() failure in qe_reset() (git-fixes).\n- soc: ti: k3-ringacc: Fix access mode for k3_ringacc_ring_pop_tail_io/proxy (git-fixes).\n- spi: at91-usart: drop dead runtime pm support (git-fixes).\n- spi: ep93xx: fix double-free of zeropage on DMA setup failure (git-fixes).\n- spi: fsl-lpspi: replace dmaengine_terminate_all() with dmaengine_terminate_sync() (git-fixes).\n- spi: fsl-lpspi: terminate the RX channel on TX prepare failure path (git-fixes).\n- spi: meson-spifc: fix runtime PM leak on remove (git-fixes).\n- spi: xilinx: use FIFO occupancy register to determine buffer size (git-fixes).\n- thermal: hwmon: Fix critical temperature attribute removal (git-fixes).\n- thunderbolt: Bound root directory content to block size (git-fixes).\n- thunderbolt: Clamp XDomain response data copy to allocation size (git-fixes).\n- thunderbolt: Limit XDomain response copy to actual frame size (git-fixes).\n- thunderbolt: Reject zero-length property entries in validator (git-fixes).\n- thunderbolt: Validate XDomain request packet size before type cast (git-fixes).\n- watchdog: apple: Add \"apple,t8103-wdt\" compatible (git-fixes).\n- watchdog: sp5100_tco: Use EFCH MMIO for newer Hygon FCH (git-fixes).\n- watchdog: sprd_wdt: Remove redundant sprd_wdt_disable() on register failure (git-fixes).\n- watchdog: unregister PM notifier on watchdog unregister (git-fixes).\n- wifi: ath11k: fix warning when unbinding (git-fixes).\n- wifi: ath9k: fix OOB access from firmware tx status queue ID (git-fixes).\n- wifi: cfg80211: fix grammar in MLO group key error message (git-fixes).\n- wifi: mac80211: fix monitor mode frame capture for real chanctx drivers (git-fixes).\n- wifi: mt76: fix argument to ieee80211_is_first_frag() (git-fixes).\n- wifi: mt76: mt7915: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7921: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7925: clean up DMA on probe failure (git-fixes).\n- wifi: mt76: mt7925: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7996: fix potential tx_retries underflow (git-fixes).\n- wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor (git-fixes).\n- wifi: rtw88: fix OOB read from firmware RX descriptor exceeding DMA buffer (git-fixes).\n- wifi: rtw88: increase TX report timeout to fix race condition (git-fixes).\n- wifi: rtw88: usb: fix memory leaks on USB write failures (git-fixes).\n- wifi: rtw89: Correct data type for scan index to avoid infinite loop (git-fixes).\n- wifi: wcn36xx: fix OOB read from firmware count in PRINT_REG_INFO indication (git-fixes).\n- wifi: wcn36xx: fix OOB read from short trigger BA firmware response (git-fixes).\n- wifi: wcn36xx: fix heap overflow from oversized firmware HAL response (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-496",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22436-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22436-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622436-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22436-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-July/047859.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1261256",
"url": "https://bugzilla.suse.com/1261256"
},
{
"category": "self",
"summary": "SUSE Bug 1262085",
"url": "https://bugzilla.suse.com/1262085"
},
{
"category": "self",
"summary": "SUSE Bug 1262392",
"url": "https://bugzilla.suse.com/1262392"
},
{
"category": "self",
"summary": "SUSE Bug 1262617",
"url": "https://bugzilla.suse.com/1262617"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262674",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "self",
"summary": "SUSE Bug 1262748",
"url": "https://bugzilla.suse.com/1262748"
},
{
"category": "self",
"summary": "SUSE Bug 1262798",
"url": "https://bugzilla.suse.com/1262798"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263123",
"url": "https://bugzilla.suse.com/1263123"
},
{
"category": "self",
"summary": "SUSE Bug 1263137",
"url": "https://bugzilla.suse.com/1263137"
},
{
"category": "self",
"summary": "SUSE Bug 1263178",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "self",
"summary": "SUSE Bug 1263563",
"url": "https://bugzilla.suse.com/1263563"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263879",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "self",
"summary": "SUSE Bug 1263880",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263993",
"url": "https://bugzilla.suse.com/1263993"
},
{
"category": "self",
"summary": "SUSE Bug 1263996",
"url": "https://bugzilla.suse.com/1263996"
},
{
"category": "self",
"summary": "SUSE Bug 1264045",
"url": "https://bugzilla.suse.com/1264045"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264080",
"url": "https://bugzilla.suse.com/1264080"
},
{
"category": "self",
"summary": "SUSE Bug 1264084",
"url": "https://bugzilla.suse.com/1264084"
},
{
"category": "self",
"summary": "SUSE Bug 1264116",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "self",
"summary": "SUSE Bug 1264137",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "self",
"summary": "SUSE Bug 1264145",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "self",
"summary": "SUSE Bug 1264239",
"url": "https://bugzilla.suse.com/1264239"
},
{
"category": "self",
"summary": "SUSE Bug 1264263",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "self",
"summary": "SUSE Bug 1264266",
"url": "https://bugzilla.suse.com/1264266"
},
{
"category": "self",
"summary": "SUSE Bug 1264437",
"url": "https://bugzilla.suse.com/1264437"
},
{
"category": "self",
"summary": "SUSE Bug 1264444",
"url": "https://bugzilla.suse.com/1264444"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264549",
"url": "https://bugzilla.suse.com/1264549"
},
{
"category": "self",
"summary": "SUSE Bug 1264561",
"url": "https://bugzilla.suse.com/1264561"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264741",
"url": "https://bugzilla.suse.com/1264741"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1265103",
"url": "https://bugzilla.suse.com/1265103"
},
{
"category": "self",
"summary": "SUSE Bug 1265143",
"url": "https://bugzilla.suse.com/1265143"
},
{
"category": "self",
"summary": "SUSE Bug 1265628",
"url": "https://bugzilla.suse.com/1265628"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266397",
"url": "https://bugzilla.suse.com/1266397"
},
{
"category": "self",
"summary": "SUSE Bug 1266698",
"url": "https://bugzilla.suse.com/1266698"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266705",
"url": "https://bugzilla.suse.com/1266705"
},
{
"category": "self",
"summary": "SUSE Bug 1266878",
"url": "https://bugzilla.suse.com/1266878"
},
{
"category": "self",
"summary": "SUSE Bug 1266895",
"url": "https://bugzilla.suse.com/1266895"
},
{
"category": "self",
"summary": "SUSE Bug 1266903",
"url": "https://bugzilla.suse.com/1266903"
},
{
"category": "self",
"summary": "SUSE Bug 1266916",
"url": "https://bugzilla.suse.com/1266916"
},
{
"category": "self",
"summary": "SUSE Bug 1266922",
"url": "https://bugzilla.suse.com/1266922"
},
{
"category": "self",
"summary": "SUSE Bug 1266933",
"url": "https://bugzilla.suse.com/1266933"
},
{
"category": "self",
"summary": "SUSE Bug 1267208",
"url": "https://bugzilla.suse.com/1267208"
},
{
"category": "self",
"summary": "SUSE Bug 1267361",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "self",
"summary": "SUSE Bug 1267381",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267431",
"url": "https://bugzilla.suse.com/1267431"
},
{
"category": "self",
"summary": "SUSE Bug 1267621",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267628",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "self",
"summary": "SUSE Bug 1267640",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267654",
"url": "https://bugzilla.suse.com/1267654"
},
{
"category": "self",
"summary": "SUSE Bug 1267682",
"url": "https://bugzilla.suse.com/1267682"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267697",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "self",
"summary": "SUSE Bug 1267744",
"url": "https://bugzilla.suse.com/1267744"
},
{
"category": "self",
"summary": "SUSE Bug 1268307",
"url": "https://bugzilla.suse.com/1268307"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31429 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31453 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31495 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31592 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31665 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31697 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31698 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31699 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31752 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31771 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43023 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43035 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43049 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43074 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43171 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43345 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43491 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45840 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45862 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45894 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45940 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45961 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45964 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45974 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46123 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46197 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46227 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-06-30T23:09:03Z",
"generator": {
"date": "2026-06-30T23:09:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22436-1",
"initial_release_date": "2026-06-30T23:09:03Z",
"revision_history": [
{
"date": "2026-06-30T23:09:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-48.1.aarch64",
"product_id": "kernel-default-6.4.0-48.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"product_id": "kernel-default-base-6.4.0-48.1.21.25.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-48.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-48.1.noarch",
"product_id": "kernel-devel-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-48.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-48.1.noarch",
"product_id": "kernel-macros-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-48.1.noarch",
"product": {
"name": "kernel-source-6.4.0-48.1.noarch",
"product_id": "kernel-source-6.4.0-48.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.s390x",
"product": {
"name": "kernel-default-6.4.0-48.1.s390x",
"product_id": "kernel-default-6.4.0-48.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-48.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-48.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-48.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-48.1.x86_64",
"product_id": "kernel-default-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"product_id": "kernel-default-base-6.4.0-48.1.21.25.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x"
},
"product_reference": "kernel-default-6.4.0-48.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-48.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-48.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
},
"product_reference": "kernel-source-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
},
{
"category": "external",
"summary": "SUSE Bug 1270230 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1270230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2026-31414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31414",
"url": "https://www.suse.com/security/cve/CVE-2026-31414"
},
{
"category": "external",
"summary": "SUSE Bug 1262085 for CVE-2026-31414",
"url": "https://bugzilla.suse.com/1262085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31429",
"url": "https://www.suse.com/security/cve/CVE-2026-31429"
},
{
"category": "external",
"summary": "SUSE Bug 1262392 for CVE-2026-31429",
"url": "https://bugzilla.suse.com/1262392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: avoid dereferencing log items after push callbacks\n\nAfter xfsaild_push_item() calls iop_push(), the log item may have been\nfreed if the AIL lock was dropped during the push. Background inode\nreclaim or the dquot shrinker can free the log item while the AIL lock\nis not held, and the tracepoints in the switch statement dereference\nthe log item after iop_push() returns.\n\nFix this by capturing the log item type, flags, and LSN before calling\nxfsaild_push_item(), and introducing a new xfs_ail_push_class trace\nevent class that takes these pre-captured values and the ailp pointer\ninstead of the log item pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31453",
"url": "https://www.suse.com/security/cve/CVE-2026-31453"
},
{
"category": "external",
"summary": "SUSE Bug 1262617 for CVE-2026-31453",
"url": "https://bugzilla.suse.com/1262617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31453"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Initialize free_qp completion before using it\n\nIn irdma_create_qp, if ib_copy_to_udata fails, it will call\nirdma_destroy_qp to clean up which will attempt to wait on\nthe free_qp completion, which is not initialized yet. Fix this\nby initializing the completion before the ib_copy_to_udata call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31492",
"url": "https://www.suse.com/security/cve/CVE-2026-31492"
},
{
"category": "external",
"summary": "SUSE Bug 1262748 for CVE-2026-31492",
"url": "https://bugzilla.suse.com/1262748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31492"
},
{
"cve": "CVE-2026-31495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31495",
"url": "https://www.suse.com/security/cve/CVE-2026-31495"
},
{
"category": "external",
"summary": "SUSE Bug 1262798 for CVE-2026-31495",
"url": "https://bugzilla.suse.com/1262798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix deadlock in l2cap_conn_del()\n\nl2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer\nand id_addr_timer while holding conn-\u003elock. However, the work functions\nl2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire\nconn-\u003elock, creating a potential AB-BA deadlock if the work is already\nexecuting when l2cap_conn_del() takes the lock.\n\nMove the work cancellations before acquiring conn-\u003elock and use\ndisable_delayed_work_sync() to additionally prevent the works from\nbeing rearmed after cancellation, consistent with the pattern used in\nhci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31499",
"url": "https://www.suse.com/security/cve/CVE-2026-31499"
},
{
"category": "external",
"summary": "SUSE Bug 1262674 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1262674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31499"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31555",
"url": "https://www.suse.com/security/cve/CVE-2026-31555"
},
{
"category": "external",
"summary": "SUSE Bug 1263178 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "external",
"summary": "SUSE Bug 1263179 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock\n\nTake and hold kvm-\u003elock for before checking sev_guest() in\nsev_mem_enc_register_region(), as sev_guest() isn\u0027t stable unless kvm-\u003elock\nis held (or KVM can guarantee KVM_SEV_INIT{2} has completed and can\u0027t\nrollack state). If KVM_SEV_INIT{2} fails, KVM can end up trying to add to\na not-yet-initialized sev-\u003eregions_list, e.g. triggering a #GP\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n CPU: 110 UID: 0 PID: 72717 Comm: syz.15.11462 Tainted: G U W O 6.16.0-smp-DEV #1 NONE\n Tainted: [U]=USER, [W]=WARN, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:sev_mem_enc_register_region+0x3f0/0x4f0 ../include/linux/list.h:83\n Code: \u003c41\u003e 80 3c 04 00 74 08 4c 89 ff e8 f1 c7 a2 00 49 39 ed 0f 84 c6 00\n RSP: 0018:ffff88838647fbb8 EFLAGS: 00010256\n RAX: dffffc0000000000 RBX: 1ffff92015cf1e0b RCX: dffffc0000000000\n RDX: 0000000000000000 RSI: 0000000000001000 RDI: ffff888367870000\n RBP: ffffc900ae78f050 R08: ffffea000d9e0007 R09: 1ffffd4001b3c000\n R10: dffffc0000000000 R11: fffff94001b3c001 R12: 0000000000000000\n R13: ffff8982ab0bde00 R14: ffffc900ae78f058 R15: 0000000000000000\n FS: 00007f34e9dc66c0(0000) GS:ffff89ee64d33000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fe180adef98 CR3: 000000047210e000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vm_ioctl+0xa72/0x1240 ../arch/x86/kvm/x86.c:7371\n kvm_vm_ioctl+0x649/0x990 ../virt/kvm/kvm_main.c:5363\n __se_sys_ioctl+0x101/0x170 ../fs/ioctl.c:51\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x6f/0x1f0 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f34e9f7e9a9\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f34e9dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007f34ea1a6080 RCX: 00007f34e9f7e9a9\n RDX: 0000200000000280 RSI: 000000008010aebb RDI: 0000000000000007\n RBP: 00007f34ea000d69 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f34ea1a6080 R15: 00007ffce77197a8\n \u003c/TASK\u003e\n\nwith a syzlang reproducer that looks like:\n\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000040)={0x0, \u0026(0x7f0000000180)=ANY=[], 0x70}) (async)\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000080)={0x0, \u0026(0x7f0000000180)=ANY=[@ANYBLOB=\"...\"], 0x4f}) (async)\n r0 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000200), 0x0, 0x0)\n r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)\n r2 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000240), 0x0, 0x0)\n r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)\n ioctl$KVM_SET_CLOCK(r3, 0xc008aeba, \u0026(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) (async)\n ioctl$KVM_SET_PIT2(r3, 0x8010aebb, \u0026(0x7f0000000280)={[...], 0x5}) (async)\n ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) (async)\n r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)\n openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)\n ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, \u0026(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, \u0026(0x7f0000001000/0x2000)=nil}) (async)\n r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)\n close(r0) (async)\n openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000000), 0x8000, 0x0) (async)\n ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, \u0026(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x46, 0x0, 0x0, 0x0, 0x0, 0x1000]}) (async)\n ioctl$KVM_RUN(r5, 0xae80, 0x0)\n\nOpportunistically use guard() to avoid having to define a new error label\nand goto usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31592",
"url": "https://www.suse.com/security/cve/CVE-2026-31592"
},
{
"category": "external",
"summary": "SUSE Bug 1263123 for CVE-2026-31592",
"url": "https://bugzilla.suse.com/1263123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31665",
"url": "https://www.suse.com/security/cve/CVE-2026-31665"
},
{
"category": "external",
"summary": "SUSE Bug 1263137 for CVE-2026-31665",
"url": "https://bugzilla.suse.com/1263137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31680",
"url": "https://www.suse.com/security/cve/CVE-2026-31680"
},
{
"category": "external",
"summary": "SUSE Bug 1263563 for CVE-2026-31680",
"url": "https://bugzilla.suse.com/1263563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31693",
"url": "https://www.suse.com/security/cve/CVE-2026-31693"
},
{
"category": "external",
"summary": "SUSE Bug 1267744 for CVE-2026-31693",
"url": "https://bugzilla.suse.com/1267744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31693"
},
{
"cve": "CVE-2026-31697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don\u0027t attempt to copy the ID blob to\nuserspace if the firmware command failed. If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31697",
"url": "https://www.suse.com/security/cve/CVE-2026-31697"
},
{
"category": "external",
"summary": "SUSE Bug 1264116 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "external",
"summary": "SUSE Bug 1264144 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31697"
},
{
"cve": "CVE-2026-31698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed\n\nWhen retrieving the PDH cert, don\u0027t attempt to copy the blobs to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff8885c4ab8aa0 by task syz.0.186/21033\n\n CPU: 51 UID: 0 PID: 21033 Comm: syz.0.186 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.84.12-0 11/17/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pdh_export+0x3d3/0x7c0 ../drivers/crypto/ccp/sev-dev.c:2347\n sev_ioctl+0x2a2/0x490 ../drivers/crypto/ccp/sev-dev.c:2568\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31698",
"url": "https://www.suse.com/security/cve/CVE-2026-31698"
},
{
"category": "external",
"summary": "SUSE Bug 1263880 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "external",
"summary": "SUSE Bug 1263929 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31698"
},
{
"cve": "CVE-2026-31699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed\n\nWhen retrieving the PEK CSR, don\u0027t attempt to copy the blob to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff898144612e20 by task syz.9.219/21405\n\n CPU: 14 UID: 0 PID: 21405 Comm: syz.9.219 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pek_csr+0x31f/0x590 ../drivers/crypto/ccp/sev-dev.c:1872\n sev_ioctl+0x3a4/0x490 ../drivers/crypto/ccp/sev-dev.c:2562\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31699",
"url": "https://www.suse.com/security/cve/CVE-2026-31699"
},
{
"category": "external",
"summary": "SUSE Bug 1263879 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "external",
"summary": "SUSE Bug 1263928 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31699"
},
{
"cve": "CVE-2026-31752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31752",
"url": "https://www.suse.com/security/cve/CVE-2026-31752"
},
{
"category": "external",
"summary": "SUSE Bug 1264045 for CVE-2026-31752",
"url": "https://bugzilla.suse.com/1264045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: move wake reason storage into validated event handlers\n\nhci_store_wake_reason() is called from hci_event_packet() immediately\nafter stripping the HCI event header but before hci_event_func()\nenforces the per-event minimum payload length from hci_ev_table.\nThis means a short HCI event frame can reach bacpy() before any bounds\ncheck runs.\n\nRather than duplicating skb parsing and per-event length checks inside\nhci_store_wake_reason(), move wake-address storage into the individual\nevent handlers after their existing event-length validation has\nsucceeded. Convert hci_store_wake_reason() into a small helper that only\nstores an already-validated bdaddr while the caller holds hci_dev_lock().\nUse the same helper after hci_event_func() with a NULL address to\npreserve the existing unexpected-wake fallback semantics when no\nvalidated event handler records a wake address.\n\nAnnotate the helper with __must_hold(\u0026hdev-\u003elock) and add\nlockdep_assert_held(\u0026hdev-\u003elock) so future call paths keep the lock\ncontract explicit.\n\nCall the helper from hci_conn_request_evt(), hci_conn_complete_evt(),\nhci_sync_conn_complete_evt(), le_conn_complete_evt(),\nhci_le_adv_report_evt(), hci_le_ext_adv_report_evt(),\nhci_le_direct_adv_report_evt(), hci_le_pa_sync_established_evt(), and\nhci_le_past_received_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31771",
"url": "https://www.suse.com/security/cve/CVE-2026-31771"
},
{
"category": "external",
"summary": "SUSE Bug 1264145 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "external",
"summary": "SUSE Bug 1264146 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-31771"
},
{
"cve": "CVE-2026-43023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: fix race conditions in sco_sock_connect()\n\nsco_sock_connect() checks sk_state and sk_type without holding\nthe socket lock. Two concurrent connect() syscalls on the same\nsocket can both pass the check and enter sco_connect(), leading\nto use-after-free.\n\nThe buggy scenario involves three participants and was confirmed\nwith additional logging instrumentation:\n\n Thread A (connect): HCI disconnect: Thread B (connect):\n\n sco_sock_connect(sk) sco_sock_connect(sk)\n sk_state==BT_OPEN sk_state==BT_OPEN\n (pass, no lock) (pass, no lock)\n sco_connect(sk): sco_connect(sk):\n hci_dev_lock hci_dev_lock\n hci_connect_sco \u003c- blocked\n -\u003e hcon1\n sco_conn_add-\u003econn1\n lock_sock(sk)\n sco_chan_add:\n conn1-\u003esk = sk\n sk-\u003econn = conn1\n sk_state=BT_CONNECT\n release_sock\n hci_dev_unlock\n hci_dev_lock\n sco_conn_del:\n lock_sock(sk)\n sco_chan_del:\n sk-\u003econn=NULL\n conn1-\u003esk=NULL\n sk_state=\n BT_CLOSED\n SOCK_ZAPPED\n release_sock\n hci_dev_unlock\n (unblocked)\n hci_connect_sco\n -\u003e hcon2\n sco_conn_add\n -\u003e conn2\n lock_sock(sk)\n sco_chan_add:\n sk-\u003econn=conn2\n sk_state=\n BT_CONNECT\n // zombie sk!\n release_sock\n hci_dev_unlock\n\nThread B revives a BT_CLOSED + SOCK_ZAPPED socket back to\nBT_CONNECT. Subsequent cleanup triggers double sock_put() and\nuse-after-free. Meanwhile conn1 is leaked as it was orphaned\nwhen sco_conn_del() cleared the association.\n\nFix this by:\n- Moving lock_sock() before the sk_state/sk_type checks in\n sco_sock_connect() to serialize concurrent connect attempts\n- Fixing the sk_type != SOCK_SEQPACKET check to actually\n return the error instead of just assigning it\n- Adding a state re-check in sco_connect() after lock_sock()\n to catch state changes during the window between the locks\n- Adding sco_pi(sk)-\u003econn check in sco_chan_add() to prevent\n double-attach of a socket to multiple connections\n- Adding hci_conn_drop() on sco_chan_add failure to prevent\n HCI connection leaks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43023",
"url": "https://www.suse.com/security/cve/CVE-2026-43023"
},
{
"category": "external",
"summary": "SUSE Bug 1264137 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "external",
"summary": "SUSE Bug 1264138 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43023"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43035",
"url": "https://www.suse.com/security/cve/CVE-2026-43035"
},
{
"category": "external",
"summary": "SUSE Bug 1263996 for CVE-2026-43035",
"url": "https://bugzilla.suse.com/1263996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use skb_header_pointer() for TCPv4 GSO frag_off check\n\nSyzbot reported a KMSAN uninit-value warning in gso_features_check()\ncalled from netif_skb_features() [1].\n\ngso_features_check() reads iph-\u003efrag_off to decide whether to clear\nmangleid_features. Accessing the IPv4 header via ip_hdr()/inner_ip_hdr()\ncan rely on skb header offsets that are not always safe for direct\ndereference on packets injected from PF_PACKET paths.\n\nUse skb_header_pointer() for the TCPv4 frag_off check so the header read\nis robust whether data is already linear or needs copying.\n\n[1] https://syzkaller.appspot.com/bug?extid=1543a7d954d9c6d00407",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43036",
"url": "https://www.suse.com/security/cve/CVE-2026-43036"
},
{
"category": "external",
"summary": "SUSE Bug 1263993 for CVE-2026-43036",
"url": "https://bugzilla.suse.com/1263993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43036"
},
{
"cve": "CVE-2026-43049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure\n\nPresently, if the force feedback initialisation fails when probing the\nLogitech G920 Driving Force Racing Wheel for Xbox One, an error number\nwill be returned and propagated before the userspace infrastructure\n(sysfs and /dev/input) has been torn down. If userspace ignores the\nerrors and continues to use its references to these dangling entities, a\nUAF will promptly follow.\n\nWe have 2 options; continue to return the error, but ensure that all of\nthe infrastructure is torn down accordingly or continue to treat this\ncondition as a warning by emitting the message but returning success.\nIt is thought that the original author\u0027s intention was to emit the\nwarning but keep the device functional, less the force feedback feature,\nso let\u0027s go with that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43049",
"url": "https://www.suse.com/security/cve/CVE-2026-43049"
},
{
"category": "external",
"summary": "SUSE Bug 1264080 for CVE-2026-43049",
"url": "https://bugzilla.suse.com/1264080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43049"
},
{
"cve": "CVE-2026-43053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: close crash window in attr dabtree inactivation\n\nWhen inactivating an inode with node-format extended attributes,\nxfs_attr3_node_inactive() invalidates all child leaf/node blocks via\nxfs_trans_binval(), but intentionally does not remove the corresponding\nentries from their parent node blocks. The implicit assumption is that\nxfs_attr_inactive() will truncate the entire attr fork to zero extents\nafterwards, so log recovery will never reach the root node and follow\nthose stale pointers.\n\nHowever, if a log shutdown occurs after the leaf/node block cancellations\ncommit but before the attr bmap truncation commits, this assumption\nbreaks. Recovery replays the attr bmap intact (the inode still has\nattr fork extents), but suppresses replay of all cancelled leaf/node\nblocks, maybe leaving them as stale data on disk. On the next mount,\nxlog_recover_process_iunlinks() retries inactivation and attempts to\nread the root node via the attr bmap. If the root node was not replayed,\nreading the unreplayed root block triggers a metadata verification\nfailure immediately; if it was replayed, following its child pointers\nto unreplayed child blocks triggers the same failure:\n\n XFS (pmem0): Metadata corruption detected at\n xfs_da3_node_read_verify+0x53/0x220, xfs_da3_node block 0x78\n XFS (pmem0): Unmount and run xfs_repair\n XFS (pmem0): First 128 bytes of corrupted metadata buffer:\n 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n XFS (pmem0): metadata I/O error in \"xfs_da_read_buf+0x104/0x190\" at daddr 0x78 len 8 error 117\n\nFix this in two places:\n\nIn xfs_attr3_node_inactive(), after calling xfs_trans_binval() on a\nchild block, immediately remove the entry that references it from the\nparent node in the same transaction. This eliminates the window where\nthe parent holds a pointer to a cancelled block. Once all children are\nremoved, the now-empty root node is converted to a leaf block within the\nsame transaction. This node-to-leaf conversion is necessary for crash\nsafety. If the system shutdown after the empty node is written to the\nlog but before the second-phase bmap truncation commits, log recovery\nwill attempt to verify the root block on disk. xfs_da3_node_verify()\ndoes not permit a node block with count == 0; such a block will fail\nverification and trigger a metadata corruption shutdown. on the other\nhand, leaf blocks are allowed to have this transient state.\n\nIn xfs_attr_inactive(), split the attr fork truncation into two explicit\nphases. First, truncate all extents beyond the root block (the child\nextents whose parent references have already been removed above).\nSecond, invalidate the root block and truncate the attr bmap to zero in\na single transaction. The two operations in the second phase must be\natomic: as long as the attr bmap has any non-zero length, recovery can\nfollow it to the root block, so the root block invalidation must commit\ntogether with the bmap-to-zero truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43053",
"url": "https://www.suse.com/security/cve/CVE-2026-43053"
},
{
"category": "external",
"summary": "SUSE Bug 1264084 for CVE-2026-43053",
"url": "https://bugzilla.suse.com/1264084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43053"
},
{
"cve": "CVE-2026-43074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: defer struct eventpoll free to RCU grace period\n\nIn certain situations, ep_free() in eventpoll.c will kfree the epi-\u003eep\neventpoll struct while it still being used by another concurrent thread.\nDefer the kfree() to an RCU callback to prevent UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43074",
"url": "https://www.suse.com/security/cve/CVE-2026-43074"
},
{
"category": "external",
"summary": "SUSE Bug 1264263 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "external",
"summary": "SUSE Bug 1265307 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1265307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43074"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ioam6: fix OOB and missing lock\n\nWhen trace-\u003etype.bit6 is set:\n\n if (trace-\u003etype.bit6) {\n ...\n queue = skb_get_tx_queue(dev, skb);\n qdisc = rcu_dereference(queue-\u003eqdisc);\n\nThis code can lead to an out-of-bounds access of the dev-\u003e_tx[] array\nwhen is_input is true. In such a case, the packet is on the RX path and\nskb-\u003equeue_mapping contains the RX queue index of the ingress device. If\nthe ingress device has more RX queues than the egress device (dev) has\nTX queues, skb_get_queue_mapping(skb) will exceed dev-\u003enum_tx_queues.\nAdd a check to avoid this situation since skb_get_tx_queue() does not\nclamp the index. This issue has also revealed that per queue visibility\ncannot be accurate and will be replaced later as a new feature.\n\nWhile at it, add missing lock around qdisc_qstats_qlen_backlog(). The\nfunction __ioam6_fill_trace_data() is called from both softirq and\nprocess contexts, hence the use of spin_lock_bh() here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43083",
"url": "https://www.suse.com/security/cve/CVE-2026-43083"
},
{
"category": "external",
"summary": "SUSE Bug 1264266 for CVE-2026-43083",
"url": "https://bugzilla.suse.com/1264266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43083"
},
{
"cve": "CVE-2026-43101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()\n\nWe need to check __in6_dev_get() for possible NULL value, as\nsuggested by Yiming Qian.\n\nAlso add skb_dst_dev_rcu() instead of skb_dst_dev(),\nand two missing READ_ONCE().\n\nNote that @dev can\u0027t be NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43101",
"url": "https://www.suse.com/security/cve/CVE-2026-43101"
},
{
"category": "external",
"summary": "SUSE Bug 1264239 for CVE-2026-43101",
"url": "https://bugzilla.suse.com/1264239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43101"
},
{
"cve": "CVE-2026-43112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43112",
"url": "https://www.suse.com/security/cve/CVE-2026-43112"
},
{
"category": "external",
"summary": "SUSE Bug 1264437 for CVE-2026-43112",
"url": "https://bugzilla.suse.com/1264437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43112"
},
{
"cve": "CVE-2026-43119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status\n\n__hci_cmd_sync_sk() sets hdev-\u003ereq_status under hdev-\u003ereq_lock:\n\n hdev-\u003ereq_status = HCI_REQ_PEND;\n\nHowever, several other functions read or write hdev-\u003ereq_status without\nholding any lock:\n\n - hci_send_cmd_sync() reads req_status in hci_cmd_work (workqueue)\n - hci_cmd_sync_complete() reads/writes from HCI event completion\n - hci_cmd_sync_cancel() / hci_cmd_sync_cancel_sync() read/write\n - hci_abort_conn() reads in connection abort path\n\nSince __hci_cmd_sync_sk() runs on hdev-\u003ereq_workqueue while\nhci_send_cmd_sync() runs on hdev-\u003eworkqueue, these are different\nworkqueues that can execute concurrently on different CPUs. The plain\nC accesses constitute a data race.\n\nAdd READ_ONCE()/WRITE_ONCE() annotations on all concurrent accesses\nto hdev-\u003ereq_status to prevent potential compiler optimizations that\ncould affect correctness (e.g., load fusing in the wait_event\ncondition or store reordering).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43119",
"url": "https://www.suse.com/security/cve/CVE-2026-43119"
},
{
"category": "external",
"summary": "SUSE Bug 1264561 for CVE-2026-43119",
"url": "https://bugzilla.suse.com/1264561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43119"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nEFI/CPER: don\u0027t dump the entire memory region\n\nThe current logic at cper_print_fw_err() doesn\u0027t check if the\nerror record length is big enough to handle offset. On a bad firmware,\nif the ofset is above the actual record, length -= offset will\nunderflow, making it dump the entire memory.\n\nThe end result can be:\n\n - the logic taking a lot of time dumping large regions of memory;\n - data disclosure due to the memory dumps;\n - an OOPS, if it tries to dump an unmapped memory region.\n\nFix it by checking if the section length is too small before doing\na hex dump.\n\n[ rjw: Subject tweaks ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43171",
"url": "https://www.suse.com/security/cve/CVE-2026-43171"
},
{
"category": "external",
"summary": "SUSE Bug 1264549 for CVE-2026-43171",
"url": "https://bugzilla.suse.com/1264549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43171"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: prevent races in -\u003equery_interfaces()\n\nIt was possible for two query interface works to be concurrently trying\nto update the interfaces.\n\nPrevent this by checking and updating iface_last_update under\niface_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43239",
"url": "https://www.suse.com/security/cve/CVE-2026-43239"
},
{
"category": "external",
"summary": "SUSE Bug 1264444 for CVE-2026-43239",
"url": "https://bugzilla.suse.com/1264444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43239"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix event ring index not programmed for IPA v5.0+\n\nFor IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to\nCH_C_CNTXT_1. The v5.0 register definition intended to define this\nfield in the CH_C_CNTXT_1 fmask array but used the old identifier of\nERINDEX instead of CH_ERINDEX.\n\nWithout a valid event ring, GSI channels could never signal transfer\ncompletions. This caused gsi_channel_trans_quiesce() to block\nforever in wait_for_completion().\n\nAt least for IPA v5.2 this resolves an issue seen where runtime\nsuspend, system suspend, and remoteproc stop all hanged forever. It\nalso meant the IPA data path was completely non functional.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43345",
"url": "https://www.suse.com/security/cve/CVE-2026-43345"
},
{
"category": "external",
"summary": "SUSE Bug 1265103 for CVE-2026-43345",
"url": "https://bugzilla.suse.com/1265103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43345"
},
{
"cve": "CVE-2026-43405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Use u32 for non-negative values in ceph_monmap_decode()\n\nThis patch fixes unnecessary implicit conversions that change signedness\nof blob_len and num_mon in ceph_monmap_decode().\nCurrently blob_len and num_mon are (signed) int variables. They are used\nto hold values that are always non-negative and get assigned in\nceph_decode_32_safe(), which is meant to assign u32 values. Both\nvariables are subsequently used as unsigned values, and the value of\nnum_mon is further assigned to monmap-\u003enum_mon, which is of type u32.\nTherefore, both variables should be of type u32. This is especially\nrelevant for num_mon. If the value read from the incoming message is\nvery large, it is interpreted as a negative value, and the check for\nnum_mon \u003e CEPH_MAX_MON does not catch it. This leads to the attempt to\nallocate a very large chunk of memory for monmap, which will most likely\nfail. In this case, an unnecessary attempt to allocate memory is\nperformed, and -ENOMEM is returned instead of -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43405",
"url": "https://www.suse.com/security/cve/CVE-2026-43405"
},
{
"category": "external",
"summary": "SUSE Bug 1264741 for CVE-2026-43405",
"url": "https://bugzilla.suse.com/1264741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43405"
},
{
"cve": "CVE-2026-43469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: Decrement re_receiving on the early exit paths\n\nIn the event that rpcrdma_post_recvs() fails to create a work request\n(due to memory allocation failure, say) or otherwise exits early, we\nshould decrement ep-\u003ere_receiving before returning. Otherwise we will\nhang in rpcrdma_xprt_drain() as re_receiving will never reach zero and\nthe completion will never be triggered.\n\nOn a system with high memory pressure, this can appear as the following\nhung task:\n\n INFO: task kworker/u385:17:8393 blocked for more than 122 seconds.\n Tainted: G S E 6.19.0 #3\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u385:17 state:D stack:0 pid:8393 tgid:8393 ppid:2 task_flags:0x4248060 flags:0x00080000\n Workqueue: xprtiod xprt_autoclose [sunrpc]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x48b/0x18b0\n ? ib_post_send_mad+0x247/0xae0 [ib_core]\n schedule+0x27/0xf0\n schedule_timeout+0x104/0x110\n __wait_for_common+0x98/0x180\n ? __pfx_schedule_timeout+0x10/0x10\n wait_for_completion+0x24/0x40\n rpcrdma_xprt_disconnect+0x444/0x460 [rpcrdma]\n xprt_rdma_close+0x12/0x40 [rpcrdma]\n xprt_autoclose+0x5f/0x120 [sunrpc]\n process_one_work+0x191/0x3e0\n worker_thread+0x2e3/0x420\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x230\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x273/0x2b0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43469",
"url": "https://www.suse.com/security/cve/CVE-2026-43469"
},
{
"category": "external",
"summary": "SUSE Bug 1265143 for CVE-2026-43469",
"url": "https://bugzilla.suse.com/1265143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43469"
},
{
"cve": "CVE-2026-43491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit the maximum server registration per node\n\nCurrent code does no bound checking on the number of servers added per\nnode. A malicious client can flood NEW_SERVER messages and exhaust memory.\n\nFix this issue by limiting the maximum number of server registrations to\n256 per node. If the NEW_SERVER message is received for an old port, then\ndon\u0027t restrict it as it will get replaced. While at it, also rate limit\nthe error messages in the failure path of qrtr_ns_worker().\n\nNote that the limit of 256 is chosen based on the current platform\nrequirements. If requirement changes in the future, this limit can be\nincreased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43491",
"url": "https://www.suse.com/security/cve/CVE-2026-43491"
},
{
"category": "external",
"summary": "SUSE Bug 1265628 for CVE-2026-43491",
"url": "https://bugzilla.suse.com/1265628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43491"
},
{
"cve": "CVE-2026-45840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: cap upcall PID array size and pre-size vport replies\n\nThe vport netlink reply helpers allocate a fixed-size skb with\nnlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\narray via ovs_vport_get_upcall_portids(). Since\novs_vport_set_upcall_portids() accepts any non-zero multiple of\nsizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\narray large enough to overflow the reply buffer, causing nla_put() to\nfail with -EMSGSIZE and hitting BUG_ON(err \u003c 0). On systems with\nunprivileged user namespaces enabled (e.g., Ubuntu default), this is\nreachable via unshare -Urn since OVS vport mutation operations use\nGENL_UNS_ADMIN_PERM.\n\n kernel BUG at net/openvswitch/datapath.c:2414!\n Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n genl_rcv_msg (net/netlink/genetlink.c:1194)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sys_sendto (net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nReject attempts to set more PIDs than nr_cpu_ids in\novs_vport_set_upcall_portids(), and pre-compute the worst-case reply\nsize in ovs_vport_cmd_msg_size() based on that bound, similar to the\nexisting ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\nused by the per-CPU dispatch configuration on the datapath side\n(ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\ntwo sides stay consistent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45840",
"url": "https://www.suse.com/security/cve/CVE-2026-45840"
},
{
"category": "external",
"summary": "SUSE Bug 1266397 for CVE-2026-45840",
"url": "https://bugzilla.suse.com/1266397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45840"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Flush cache for PASID table before using it\n\nWhen writing the address of a freshly allocated zero-initialized PASID\ntable to a PASID directory entry, do that after the CPU cache flush for\nthis PASID table, not before it, to avoid the time window when this\nPASID table may be already used by non-coherent IOMMU hardware while\nits contents in RAM is still some random old data, not zero-initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45862",
"url": "https://www.suse.com/security/cve/CVE-2026-45862"
},
{
"category": "external",
"summary": "SUSE Bug 1266705 for CVE-2026-45862",
"url": "https://bugzilla.suse.com/1266705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45862"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clear Present bit before tearing down PASID entry\n\nThe Intel VT-d Scalable Mode PASID table entry consists of 512 bits (64\nbytes). When tearing down an entry, the current implementation zeros the\nentire 64-byte structure immediately using multiple 64-bit writes.\n\nSince the IOMMU hardware may fetch these 64 bytes using multiple\ninternal transactions (e.g., four 128-bit bursts), updating or zeroing\nthe entire entry while it is active (P=1) risks a \"torn\" read. If a\nhardware fetch occurs simultaneously with the CPU zeroing the entry, the\nhardware could observe an inconsistent state, leading to unpredictable\nbehavior or spurious faults.\n\nFollow the \"Guidance to Software for Invalidations\" in the VT-d spec\n(Section 6.5.3.3) by implementing the recommended ownership handshake:\n\n1. Clear only the \u0027Present\u0027 (P) bit of the PASID entry.\n2. Use a dma_wmb() to ensure the cleared bit is visible to hardware\n before proceeding.\n3. Execute the required invalidation sequence (PASID cache, IOTLB, and\n Device-TLB flush) to ensure the hardware has released all cached\n references.\n4. Only after the flushes are complete, zero out the remaining fields\n of the PASID entry.\n\nAlso, add a dma_wmb() in pasid_set_present() to ensure that all other\nfields of the PASID entry are visible to the hardware before the Present\nbit is set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45894",
"url": "https://www.suse.com/security/cve/CVE-2026-45894"
},
{
"category": "external",
"summary": "SUSE Bug 1266895 for CVE-2026-45894",
"url": "https://bugzilla.suse.com/1266895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45894"
},
{
"cve": "CVE-2026-45940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix oops when split header is enabled\n\nFor GMAC4, when split header is enabled, in some rare cases, the\nhardware does not fill buf2 of the first descriptor with payload.\nThus we cannot assume buf2 is always fully filled if it is not\nthe last descriptor. Otherwise, the length of buf2 of the second\ndescriptor will be calculated wrong and cause an oops:\n\nUnable to handle kernel paging request at virtual address ffff00019246bfc0\n...\nx2 : 0000000000000040 x1 : ffff00019246bfc0 x0 : ffff00009246c000\nCall trace:\n dcache_inval_poc+0x28/0x58 (P)\n dma_direct_sync_single_for_cpu+0x38/0x6c\n __dma_sync_single_for_cpu+0x34/0x6c\n stmmac_napi_poll_rx+0x8f0/0xb60\n __napi_poll.constprop.0+0x30/0x144\n net_rx_action+0x160/0x274\n handle_softirqs+0x1b8/0x1fc\n...\n\nTo fix this, the PL bit-field in RDES3 register is used for all\ndescriptors, whether it is the last descriptor or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45940",
"url": "https://www.suse.com/security/cve/CVE-2026-45940"
},
{
"category": "external",
"summary": "SUSE Bug 1266916 for CVE-2026-45940",
"url": "https://bugzilla.suse.com/1266916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45940"
},
{
"cve": "CVE-2026-45961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix memory leaks in gfs2_fill_super error path\n\nFix two memory leaks in the gfs2_fill_super() error handling path when\ntransitioning a filesystem to read-write mode fails.\n\nFirst leak: kthread objects (thread_struct, task_struct, etc.)\nWhen gfs2_freeze_lock_shared() fails after init_threads() succeeds, the\ncreated kernel threads (logd and quotad) are never destroyed. This\noccurs because the fail_per_node label doesn\u0027t call\ngfs2_destroy_threads().\n\nSecond leak: quota bitmap buffer (8192 bytes)\nWhen gfs2_make_fs_rw() fails after gfs2_quota_init() succeeds but\nbefore other operations complete, the allocated quota bitmap is never\nfreed.\n\nThe fix moves thread cleanup to the fail_per_node label to handle all\nerror paths uniformly. gfs2_destroy_threads() is safe to call\nunconditionally as it checks for NULL pointers. Quota cleanup is added\nin gfs2_make_fs_rw() to properly handle the withdrawal case where\nquota initialization succeeds but the filesystem is then withdrawn.\n\nThread leak backtrace (gfs2_freeze_lock_shared failure):\n unreferenced object 0xffff88801d7bca80 (size 4480):\n copy_process+0x3a1/0x4670 kernel/fork.c:2422\n kernel_clone+0xf3/0x6e0 kernel/fork.c:2779\n kthread_create_on_node+0x100/0x150 kernel/kthread.c:478\n init_threads+0xab/0x350 fs/gfs2/ops_fstype.c:611\n gfs2_fill_super+0xe5c/0x1240 fs/gfs2/ops_fstype.c:1265\n\nQuota leak backtrace (gfs2_make_fs_rw failure):\n unreferenced object 0xffff88812de7c000 (size 8192):\n gfs2_quota_init+0xe5/0x820 fs/gfs2/quota.c:1409\n gfs2_make_fs_rw+0x7a/0xe0 fs/gfs2/super.c:149\n gfs2_fill_super+0xfbb/0x1240 fs/gfs2/ops_fstype.c:1275",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45961",
"url": "https://www.suse.com/security/cve/CVE-2026-45961"
},
{
"category": "external",
"summary": "SUSE Bug 1266933 for CVE-2026-45961",
"url": "https://bugzilla.suse.com/1266933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "low"
}
],
"title": "CVE-2026-45961"
},
{
"cve": "CVE-2026-45964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix gss_auth kref leak in gss_alloc_msg error path\n\nCommit 5940d1cf9f42 (\"SUNRPC: Rebalance a kref in auth_gss.c\") added\na kref_get(\u0026gss_auth-\u003ekref) call to balance the gss_put_auth() done\nin gss_release_msg(), but forgot to add a corresponding kref_put()\non the error path when kstrdup_const() fails.\n\nIf service_name is non-NULL and kstrdup_const() fails, the function\njumps to err_put_pipe_version which calls put_pipe_version() and\nkfree(gss_msg), but never releases the gss_auth reference. This leads\nto a kref leak where the gss_auth structure is never freed.\n\nAdd a forward declaration for gss_free_callback() and call kref_put()\nin the err_put_pipe_version error path to properly release the\nreference taken earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45964",
"url": "https://www.suse.com/security/cve/CVE-2026-45964"
},
{
"category": "external",
"summary": "SUSE Bug 1266698 for CVE-2026-45964",
"url": "https://bugzilla.suse.com/1266698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45964"
},
{
"cve": "CVE-2026-45965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix invalid deref of rawdata when export_binary is unset\n\nIf the export_binary parameter is disabled on runtime, profiles that\nwere loaded before that will still have their rawdata stored in\napparmorfs, with a symbolic link to the rawdata on the policy\ndirectory. When one of those profiles are replaced, the rawdata is set\nto NULL, but when trying to resolve the symbolic links to rawdata for\nthat profile, it will try to dereference profile-\u003erawdata-\u003ename when\nprofile-\u003erawdata is now NULL causing an oops. Fix it by checking if\nrawdata is set.\n\n[ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088\n[ 168.657420] #PF: supervisor read access in kernel mode\n[ 168.660619] #PF: error_code(0x0000) - not-present page\n[ 168.663613] PGD 0 P4D 0\n[ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary)\n[ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330\n[ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 \u003c48\u003e 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8\n[ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282\n[ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158\n[ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80\n[ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000\n[ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80\n[ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0\n[ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000\n[ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0\n[ 168.701696] Call Trace:\n[ 168.702325] \u003cTASK\u003e\n[ 168.702995] rawdata_get_link_data+0x1c/0x30\n[ 168.704145] vfs_readlink+0xd4/0x160\n[ 168.705152] do_readlinkat+0x114/0x180\n[ 168.706214] __x64_sys_readlink+0x1e/0x30\n[ 168.708653] x64_sys_call+0x1d77/0x26b0\n[ 168.709525] do_syscall_64+0x81/0x500\n[ 168.710348] ? do_statx+0x72/0xb0\n[ 168.711109] ? putname+0x3e/0x80\n[ 168.711845] ? __x64_sys_statx+0xb7/0x100\n[ 168.712711] ? x64_sys_call+0x10fc/0x26b0\n[ 168.713577] ? do_syscall_64+0xbf/0x500\n[ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0\n[ 168.715404] ? irqentry_exit+0xb2/0x740\n[ 168.716359] ? exc_page_fault+0x90/0x1b0\n[ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45965",
"url": "https://www.suse.com/security/cve/CVE-2026-45965"
},
{
"category": "external",
"summary": "SUSE Bug 1267208 for CVE-2026-45965",
"url": "https://bugzilla.suse.com/1267208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45965"
},
{
"cve": "CVE-2026-45974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45974",
"url": "https://www.suse.com/security/cve/CVE-2026-45974"
},
{
"category": "external",
"summary": "SUSE Bug 1266922 for CVE-2026-45974",
"url": "https://bugzilla.suse.com/1266922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45974"
},
{
"cve": "CVE-2026-46005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix a resource leak in xfs_alloc_buftarg()\n\nIn the error path, call fs_put_dax() to drop the DAX\ndevice reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46005",
"url": "https://www.suse.com/security/cve/CVE-2026-46005"
},
{
"category": "external",
"summary": "SUSE Bug 1267431 for CVE-2026-46005",
"url": "https://bugzilla.suse.com/1267431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46005"
},
{
"cve": "CVE-2026-46037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: icmp: validate reply type before using icmp_pointers\n\nExtended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type.\nThat value is outside the range covered by icmp_pointers[], which only\ndescribes the traditional ICMP types up to NR_ICMP_TYPES.\n\nAvoid consulting icmp_pointers[] for reply types outside that range, and\nuse array_index_nospec() for the remaining in-range lookup. Normal ICMP\nreplies keep their existing behavior unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46037",
"url": "https://www.suse.com/security/cve/CVE-2026-46037"
},
{
"category": "external",
"summary": "SUSE Bug 1267361 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "external",
"summary": "SUSE Bug 1267362 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46037"
},
{
"cve": "CVE-2026-46101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: reject zero shift in nft_bitwise\n\nReject zero shift operands for nft_bitwise left and right shift\nexpressions during initialization.\n\nThe carry propagation logic computes the carry from the adjacent 32-bit\nword using BITS_PER_TYPE(u32) - shift. A zero shift operand turns this\ninto a 32-bit shift, which is undefined behaviour.\n\nReject zero shift operands in the control plane, alongside the existing\ncheck for values greater than or equal to 32, so malformed rules never\nreach the packet path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46101",
"url": "https://www.suse.com/security/cve/CVE-2026-46101"
},
{
"category": "external",
"summary": "SUSE Bug 1266878 for CVE-2026-46101",
"url": "https://bugzilla.suse.com/1266878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46101"
},
{
"cve": "CVE-2026-46119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix slab-out-of-bounds access in auth message processing\n\nIf a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY\ncontains a positive value in its result field, it is treated as an\nerror code by ceph_handle_auth_reply() and returned to\nhandle_auth_reply(). Thereafter, an attempt is made to send the\npreallocated message of type CEPH_MSG_AUTH, where the returned value is\ninterpreted as the size of the front segment to send. If the result\nvalue in the message is greater than the size of the memory buffer\nallocated for the front segment, an out-of-bounds access occurs, and\nthe content of the memory region beyond this buffer is sent out.\n\nThis patch fixes the issue by treating only negative values in the\nresult field as errors. Positive values are therefore treated as success\nin the same way as a zero value. Additionally, a BUG_ON is added to\n__send_prepared_auth_request() comparing the len parameter to\nfront_alloc_len to prevent sending the message if it exceeds the bounds\nof the allocation and to make it easier to catch any logic flaws leading\nto this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46119",
"url": "https://www.suse.com/security/cve/CVE-2026-46119"
},
{
"category": "external",
"summary": "SUSE Bug 1267628 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "external",
"summary": "SUSE Bug 1267894 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46119"
},
{
"cve": "CVE-2026-46120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: Use cached t-\u003enet in ip6erspan_changelink().\n\nAfter commit 5e72ce3e3980 (\"net: ipv6: Use link netns in newlink() of\nrtnl_link_ops\"), ip6erspan_newlink() correctly resolves the per-netns\nip6gre hash via link_net. ip6erspan_changelink() was not converted in\nthat series and still uses dev_net(dev), which diverges from the\ndevice\u0027s creation netns after IFLA_NET_NS_FD migration.\n\nThis re-inserts the tunnel into the wrong per-netns hash. The\noriginal netns keeps a stale entry. When that netns is later\ndestroyed, ip6gre_exit_rtnl_net() walks the stale entry, producing a\nslab-use-after-free reported by KASAN, followed by a kernel BUG at\nnet/core/dev.c (LIST_POISON1) in unregister_netdevice_many_notify().\n\nReachable from an unprivileged user namespace (unshare --user\n--map-root-user --net).\n\nip6gre_changelink() earlier in the same file already uses the cached\nt-\u003enet; only ip6erspan_changelink() has the wrong shape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46120",
"url": "https://www.suse.com/security/cve/CVE-2026-46120"
},
{
"category": "external",
"summary": "SUSE Bug 1267640 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "external",
"summary": "SUSE Bug 1267893 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46120"
},
{
"cve": "CVE-2026-46123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: virtio_bt: clamp rx length before skb_put\n\nvirtbt_rx_work() calls skb_put(skb, len) where len comes directly\nfrom virtqueue_get_buf() with no validation against the buffer we\nposted to the device. The RX skb is allocated in virtbt_add_inbuf()\nand exposed to virtio as exactly 1000 bytes via sg_init_one().\n\nChecking len against skb_tailroom(skb) is not sufficient because\nalloc_skb() can leave more tailroom than the 1000 bytes actually\nhanded to the device. A malicious or buggy backend can therefore\nreport used.len between 1001 and skb_tailroom(skb), causing skb_put()\nto include uninitialized kernel heap bytes that were never written by\nthe device.\n\nThe same path also accepts len == 0, in which case skb_put(skb, 0)\nleaves the skb empty but virtbt_rx_handle() still reads the pkt_type\nbyte from skb-\u003edata, consuming uninitialized memory.\n\nDefine VIRTBT_RX_BUF_SIZE once and reuse it in alloc_skb() and\nsg_init_one(), and gate virtbt_rx_work() on that same constant so\nthe bound checked matches the buffer actually exposed to the device.\nReject used.len == 0 in the same gate so an empty completion can\nno longer reach virtbt_rx_handle().\n\nUse bt_dev_err_ratelimited() because the length value comes from an\nuntrusted backend that can otherwise flood the kernel log.\n\nSame class of bug as commit c04db81cd028 (\"net/9p: Fix buffer\noverflow in USB transport layer\"), which hardened the USB 9p\ntransport against unchecked device-reported length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46123",
"url": "https://www.suse.com/security/cve/CVE-2026-46123"
},
{
"category": "external",
"summary": "SUSE Bug 1267621 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "external",
"summary": "SUSE Bug 1267622 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46123"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: xfrm6: release dst on error in xfrm6_rcv_encap()\n\nxfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not\nalready have a dst attached. ip6_route_input_lookup() returns a\nreferenced dst entry even when the lookup resolves to an error route.\n\nIf dst-\u003eerror is set, xfrm6_rcv_encap() drops the skb without attaching\nthe dst to the skb and without releasing the reference returned by the\nlookup. Repeated packets hitting this path therefore leak dst entries.\n\nRelease the dst before jumping to the drop path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46172",
"url": "https://www.suse.com/security/cve/CVE-2026-46172"
},
{
"category": "external",
"summary": "SUSE Bug 1266903 for CVE-2026-46172",
"url": "https://bugzilla.suse.com/1266903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46172"
},
{
"cve": "CVE-2026-46197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: validate SVM ioctl nattr against buffer size\n\nValidate nattr field against the buffer size, preventing\nout-of-bounds buffer access via user-controlled attribute count.\n\n(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46197",
"url": "https://www.suse.com/security/cve/CVE-2026-46197"
},
{
"category": "external",
"summary": "SUSE Bug 1267381 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "external",
"summary": "SUSE Bug 1267382 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46197"
},
{
"cve": "CVE-2026-46227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep-\u003easocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs. The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep-\u003easocs), and optionally close the new socket which frees the\nassociation via kfree_rcu(). The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc-\u003ebase.sk\" and \"asoc-\u003ebase.dead\" checks, but nothing\nrevalidates @tmp. After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint\u0027s list head (type\nconfusion of \u0026newep-\u003easocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched-\u003einit_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns. @asoc is known to still be on ep-\u003easocs at that point: the\nonly callers that list_del an association from ep-\u003easocs are\nsctp_association_free() (which sets asoc-\u003ebase.dead) and\nsctp_assoc_migrate() (which changes asoc-\u003ebase.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err \u003c 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits \u0027continue\u0027 before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46227",
"url": "https://www.suse.com/security/cve/CVE-2026-46227"
},
{
"category": "external",
"summary": "SUSE Bug 1267697 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "external",
"summary": "SUSE Bug 1267698 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46227"
},
{
"cve": "CVE-2026-46244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong - points to extension header start) and l4proto\n(correct - e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()\u0027s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()\u0027s calculated transport header offset is\npreserved, thereby fixing the desynchronization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46244",
"url": "https://www.suse.com/security/cve/CVE-2026-46244"
},
{
"category": "external",
"summary": "SUSE Bug 1267654 for CVE-2026-46244",
"url": "https://bugzilla.suse.com/1267654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
}
]
}
SUSE-SU-2026:22458-1
Vulnerability from csaf_suse - Published: 2026-06-30 11:07 - Updated: 2026-06-30 11:07| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290).\n- CVE-2025-38549: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (bsc#1248235).\n- CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2026-23303: smb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds (bsc#1260502).\n- CVE-2026-23327: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()\n- CVE-2026-23359: bpf: Fix stack-out-of-bounds write in devmap (bsc#1260584).\n- CVE-2026-23438: net: mvpp2: guard flow control update with global_tx_fc in buffer switching (bsc#1261619).\n- CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307).\n- CVE-2026-31396: net: macb: fix use-after-free access to PTP clock (bsc#1261791).\n- CVE-2026-31414: netfilter: nf_conntrack_expect: use expect-\u003ehelper (bsc#1262085).\n- CVE-2026-31429: net: skb: fix cross-cache free of KFENCE-allocated skb head (bsc#1262392).\n- CVE-2026-31446: ext4: fix use-after-free in update_super_work when racing with umount (bsc#1262619).\n- CVE-2026-31448: ext4: avoid infinite loops caused by residual data (bsc#1262622).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31454: xfs: save ailp before dropping the AIL lock in push callbacks (bsc#1262624).\n- CVE-2026-31455: xfs: stop reclaim before pushing AIL during unmount (bsc#1262615).\n- CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n- CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663).\n- CVE-2026-31480: tracing: Fix potential deadlock in cpu hotplug with osnoise (bsc#1262634).\n- CVE-2026-31492: RDMA/irdma: Initialize free_qp completion before using it (bsc#1262748).\n- CVE-2026-31493: RDMA/efa: Fix use of completion ctx after free (bsc#1262668).\n- CVE-2026-31495: netfilter: ctnetlink: use netlink policy range checks (bsc#1262798).\n- CVE-2026-31499: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() (bsc#1262674).\n- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).\n- CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755).\n- CVE-2026-31518: esp: fix skb leak with espintcp and async crypto (bsc#1262606).\n- CVE-2026-31546: net: bonding: fix NULL deref in bond_debug_rlb_hash_show (bsc#1263006).\n- CVE-2026-31555: futex: Clear stale exiting pointer in futex_lock_pi() retry path (bsc#1263178).\n- CVE-2026-31590: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (bsc#1263152).\n- CVE-2026-31592: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock (bsc#1263123).\n- CVE-2026-31596: ocfs2: handle invalid dinode in ocfs2_group_extend (bsc#1263319).\n- CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769).\n- CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774).\n- CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790).\n- CVE-2026-31655: pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled (bsc#1263724).\n- CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).\n- CVE-2026-31665: kABI: netfilter: nft_ct: fix use-after-free in timeout object destroy (bsc#1263137).\n- CVE-2026-31671: xfrm_user: fix info leak in build_report() (bsc#1263115).\n- CVE-2026-31673: af_unix: read UNIX_DIAG_VFS data under unix_state_lock (bsc#1263143).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562).\n- CVE-2026-31680: net: ipv6: flowlabel: defer exclusive option free until RCU teardown (bsc#1263563).\n- CVE-2026-31693: cifs: some missing initializations on replay (bsc#1267744).\n- CVE-2026-31697: crypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed (bsc#1264116).\n- CVE-2026-31698: crypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).\n- CVE-2026-31699: crypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed (bsc#1263879).\n- CVE-2026-31703: writeback: Fix use after free in inode_switch_wbs_work_fn() (bsc#1263883).\n- CVE-2026-31752: bridge: br_nd_send: validate ND option lengths (bsc#1264045).\n- CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31767: drm/i915/dsi: Don\u0027t do DSC horizontal timing adjustments in command mode (bsc#1264124).\n- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).\n- CVE-2026-43013: net/mlx5: lag: Check for LAG device before creating debugfs (bsc#1264011).\n- CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43026: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (bsc#1263932).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43030: bpf: Fix regsafe() for pointers to packet (bsc#1264000).\n- CVE-2026-43035: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak (bsc#1263996).\n- CVE-2026-43036: net: use skb_header_pointer() for TCPv4 GSO frag_off check (bsc#1263993).\n- CVE-2026-43040: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-\n- CVE-2026-43049: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (bsc#1264080).\n- CVE-2026-43052: wifi: mac80211: check tdls flag in ieee80211_tdls_oper (bsc#1263945).\n- CVE-2026-43053: xfs: close crash window in attr dabtree inactivation (bsc#1264084).\n- CVE-2026-43054: scsi: target: tcm_loop: Drain commands in target_reset handler (bsc#1264063).\n- CVE-2026-43059: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (bsc#1264184).\n- CVE-2026-43065: ext4: always drain queued discard work in ext4_mb_release() (bsc#1264243).\n- CVE-2026-43066: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths (bsc#1264245).\n- CVE-2026-43068: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() (bsc#1264255).\n- CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43083: net: ioam6: fix OOB and missing lock (bsc#1264266).\n- CVE-2026-43101: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (bsc#1264239).\n- CVE-2026-43109: x86: shadow stacks: proper error handling for mmap lock (bsc#1264484).\n- CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437).\n- CVE-2026-43119: Bluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status (bsc#1264561).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43171: EFI/CPER: do not dump the entire memory region (bsc#1264549).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551).\n- CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409).\n- CVE-2026-43239: smb: client: prevent races in -\u003equery_interfaces() (bsc#1264444).\n- CVE-2026-43249: 9p/xen: protect xen_9pfs_front_free against concurrent calls (bsc#1264476).\n- CVE-2026-43252: mptcp: pm: in-kernel: always set ID as avail when rm endp (bsc#1264300).\n- CVE-2026-43261: arm64: Add support for TSV110 Spectre-BHB mitigation (bsc#1264430).\n- CVE-2026-43296: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky (bsc#1264805).\n- CVE-2026-43325: wifi: iwlwifi: mvm: don\u0027t send a 6E related command when not supported (bsc#1265110).\n- CVE-2026-43333: bpf: reject direct access to nullable PTR_TO_BUF pointers (bsc#1264726).\n- CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43341: net/ipv6: ioam6: prevent schema length wraparound in trace fill (bsc#1265044).\n- CVE-2026-43345: net: ipa: fix event ring index not programmed for IPA v5.0+ (bsc#1265103).\n- CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719).\n- CVE-2026-43360: btrfs: fix transaction abort on file creation due to name hash collision (bsc#1264720).\n- CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722).\n- CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989).\n- CVE-2026-43405: libceph: Use u32 for non-negative values in ceph_monmap_decode() (bsc#1264741).\n- CVE-2026-43406: libceph: prevent potential out-of-bounds reads in process_message_header() (bsc#1265073).\n- CVE-2026-43407: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() (bsc#1265020).\n- CVE-2026-43411: tipc: fix divide-by-zero in tipc_sk_filter_connect() (bsc#1264672).\n- CVE-2026-43413: scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1264671).\n- CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669).\n- CVE-2026-43455: net: mctp: Ensure keys maintain only one ref to corresponding dev (bsc#1264765).\n- CVE-2026-43469: xprtrdma: Decrement re_receiving on the early exit paths (bsc#1265143).\n- CVE-2026-43470: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir (bsc#1265128).\n- CVE-2026-43483: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated (bsc#1265240).\n- CVE-2026-43491: net: qrtr: ns: Limit the maximum server registration per node (bsc#1265628).\n- CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001).\n- CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009).\n- CVE-2026-45840: openvswitch: cap upcall PID array size and pre-size vport replies (bsc#1266397).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45842: slip: reject VJ receive packets on instances with no rstate array (bsc#1266400).\n- CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395).\n- CVE-2026-45846: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() (bsc#1266394).\n- CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711).\n- CVE-2026-45856: RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send (bsc#1266720).\n- CVE-2026-45862: iommu/vt-d: Flush cache for PASID table before using it (bsc#1266705).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45878: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (bsc#1266767).\n- CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810).\n- CVE-2026-45894: iommu/vt-d: Clear Present bit before tearing down PASID entry (bsc#1266895).\n- CVE-2026-45910: RDMA/rxe: Fix race condition in QP timer handlers (bsc#1266889).\n- CVE-2026-45932: bpf: Fix tcx/netkit detach permissions when prog fd isn\u0027t given (bsc#1266827).\n- CVE-2026-45940: net: stmmac: fix oops when split header is enabled (bsc#1266916).\n- CVE-2026-45961: gfs2: fix memory leaks in gfs2_fill_super error path (bsc#1266933).\n- CVE-2026-45964: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path (bsc#1266698).\n- CVE-2026-45965: apparmor: fix invalid deref of rawdata when export_binary is unset (bsc#1267208).\n- CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205).\n- CVE-2026-45974: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found (bsc#1266922).\n- CVE-2026-45983: nfsd: never defer requests during idmap lookup (bsc#1266697).\n- CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214).\n- CVE-2026-46004: ALSA: caiaq: Handle probe errors properly (bsc#1267222).\n- CVE-2026-46005: xfs: fix a resource leak in xfs_alloc_buftarg() (bsc#1267431).\n- CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220).\n- CVE-2026-46024: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (bsc#1267218).\n- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).\n- CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901).\n- CVE-2026-46079: rbd: fix null-ptr-deref when device_add_disk() fails (bsc#1266452).\n- CVE-2026-46083: spi: fix resource leaks on device setup failure (bsc#1266696).\n- CVE-2026-46090: ALSA: aloop: Use guard() for spin locks (bsc#1267531).\n- CVE-2026-46094: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access (bsc#1266927).\n- CVE-2026-46101: netfilter: reject zero shift in nft_bitwise (bsc#1266878).\n- CVE-2026-46110: net: stmmac: rename STMMAC_GET_ENTRY() -\u003e STMMAC_NEXT_ENTRY() (bsc#1266759).\n- CVE-2026-46111: Bluetooth: hci_conn: fix potential UAF in create_big_sync (bsc#1267626).\n- CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969).\n- CVE-2026-46114: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads (bsc#1266972).\n- CVE-2026-46119: libceph: Fix slab-out-of-bounds access in auth message processing (bsc#1267628).\n- CVE-2026-46120: ip6_gre: Use cached t-\u003enet in ip6erspan_changelink() (bsc#1267640).\n- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).\n- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).\n- CVE-2026-46157: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (bsc#1267726).\n- CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652).\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46172: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (bsc#1266903).\n- CVE-2026-46176: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init() (bsc#1266816).\n- CVE-2026-46181: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (bsc#1266826).\n- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).\n- CVE-2026-46209: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (bsc#1267663).\n- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).\n- CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync (bsc#1267654).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Suppress UBSAN warning caused by field misuse (git-fixes).\n- ACPI: IPMI: Fix message kref handling on dead device (git-fixes).\n- ACPI: NFIT: core: Fix possible NULL pointer dereference (git-fixes).\n- ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams (git-fixes).\n- ALSA: aloop: Drop superfluous break (git-fixes).\n- ALSA: asihpi: Fix potential OOB array access at reading cache (stable-fixes).\n- ALSA: cmipci: check snd_ctl_new1() return value (git-fixes).\n- ALSA: core: Fix unintuitive behavior of snd_power_ref_and_wait() (git-fixes).\n- ALSA: es1938: check snd_ctl_new1() return value (git-fixes).\n- ALSA: gus: check snd_ctl_new1() return value (git-fixes).\n- ALSA: hda/conexant: Renaming the codec with device ID 0x1f86 and 0x1f87 (stable-fixes).\n- ALSA: ice1712: check snd_ctl_new1() return value (git-fixes).\n- ALSA: sc6000: Keep the programmed board state in card-private data (git-fixes).\n- ALSA: sc6000: Use standard print API (stable-fixes).\n- ALSA: seq: Clear variable event pointer on read (git-fixes).\n- ALSA: seq: Fix partial userptr event expansion (git-fixes).\n- ALSA: seq: midi: Serialize output teardown with event_input (git-fixes).\n- ALSA: ua101: Reject too-short USB descriptors (git-fixes).\n- ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes).\n- ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes).\n- ALSA: usb-audio: Propagate US-16x08 write errors in route/mix EQ-switch put callbacks (git-fixes).\n- ALSA: usb-audio: Propagate errors in scarlett_ctl_enum_put() (git-fixes).\n- ALSA: usb-audio: Roll back quirk control caches on write errors (git-fixes).\n- ALSA: usb-audio: Update Babyface Pro control caches only after successful writes (git-fixes).\n- ALSA: usb-audio: Update US-16x08 EQ/comp shadow state after successful writes (git-fixes).\n- ALSA: virtio: Add missing 384 kHz PCM rate mapping (git-fixes).\n- ALSA: ymfpci: check snd_ctl_new1() return value (git-fixes).\n- ASoC: SOF: Intel: hda-dai: add support for dspless mode beyond HDAudio (stable-fixes).\n- ASoC: SOF: Intel: hda-dai: remove dspless special case (stable-fixes).\n- ASoC: SOF: Intel: hda: Fix NULL pointer dereference (stable-fixes).\n- ASoC: SOF: ipc3-control: Fix TOCTOU in bytes_put and bytes_get (git-fixes).\n- ASoC: SOF: ipc3-control: Fix heap overflow in bytes_ext put/get (git-fixes).\n- ASoC: SOF: ipc3-control: Use overflow checks in control_update size calc (git-fixes).\n- ASoC: SOF: ipc3-control: Validate size in snd_sof_update_control (git-fixes).\n- ASoC: SOF: ipc4-control: Fix TOCTOU in sof_ipc4_bytes_put (git-fixes).\n- ASoC: SOF: topology: validate vendor array size before parsing (git-fixes).\n- ASoC: adau1372: Clear PLL_EN on failed PLL lock without reset GPIO (git-fixes).\n- ASoC: codecs: hdac_hdmi: Validate written enum value (git-fixes).\n- ASoC: codecs: simple-mux: Fix enum control bounds check (git-fixes).\n- ASoC: cs35l56: Cleanup if component_probe fails (git-fixes).\n- ASoC: cs35l56: Do not leave parent IRQ disabled if system_suspend fails (git-fixes).\n- ASoC: cs35l56: Fix flushing of IRQ work in cs35l56_sdw_remove() (git-fixes).\n- ASoC: cs35l56: Fix missing calls to wm_adsp2_remove() (git-fixes).\n- ASoC: fsl: fsl_audmix: Validate written enum values (git-fixes).\n- ASoC: meson: aiu: Validate written enum values (git-fixes).\n- ASoC: qcom: q6asm-dai: close stream only when running (git-fixes).\n- ASoC: qcom: q6asm-dai: do not set stream state in event and trigger callbacks (git-fixes).\n- ASoC: qcom: q6asm-dai: fix error handling in prepare and set_params (git-fixes).\n- ASoC: tegra: tegra210_ahub: Validate written enum value (git-fixes).\n- ASoC: topology: Check PCM and DAI name strings before use (git-fixes).\n- ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (git-fixes).\n- Bluetooth: 6lowpan: check skb_clone() return value in send_mcast_pkt() (git-fixes).\n- Bluetooth: HIDP: fix missing length checks in hidp_input_report() (git-fixes).\n- Bluetooth: ISO: drop ISO_END frames received without prior ISO_START (git-fixes).\n- Bluetooth: ISO: fix UAF in iso_recv_frame (git-fixes).\n- Bluetooth: ISO: serialize iso_sock_clear_timer with socket lock (git-fixes).\n- Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp (git-fixes).\n- Bluetooth: L2CAP: fix chan ref leak in l2cap_chan_timeout() on !conn (git-fixes).\n- Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() (git-fixes).\n- Bluetooth: MGMT: Fix backward compatibility with userspace (git-fixes).\n- Bluetooth: MGMT: validate Add Extended Advertising Data length (git-fixes).\n- Bluetooth: MGMT: validate advertising TLV before type checks (git-fixes).\n- Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind() (git-fixes).\n- Bluetooth: RFCOMM: validate skb length in MCC handlers (git-fixes).\n- Bluetooth: bnep: Fix UAF read of dev-\u003ename (git-fixes).\n- Bluetooth: bnep: reject short frames before parsing (git-fixes).\n- Bluetooth: btmtksdio: fix infinite loop in btmtksdio_txrx_work() (git-fixes).\n- Bluetooth: btusb: Allow firmware re-download when version matches (git-fixes).\n- Bluetooth: btusb: fix use-after-free on marvell probe failure (git-fixes).\n- Bluetooth: btusb: fix use-after-free on registration failure (git-fixes).\n- Bluetooth: btusb: fix wakeup irq devres lifetime (git-fixes).\n- Bluetooth: btusb: fix wakeup source leak on probe failure (git-fixes).\n- Bluetooth: eir: Fix stack OOB write when prepending the Flags AD (git-fixes).\n- Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() (git-fixes).\n- Bluetooth: hci: validate codec capability element length (git-fixes).\n- Bluetooth: hci_sync: Set HCI_CMD_DRAIN_WORKQUEUE during device close (git-fixes).\n- Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend (git-fixes).\n- Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths (git-fixes).\n- Bluetooth: l2cap: clear chan-\u003eident on ECRED reconfiguration success (git-fixes).\n- Bluetooth: vhci: validate devcoredump state before side effects (git-fixes).\n- Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-fixes).\n- HID: quirks: really enable the intended work around for appledisplay (git-fixes).\n- HID: uclogic: Fix regression of input name assignment (git-fixes).\n- HID: wacom: Fix OOB write in wacom_hid_set_device_mode() (git-fixes).\n- Improve compatibility with awk 2.4.0 (bsc#1266214). \n- Input: atkbd - skip deactivate for HONOR BCC-N\u0027s internal keyboard (git-fixes).\n- Input: atmel_mxt_ts - fix boundary check in mxt_prepare_cfg_mem (git-fixes).\n- Input: ims-pcu - fix usb_free_coherent() size in ims_pcu_buffers_free() (git-fixes).\n- Input: usbtouchscreen - clamp NEXIO data_len/x_len to URB buffer size (git-fixes).\n- Input: xpad - fix out-of-bounds access for Share button (git-fixes).\n- KVM: SEV: Ignore MMIO requests of length \u00270\u0027 (git-fixes).\n- KVM: SEV: Ignore Port I/O requests of length \u00270\u0027 (git-fixes).\n- KVM: SVM: Allow KVM_SET_NESTED_STATE to clear GIF when SVME==0 (git-fixes).\n- KVM: SVM: Do not set GIF when clearing EFER.SVME (git-fixes).\n- KVM: SVM: Flush the current TLB when transitioning from xAVIC =\u003e x2AVIC (git-fixes).\n- KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC (git-fixes).\n- KVM: SVM: check validity of VMCB controls when returning from SMM (git-fixes).\n- KVM: X86: Fix array_index_nospec protection in __pv_send_ipi (git-fixes).\n- KVM: arm64: Discard PC update state on vcpu reset (git-fixes).\n- KVM: arm64: Guard against NULL vcpu on VHE hyp panic path (git-fixes).\n- KVM: arm64: PMU: Preserve AArch32 counter low bits (git-fixes).\n- KVM: arm64: Treat vCPU with pending SError as runnable (git-fixes).\n- KVM: arm64: Wake-up from WFI when iqrchip is in userspace (git-fixes).\n- KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits (git-fixes).\n- KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes).\n- KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation (git-fixes).\n- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode (git-fixes).\n- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state (git-fixes).\n- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes).\n- KVM: nSVM: Use vcpu-\u003earch.cr2 when updating vmcb12 on nested #VMEXIT (git-fixes).\n- KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes).\n- KVM: x86: Fix Xen hypercall tracepoint argument assignment (git-fixes).\n- PM: sleep: Use complete() in device_pm_sleep_init() (git-fixes).\n- RDMA/efa: Check stored completion CTX command ID with received one (git-fixes)\n- RDMA/efa: Extend admin timeout error print (git-fixes)\n- RDMA/efa: Fix possible deadlock (git-fixes)\n- RDMA/efa: Improve admin completion context state machine (git-fixes)\n- RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes).\n- wicked test: Added missing locking in backport (bsc#1267732).\n- USB: cdc-acm: Fix bit overlap and move quirk definitions to header (git-fixes).\n- USB: serial: belkin_sa: validate interrupt status length (git-fixes).\n- USB: serial: cypress_m8: validate interrupt packet headers (git-fixes).\n- USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in get_manuf_info() (git-fixes).\n- USB: serial: keyspan: fix missing indat transfer sanity check (git-fixes).\n- USB: serial: kl5kusb105: fix bulk-out buffer overflow (git-fixes).\n- USB: serial: mct_u232: fix missing interrupt-in transfer sanity check (git-fixes).\n- USB: serial: mxuport: fix memory corruption with small endpoint (git-fixes).\n- USB: serial: omninet: fix memory corruption with small endpoint (git-fixes).\n- USB: serial: option: add missing RSVD(5) flag for Rolling RW135R-GL (git-fixes).\n- USB: serial: safe_serial: fix memory corruption with small endpoint (git-fixes).\n- X.509: Fix validation of ASN.1 certificate header (git-fixes).\n- add bugnumber to existing mana_ib change (bsc#1267682)\n- agp/amd64: Fix broken error propagation in agp_amd64_probe() (git-fixes).\n- arm64: tlb: Allow XZR argument to TLBI ops (git-fixes)\n- arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes)\n- auxdisplay: line-display: fix OOB read on zero-length message_store() (git-fixes).\n- batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (git-fixes).\n- batman-adv: bla: fix report_work leak on backbone_gw purge (git-fixes).\n- batman-adv: clear current gateway during teardown (git-fixes).\n- batman-adv: dat: handle forward allocation error (git-fixes).\n- batman-adv: fix batadv_skb_is_frag() kernel-doc (git-fixes).\n- batman-adv: fix fragment reassembly length accounting (git-fixes).\n- batman-adv: fix tp_meter counter underflow during shutdown (git-fixes).\n- batman-adv: frag: disallow unicast fragment in fragment (git-fixes).\n- batman-adv: tp_meter: add only finished tp_vars to lists (git-fixes).\n- batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (git-fixes).\n- batman-adv: tp_meter: avoid use of uninit sender vars (git-fixes).\n- batman-adv: tp_meter: avoid window underflow (git-fixes).\n- batman-adv: tp_meter: fix fast recovery precondition (git-fixes).\n- batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (git-fixes).\n- batman-adv: tp_meter: initialize dec_cwnd explicitly (git-fixes).\n- batman-adv: tp_meter: initialize dup_acks explicitly (git-fixes).\n- batman-adv: tp_meter: keep unacked list in ascending ordered (git-fixes).\n- batman-adv: tt: fix negative last_changeset_len (git-fixes).\n- batman-adv: tt: fix negative tt_buff_len (git-fixes).\n- bcache: fix uninitialized closure object (git-fixes).\n- bnxt_en: Fix NULL pointer dereference (bsc#1268307).\n- comedi: comedi_test: Fix limiting of convert_arg in waveform_ai_cmdtest() (git-fixes).\n- comedi: comedi_test: fix check for valid scan_begin_src in waveform_ai_cmdtest() (git-fixes).\n- crypto: af_alg - Cap AEAD AD length to 0x80000000 (git-fixes).\n- crypto: amlogic - avoid double cleanup in meson_crypto_probe() (git-fixes).\n- crypto: asymmetric_keys - fix OOB read in pefile_digest_pe_contents (git-fixes).\n- crypto: atmel-sha204a - fix blocking and non-blocking rng logic (git-fixes).\n- crypto: cavium/cpt - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: ccp - Fix snp_filter_reserved_mem_regions() off-by-one (git-fixes).\n- crypto: ccp - Treat zero-length cert chain as query for blob lengths (git-fixes).\n- crypto: drbg - Fix drbg_max_addtl() on 64-bit kernels (git-fixes).\n- crypto: drbg - Fix returning success on failure in CTR_DRBG (git-fixes).\n- crypto: drbg - Fix the fips_enabled priority boost (git-fixes).\n- crypto: ecc - Fix carry overflow in vli multiplication (git-fixes).\n- crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve (git-fixes).\n- crypto: hisilicon/qm - disable error report before flr (git-fixes).\n- crypto: marvell/octeontx - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: pcrypt - restore callback for non-parallel fallback (git-fixes).\n- crypto: qat - protect service table iterations with service_lock (git-fixes).\n- crypto: qat - validate RSA CRT component lengths (git-fixes).\n- crypto: rng - Free default RNG on module exit (git-fixes).\n- device property: set fwnode-\u003esecondary to NULL in fwnode_init() (git-fixes).\n- driver core: reject devices with unregistered buses (git-fixes).\n- driver core: use READ_ONCE() for dev-\u003edriver in dev_has_sync_state() (git-fixes).\n- drivers/base/memory: fix memory block reference leak in poison accounting (git-fixes).\n- drm/amd/display: Add missing kdoc for ALLM parameters (git-fixes).\n- drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size (git-fixes).\n- drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs (git-fixes).\n- drm/amd/display: Fix integer overflow in bios_get_image() (stable-fixes).\n- drm/amd/display: Reject gpio_bitshift \u003e= 32 in bios_parser_get_gpio_pin_info() (git-fixes).\n- drm/amd/display: Use krealloc_array() in dal_vector_reserve() (git-fixes).\n- drm/amd/display: Validate GPIO pin LUT table size before iterating (stable-fixes).\n- drm/amd/display: Validate payload length and link_index in dc_process_dmub_aux_transfer_async (stable-fixes).\n- drm/amd/pm/si: Disregard vblank time when no displays are connected (git-fixes).\n- drm/amdgpu/uvd3.1: Do not validate the firmware when already validated (git-fixes).\n- drm/amdgpu/vce2: Fix VCE 2 firmware size and offsets (git-fixes).\n- drm/amdgpu/vce3: Fix VCE 3 firmware size and offsets (git-fixes).\n- drm/amdgpu: fix integer overflow in amdgpu_gem_align_pitch() (git-fixes).\n- drm/amdgpu: fix spelling typos (stable-fixes).\n- drm/amdgpu: set sub_block_index for mca ras sub-blocks (git-fixes).\n- drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 (git-fixes).\n- drm/amdkfd: Validate CRIU-restored IDs before idr_alloc (git-fixes).\n- drm/amdkfd: fix NULL dereference in get_queue_ids() (git-fixes).\n- drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS() (git-fixes).\n- drm/bridge: chipone-icn6211: use devm_drm_bridge_add in i2c probe (git-fixes).\n- drm/bridge: it66121: acquire reset GPIO in probe (git-fixes).\n- drm/bridge: megachips: remove bridge when irq request fails (git-fixes).\n- drm/dp/mst: fix OOB reads in remote DPCD/I2C sideband reply parsers (git-fixes).\n- drm/dp/mst: fix OOB reads on 2-byte fields in sideband reply parsers (git-fixes).\n- drm/dp/mst: fix buffer overflows in sideband chunk accumulation (git-fixes).\n- drm/hisilicon/hibmc: move display contrl config to hibmc_probe() (git-fixes).\n- drm/hisilicon/hibmc: use clock to look up the PLL value (git-fixes).\n- drm/hyperv: use VMBUS_RING_SIZE() (git-fixes).\n- drm/hyperv: validate VMBus packet size in receive callback (git-fixes).\n- drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes).\n- drm/i915/gem: Fix phys BO pread/pwrite with offset (git-fixes).\n- drm/i915: Extract intel_dbuf_mdclk_cdclk_ratio_update() (stable-fixes).\n- drm/i915: Fix potential UAF in TTM object purge (git-fixes).\n- drm/i915: Loop over all active pipes in intel_mbus_dbox_update (stable-fixes).\n- drm/imx: Fix three kernel-doc warnings in dcss-scaler.c (git-fixes).\n- drm/msm/dp: Fix the ISR_* enum values (git-fixes).\n- drm/msm/dp: fix HPD state status bit shift value (git-fixes).\n- drm/msm/dsi: do not dump registers past the mapped region (git-fixes).\n- drm/msm/snapshot: fix dumping of the unaligned regions (git-fixes).\n- drm/nouveau/bios: specify correct display fuse register for Ampere and Ada (git-fixes).\n- drm/radeon/evergreen_cs: Add missing NULL prefix check in surface check (git-fixes).\n- drm/radeon: fix integer overflow in radeon_align_pitch() (git-fixes).\n- drm/radeon: fix memory leak in radeon_ring_restore() on lock failure (git-fixes).\n- drm/rockchip: cdn-dp: add missing check in cdn_dp_config_video() (git-fixes).\n- drm/tegra: Fix iommu_map_sgtable() return value check (git-fixes).\n- drm/tegra: dc: Fix device node reference leak in tegra_dc_has_output() (git-fixes).\n- drm/tidss: Drop extra drm_mode_config_reset() call (git-fixes).\n- drm/tidss: Fix missing drm_bridge_add() call (git-fixes).\n- drm/vc4: fix krealloc() memory leak (git-fixes).\n- drm/virtio: Fix driver removal with disabled KMS (git-fixes).\n- drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() (git-fixes).\n- drm/virtio: use uninterruptible resv lock for plane updates (git-fixes).\n- efi: Allocate runtime workqueue before ACPI init (git-fixes).\n- ethtool: provide customized dim profile management (bsc#1261256).\n- fbdev: broadsheetfb: fix potential memory leak in broadsheetfb_probe() (git-fixes).\n- fbdev: hecubafb: fix potential memory leak in hecubafb_probe() (git-fixes).\n- fbdev: i740fb: fix potential memory leak in i740fb_probe() (git-fixes).\n- fbdev: metronomefb: fix potential memory leak in metronomefb_probe() (git-fixes).\n- fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode (git-fixes).\n- fbdev: nvidia: fix potential memory leak in nvidiafb_probe() (git-fixes).\n- fbdev: radeon: fix potential memory leak in radeonfb_pci_register() (git-fixes).\n- fbdev: s3fb: fix potential memory leak in s3_pci_probe() (git-fixes).\n- fbdev: sm501fb: Fix buffer errors in OF binding code (git-fixes).\n- fbdev: sm712: Fix operator precedence in big_swap macro (git-fixes).\n- fbdev: tdfxfb: fix potential memory leak in tdfxfb_probe() (git-fixes).\n- fbdev: tridentfb: fix potential memory leak in trident_pci_probe() (git-fixes).\n- fbdev: uvesafb: fix potential memory leak in uvesafb_probe() (git-fixes).\n- fbdev: vesafb: fix memory leak in vesafb_probe() (git-fixes).\n- firmware: arm_ffa: Check for NULL FF-A ID table while driver registration (git-fixes).\n- firmware: arm_ffa: Skip free_pages on RX buffer alloc failure (git-fixes).\n- firmware: arm_scmi: Fix OOB in scmi_power_name_get() (git-fixes).\n- firmware: arm_scmi: Read sensor config as 32-bit value (git-fixes).\n- firmware_loader: Fix recursive lock in device_cache_fw_images() (git-fixes).\n- firmware_loader: fix device reference leak in firmware_upload_register() (git-fixes).\n- gpio: mvebu: fix NULL pointer dereference in suspend/resume (git-fixes).\n- gpu: host1x: Allow entries in BO caches to be freed (git-fixes).\n- gpu: host1x: Fix iommu_map_sgtable() return value check (git-fixes).\n- hv: utils: handle and propagate errors in kvp_register (git-fixes).\n- hwmon: (it87) Clamp negative values to zero in set_fan() (git-fixes).\n- hwmon: (pmbus/adm1266) bounce blackbox records through a protocol-sized buffer (git-fixes).\n- hwmon: (pmbus/adm1266) cap PDIO scan in get_multiple at ADM1266_PDIO_NR (git-fixes).\n- hwmon: (pmbus/adm1266) do not clobber GPIO bits before PDIO read in get_multiple (git-fixes).\n- hwmon: (pmbus/adm1266) include PEC byte in pmbus_block_xfer read buffer (git-fixes).\n- hwmon: (pmbus/adm1266) include adapter number in GPIO line label (git-fixes).\n- hwmon: (pmbus/adm1266) register the gpio_chip after pmbus_do_probe() (git-fixes).\n- hwmon: (pmbus/adm1266) register the nvmem device after pmbus_do_probe() (git-fixes).\n- hwmon: (pmbus/adm1266) reject implausible blackbox record_count (git-fixes).\n- hwmon: (pmbus/adm1266) reject short block-read responses in the GPIO accessors (git-fixes).\n- hwmon: (pmbus/adm1266) seed timestamp from the real-time clock (git-fixes).\n- hwmon: (pmbus/adm1266) widen blackbox-info buffer to I2C_SMBUS_BLOCK_MAX (git-fixes).\n- hwrng: jh7110 - fix refcount leak in starfive_trng_read() (git-fixes).\n- hwrng: virtio: clamp device-reported used.len at copy_data() (git-fixes).\n- hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).\n- i2c: core: fix irq domain leak on adapter registration failure (git-fixes).\n- i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (git-fixes).\n- i2c: stm32f7: fix timing computation ignoring i2c-analog-filter (git-fixes).\n- i2c: tegra: Fix NOIRQ suspend/resume (git-fixes).\n- iio: adc: viperboard: Fix error handling in vprbrd_iio_read_raw (git-fixes).\n- iio: adc: xilinx-xadc: Fix sequencer mode in postdisable for dual mux (git-fixes).\n- iio: buffer: hw-consumer: fix use-after-free in error path (git-fixes).\n- iio: dac: ad5686: acquire lock when doing powerdown control (git-fixes).\n- iio: dac: ad5686: fix input raw value check (git-fixes).\n- iio: dac: max5821: fix return value check in powerdown sync (git-fixes).\n- iio: gyro: itg3200: fix i2c read into the wrong stack location (git-fixes).\n- iio: imu: st_lsm6dsx: fix stack leak in tagged FIFO buffer (git-fixes).\n- iio: light: cm3323: fix reg_conf not being initialized correctly (git-fixes).\n- iio: magnetometer: st_magn: fix default DRDY pin selection for LIS2MDL (git-fixes).\n- iio: ssp_sensors: cancel delayed work_refresh on remove (git-fixes).\n- iio: temperature: tsys01: fix broken PROM checksum validation (git-fixes).\n- kabi: arm64: module: Update missing .init.text.ftrace_trampoline section message (bsc#1265579 bsc#1265170).\n- linux/dim: move useful macros to .h file (bsc#1261256).\n- misc: fastrpc: Fix NULL pointer dereference in rpmsg callback (git-fixes).\n- misc: fastrpc: fix DMA address corruption due to find_vma misuse (git-fixes).\n- misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (git-fixes).\n- misc: fastrpc: fix use-after-free race in fastrpc_map_create (git-fixes).\n- mmc: core: Fix host controller programming for fixed driver type (git-fixes).\n- mmc: litex_mmc: Set mandatory idle clocks before CMD0 (git-fixes).\n- mmc: litex_mmc: Use DIV_ROUND_UP for more accurate clock calculation (git-fixes).\n- mmc: renesas_sdhi: Add OF entry for RZ/G2H SoC (git-fixes).\n- mmc: sdhci: add signal voltage switch in sdhci_resume_host (git-fixes).\n- net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).\n- net: gro: do not merge zcopy skbs (git-fixes).\n- net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes).\n- net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).\n- net: mana: Add support for RX CQE Coalescing (bsc#1261256).\n- net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414).\n- net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928).\n- net: mana: Skip redundant detach on already-detached port (git-fixes).\n- net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765).\n- net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765).\n- net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes).\n- net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402).\n- net: wwan: iosm: fix potential memory leaks in ipc_imem_init() (git-fixes).\n- phy: marvell: mvebu-a3700-utmi: fix incorrect USB2_PHY_CTRL register access (git-fixes).\n- platform/x86: adv_swbutton: Check ACPI_HANDLE() against NULL (git-fixes).\n- platform/x86: hp_accel: Check ACPI_COMPANION() against NULL (git-fixes).\n- platform/x86: intel-hid: Check ACPI_HANDLE() against NULL (git-fixes).\n- platform/x86: intel-vbtn: Check ACPI_HANDLE() against NULL (git-fixes).\n- r8152: fix incorrect register write to USB_UPHY_XTAL (git-fixes).\n- rpm/check-for-config-changes: ignore Rust-related configs (bsc#1258538).\n- rpm/mkspec: Conditionally set Rust BuildReqs (bsc#1258538).\n- rpm: Add BuildRequires for Rust enablement (bsc#1258538).\n- s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1263068).\n- s390/entry: Scrub r12 register on kernel entry (bsc#1263068).\n- s390/syscalls: Add spectre boundary for syscall dispatch table (bsc#1263068).\n- sched/rt: Skip currently executing CPU in rto_next_cpu() (bsc#1262649).\n- security/keys: fix missed RCU read section on lookup (stable-fixes).\n- serial: fsl_lpuart: fix rx buffer and DMA map leaks in start_rx_dma (git-fixes).\n- serial: qcom-geni: fix UART_RX_PAR_EN bit position (git-fixes).\n- slimbus: qcom-ngd-ctrl: fix OF node refcount (git-fixes).\n- smb: client: correctly handle ErrorContextData as a flexible array (git-fixes)\n- smb: client: reject userspace cifs.spnego descriptions (bsc#1266238).\n- soc: fsl: qe: panic on ioremap() failure in qe_reset() (git-fixes).\n- soc: ti: k3-ringacc: Fix access mode for k3_ringacc_ring_pop_tail_io/proxy (git-fixes).\n- spi: at91-usart: drop dead runtime pm support (git-fixes).\n- spi: ep93xx: fix double-free of zeropage on DMA setup failure (git-fixes).\n- spi: fsl-lpspi: replace dmaengine_terminate_all() with dmaengine_terminate_sync() (git-fixes).\n- spi: fsl-lpspi: terminate the RX channel on TX prepare failure path (git-fixes).\n- spi: meson-spifc: fix runtime PM leak on remove (git-fixes).\n- spi: mtk-snfi: Fix resource leak in mtk_snand_read_page_cache() (git-fixes).\n- spi: sprd: fix error pointer deref after DMA setup failure (git-fixes).\n- spi: st-ssc4: switch to use modern name (stable-fixes).\n- spi: ti-qspi: fix use-after-free after DMA setup failure (git-fixes).\n- spi: xilinx: use FIFO occupancy register to determine buffer size (git-fixes).\n- string: add mem_is_zero() helper to check if memory area is all zeros (stable-fixes).\n- thermal: hwmon: Fix critical temperature attribute removal (git-fixes).\n- thunderbolt: Bound root directory content to block size (git-fixes).\n- thunderbolt: Clamp XDomain response data copy to allocation size (git-fixes).\n- thunderbolt: Limit XDomain response copy to actual frame size (git-fixes).\n- thunderbolt: Reject zero-length property entries in validator (git-fixes).\n- thunderbolt: Validate XDomain request packet size before type cast (git-fixes).\n- thunderbolt: property: Reject dir_len \u0026lt; 4 to prevent size_t underflow (git-fixes).\n- thunderbolt: property: Reject u32 wrap in tb_property_entry_valid() (git-fixes).\n- tracing: Switch trace_osnoise.c code over to use guard() and __free() (bsc#1262634).\n- tty: serial: pch_uart: add check for dma_alloc_coherent() (git-fixes).\n- usb: cdns3: gadget: fix request skipping after clearing halt (git-fixes).\n- usb: cdns3: plat: fix unbalanced pm_runtime_forbid() call permanently leaks the runtime PM usage counter across bind/unbind cycles (git-fixes).\n- usb: chipidea: core: convert ci_role_switch to local variable (git-fixes).\n- usb: dwc2: Fix use after free in debug code (git-fixes).\n- usb: gadget: composite: fix integer underflow in WebUSB GET_URL handling (git-fixes).\n- usb: gadget: dummy_hcd: Reject hub port requests for non-existent ports (git-fixes).\n- usb: gadget: f_fs: copy only received bytes on short ep0 read (git-fixes).\n- usb: gadget: f_hid: fix device reference leak in hidg_alloc() (git-fixes).\n- usb: gadget: net2280: Fix double free in probe error path (git-fixes).\n- usb: usbtmc: check URB actual_length for interrupt-IN notifications (git-fixes).\n- usb: usbtmc: reject interrupt endpoints with small wMaxPacketSize (git-fixes).\n- usbip: vudc: Fix use after free bug in vudc_remove due to race condition (git-fixes).\n- watchdog: apple: Add \"apple,t8103-wdt\" compatible (git-fixes).\n- watchdog: sp5100_tco: Use EFCH MMIO for newer Hygon FCH (git-fixes).\n- watchdog: sprd_wdt: Remove redundant sprd_wdt_disable() on register failure (git-fixes).\n- watchdog: unregister PM notifier on watchdog unregister (git-fixes).\n- wifi: ath10k: skip WMI and beacon transmission when device is wedged (git-fixes).\n- wifi: ath11k: clear shared SRNG pointer state on restart (git-fixes).\n- wifi: ath11k: fix error path leak in ath11k_tm_cmd_wmi_ftm() (git-fixes).\n- wifi: ath11k: fix error path leaks in some WMI WOW calls (git-fixes).\n- wifi: ath11k: fix error path leaks in some WMI calls (git-fixes).\n- wifi: ath11k: fix peer resolution on rx path when peer_id=0 (git-fixes).\n- wifi: ath11k: fix use after free in ath11k_dp_rx_msdu_coalesce() (git-fixes).\n- wifi: ath11k: fix warning when unbinding (git-fixes).\n- wifi: ath9k: fix OOB access from firmware tx status queue ID (git-fixes).\n- wifi: cfg80211: advance loop vars in cfg80211_merge_profile() (git-fixes).\n- wifi: cfg80211: fix grammar in MLO group key error message (git-fixes).\n- wifi: mac80211: consume only present negotiated TTLM maps (git-fixes).\n- wifi: mac80211: fix monitor mode frame capture for real chanctx drivers (git-fixes).\n- wifi: mac80211: limit injected antenna index in ieee80211_parse_tx_radiotap (git-fixes).\n- wifi: mt76: fix argument to ieee80211_is_first_frag() (git-fixes).\n- wifi: mt76: mt7915: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7921: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7925: clean up DMA on probe failure (git-fixes).\n- wifi: mt76: mt7925: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7996: fix potential tx_retries underflow (git-fixes).\n- wifi: nl80211: reject oversized EMA RNR lists (git-fixes).\n- wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor (git-fixes).\n- wifi: rtw88: fix OOB read from firmware RX descriptor exceeding DMA buffer (git-fixes).\n- wifi: rtw88: increase TX report timeout to fix race condition (git-fixes).\n- wifi: rtw88: usb: fix memory leaks on USB write failures (git-fixes).\n- wifi: rtw89: Correct data type for scan index to avoid infinite loop (git-fixes).\n- wifi: wcn36xx: fix OOB read from firmware count in PRINT_REG_INFO indication (git-fixes).\n- wifi: wcn36xx: fix OOB read from short trigger BA firmware response (git-fixes).\n- wifi: wcn36xx: fix heap overflow from oversized firmware HAL response (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-498",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22458-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22458-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622458-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22458-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-July/027251.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248235",
"url": "https://bugzilla.suse.com/1248235"
},
{
"category": "self",
"summary": "SUSE Bug 1255416",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1258538",
"url": "https://bugzilla.suse.com/1258538"
},
{
"category": "self",
"summary": "SUSE Bug 1260502",
"url": "https://bugzilla.suse.com/1260502"
},
{
"category": "self",
"summary": "SUSE Bug 1260584",
"url": "https://bugzilla.suse.com/1260584"
},
{
"category": "self",
"summary": "SUSE Bug 1261256",
"url": "https://bugzilla.suse.com/1261256"
},
{
"category": "self",
"summary": "SUSE Bug 1261619",
"url": "https://bugzilla.suse.com/1261619"
},
{
"category": "self",
"summary": "SUSE Bug 1261791",
"url": "https://bugzilla.suse.com/1261791"
},
{
"category": "self",
"summary": "SUSE Bug 1262085",
"url": "https://bugzilla.suse.com/1262085"
},
{
"category": "self",
"summary": "SUSE Bug 1262392",
"url": "https://bugzilla.suse.com/1262392"
},
{
"category": "self",
"summary": "SUSE Bug 1262606",
"url": "https://bugzilla.suse.com/1262606"
},
{
"category": "self",
"summary": "SUSE Bug 1262615",
"url": "https://bugzilla.suse.com/1262615"
},
{
"category": "self",
"summary": "SUSE Bug 1262617",
"url": "https://bugzilla.suse.com/1262617"
},
{
"category": "self",
"summary": "SUSE Bug 1262619",
"url": "https://bugzilla.suse.com/1262619"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262622",
"url": "https://bugzilla.suse.com/1262622"
},
{
"category": "self",
"summary": "SUSE Bug 1262624",
"url": "https://bugzilla.suse.com/1262624"
},
{
"category": "self",
"summary": "SUSE Bug 1262634",
"url": "https://bugzilla.suse.com/1262634"
},
{
"category": "self",
"summary": "SUSE Bug 1262649",
"url": "https://bugzilla.suse.com/1262649"
},
{
"category": "self",
"summary": "SUSE Bug 1262656",
"url": "https://bugzilla.suse.com/1262656"
},
{
"category": "self",
"summary": "SUSE Bug 1262663",
"url": "https://bugzilla.suse.com/1262663"
},
{
"category": "self",
"summary": "SUSE Bug 1262668",
"url": "https://bugzilla.suse.com/1262668"
},
{
"category": "self",
"summary": "SUSE Bug 1262674",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "self",
"summary": "SUSE Bug 1262748",
"url": "https://bugzilla.suse.com/1262748"
},
{
"category": "self",
"summary": "SUSE Bug 1262755",
"url": "https://bugzilla.suse.com/1262755"
},
{
"category": "self",
"summary": "SUSE Bug 1262798",
"url": "https://bugzilla.suse.com/1262798"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263006",
"url": "https://bugzilla.suse.com/1263006"
},
{
"category": "self",
"summary": "SUSE Bug 1263068",
"url": "https://bugzilla.suse.com/1263068"
},
{
"category": "self",
"summary": "SUSE Bug 1263115",
"url": "https://bugzilla.suse.com/1263115"
},
{
"category": "self",
"summary": "SUSE Bug 1263123",
"url": "https://bugzilla.suse.com/1263123"
},
{
"category": "self",
"summary": "SUSE Bug 1263137",
"url": "https://bugzilla.suse.com/1263137"
},
{
"category": "self",
"summary": "SUSE Bug 1263143",
"url": "https://bugzilla.suse.com/1263143"
},
{
"category": "self",
"summary": "SUSE Bug 1263152",
"url": "https://bugzilla.suse.com/1263152"
},
{
"category": "self",
"summary": "SUSE Bug 1263178",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "self",
"summary": "SUSE Bug 1263319",
"url": "https://bugzilla.suse.com/1263319"
},
{
"category": "self",
"summary": "SUSE Bug 1263562",
"url": "https://bugzilla.suse.com/1263562"
},
{
"category": "self",
"summary": "SUSE Bug 1263563",
"url": "https://bugzilla.suse.com/1263563"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263724",
"url": "https://bugzilla.suse.com/1263724"
},
{
"category": "self",
"summary": "SUSE Bug 1263769",
"url": "https://bugzilla.suse.com/1263769"
},
{
"category": "self",
"summary": "SUSE Bug 1263774",
"url": "https://bugzilla.suse.com/1263774"
},
{
"category": "self",
"summary": "SUSE Bug 1263790",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "self",
"summary": "SUSE Bug 1263879",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "self",
"summary": "SUSE Bug 1263880",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "self",
"summary": "SUSE Bug 1263883",
"url": "https://bugzilla.suse.com/1263883"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263932",
"url": "https://bugzilla.suse.com/1263932"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263945",
"url": "https://bugzilla.suse.com/1263945"
},
{
"category": "self",
"summary": "SUSE Bug 1263993",
"url": "https://bugzilla.suse.com/1263993"
},
{
"category": "self",
"summary": "SUSE Bug 1263996",
"url": "https://bugzilla.suse.com/1263996"
},
{
"category": "self",
"summary": "SUSE Bug 1264000",
"url": "https://bugzilla.suse.com/1264000"
},
{
"category": "self",
"summary": "SUSE Bug 1264011",
"url": "https://bugzilla.suse.com/1264011"
},
{
"category": "self",
"summary": "SUSE Bug 1264045",
"url": "https://bugzilla.suse.com/1264045"
},
{
"category": "self",
"summary": "SUSE Bug 1264063",
"url": "https://bugzilla.suse.com/1264063"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264080",
"url": "https://bugzilla.suse.com/1264080"
},
{
"category": "self",
"summary": "SUSE Bug 1264084",
"url": "https://bugzilla.suse.com/1264084"
},
{
"category": "self",
"summary": "SUSE Bug 1264093",
"url": "https://bugzilla.suse.com/1264093"
},
{
"category": "self",
"summary": "SUSE Bug 1264116",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "self",
"summary": "SUSE Bug 1264124",
"url": "https://bugzilla.suse.com/1264124"
},
{
"category": "self",
"summary": "SUSE Bug 1264137",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "self",
"summary": "SUSE Bug 1264145",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "self",
"summary": "SUSE Bug 1264184",
"url": "https://bugzilla.suse.com/1264184"
},
{
"category": "self",
"summary": "SUSE Bug 1264239",
"url": "https://bugzilla.suse.com/1264239"
},
{
"category": "self",
"summary": "SUSE Bug 1264243",
"url": "https://bugzilla.suse.com/1264243"
},
{
"category": "self",
"summary": "SUSE Bug 1264245",
"url": "https://bugzilla.suse.com/1264245"
},
{
"category": "self",
"summary": "SUSE Bug 1264255",
"url": "https://bugzilla.suse.com/1264255"
},
{
"category": "self",
"summary": "SUSE Bug 1264263",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "self",
"summary": "SUSE Bug 1264266",
"url": "https://bugzilla.suse.com/1264266"
},
{
"category": "self",
"summary": "SUSE Bug 1264300",
"url": "https://bugzilla.suse.com/1264300"
},
{
"category": "self",
"summary": "SUSE Bug 1264409",
"url": "https://bugzilla.suse.com/1264409"
},
{
"category": "self",
"summary": "SUSE Bug 1264430",
"url": "https://bugzilla.suse.com/1264430"
},
{
"category": "self",
"summary": "SUSE Bug 1264437",
"url": "https://bugzilla.suse.com/1264437"
},
{
"category": "self",
"summary": "SUSE Bug 1264444",
"url": "https://bugzilla.suse.com/1264444"
},
{
"category": "self",
"summary": "SUSE Bug 1264449",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264476",
"url": "https://bugzilla.suse.com/1264476"
},
{
"category": "self",
"summary": "SUSE Bug 1264484",
"url": "https://bugzilla.suse.com/1264484"
},
{
"category": "self",
"summary": "SUSE Bug 1264549",
"url": "https://bugzilla.suse.com/1264549"
},
{
"category": "self",
"summary": "SUSE Bug 1264551",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "self",
"summary": "SUSE Bug 1264561",
"url": "https://bugzilla.suse.com/1264561"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264669",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "self",
"summary": "SUSE Bug 1264671",
"url": "https://bugzilla.suse.com/1264671"
},
{
"category": "self",
"summary": "SUSE Bug 1264672",
"url": "https://bugzilla.suse.com/1264672"
},
{
"category": "self",
"summary": "SUSE Bug 1264716",
"url": "https://bugzilla.suse.com/1264716"
},
{
"category": "self",
"summary": "SUSE Bug 1264719",
"url": "https://bugzilla.suse.com/1264719"
},
{
"category": "self",
"summary": "SUSE Bug 1264720",
"url": "https://bugzilla.suse.com/1264720"
},
{
"category": "self",
"summary": "SUSE Bug 1264722",
"url": "https://bugzilla.suse.com/1264722"
},
{
"category": "self",
"summary": "SUSE Bug 1264726",
"url": "https://bugzilla.suse.com/1264726"
},
{
"category": "self",
"summary": "SUSE Bug 1264741",
"url": "https://bugzilla.suse.com/1264741"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1264765",
"url": "https://bugzilla.suse.com/1264765"
},
{
"category": "self",
"summary": "SUSE Bug 1264805",
"url": "https://bugzilla.suse.com/1264805"
},
{
"category": "self",
"summary": "SUSE Bug 1264989",
"url": "https://bugzilla.suse.com/1264989"
},
{
"category": "self",
"summary": "SUSE Bug 1265020",
"url": "https://bugzilla.suse.com/1265020"
},
{
"category": "self",
"summary": "SUSE Bug 1265044",
"url": "https://bugzilla.suse.com/1265044"
},
{
"category": "self",
"summary": "SUSE Bug 1265073",
"url": "https://bugzilla.suse.com/1265073"
},
{
"category": "self",
"summary": "SUSE Bug 1265103",
"url": "https://bugzilla.suse.com/1265103"
},
{
"category": "self",
"summary": "SUSE Bug 1265110",
"url": "https://bugzilla.suse.com/1265110"
},
{
"category": "self",
"summary": "SUSE Bug 1265128",
"url": "https://bugzilla.suse.com/1265128"
},
{
"category": "self",
"summary": "SUSE Bug 1265143",
"url": "https://bugzilla.suse.com/1265143"
},
{
"category": "self",
"summary": "SUSE Bug 1265170",
"url": "https://bugzilla.suse.com/1265170"
},
{
"category": "self",
"summary": "SUSE Bug 1265240",
"url": "https://bugzilla.suse.com/1265240"
},
{
"category": "self",
"summary": "SUSE Bug 1265579",
"url": "https://bugzilla.suse.com/1265579"
},
{
"category": "self",
"summary": "SUSE Bug 1265628",
"url": "https://bugzilla.suse.com/1265628"
},
{
"category": "self",
"summary": "SUSE Bug 1265928",
"url": "https://bugzilla.suse.com/1265928"
},
{
"category": "self",
"summary": "SUSE Bug 1265960",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "self",
"summary": "SUSE Bug 1266001",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "self",
"summary": "SUSE Bug 1266009",
"url": "https://bugzilla.suse.com/1266009"
},
{
"category": "self",
"summary": "SUSE Bug 1266214",
"url": "https://bugzilla.suse.com/1266214"
},
{
"category": "self",
"summary": "SUSE Bug 1266238",
"url": "https://bugzilla.suse.com/1266238"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266307",
"url": "https://bugzilla.suse.com/1266307"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266394",
"url": "https://bugzilla.suse.com/1266394"
},
{
"category": "self",
"summary": "SUSE Bug 1266395",
"url": "https://bugzilla.suse.com/1266395"
},
{
"category": "self",
"summary": "SUSE Bug 1266397",
"url": "https://bugzilla.suse.com/1266397"
},
{
"category": "self",
"summary": "SUSE Bug 1266400",
"url": "https://bugzilla.suse.com/1266400"
},
{
"category": "self",
"summary": "SUSE Bug 1266402",
"url": "https://bugzilla.suse.com/1266402"
},
{
"category": "self",
"summary": "SUSE Bug 1266414",
"url": "https://bugzilla.suse.com/1266414"
},
{
"category": "self",
"summary": "SUSE Bug 1266452",
"url": "https://bugzilla.suse.com/1266452"
},
{
"category": "self",
"summary": "SUSE Bug 1266696",
"url": "https://bugzilla.suse.com/1266696"
},
{
"category": "self",
"summary": "SUSE Bug 1266697",
"url": "https://bugzilla.suse.com/1266697"
},
{
"category": "self",
"summary": "SUSE Bug 1266698",
"url": "https://bugzilla.suse.com/1266698"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266705",
"url": "https://bugzilla.suse.com/1266705"
},
{
"category": "self",
"summary": "SUSE Bug 1266711",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "self",
"summary": "SUSE Bug 1266720",
"url": "https://bugzilla.suse.com/1266720"
},
{
"category": "self",
"summary": "SUSE Bug 1266759",
"url": "https://bugzilla.suse.com/1266759"
},
{
"category": "self",
"summary": "SUSE Bug 1266765",
"url": "https://bugzilla.suse.com/1266765"
},
{
"category": "self",
"summary": "SUSE Bug 1266767",
"url": "https://bugzilla.suse.com/1266767"
},
{
"category": "self",
"summary": "SUSE Bug 1266810",
"url": "https://bugzilla.suse.com/1266810"
},
{
"category": "self",
"summary": "SUSE Bug 1266816",
"url": "https://bugzilla.suse.com/1266816"
},
{
"category": "self",
"summary": "SUSE Bug 1266826",
"url": "https://bugzilla.suse.com/1266826"
},
{
"category": "self",
"summary": "SUSE Bug 1266827",
"url": "https://bugzilla.suse.com/1266827"
},
{
"category": "self",
"summary": "SUSE Bug 1266878",
"url": "https://bugzilla.suse.com/1266878"
},
{
"category": "self",
"summary": "SUSE Bug 1266889",
"url": "https://bugzilla.suse.com/1266889"
},
{
"category": "self",
"summary": "SUSE Bug 1266895",
"url": "https://bugzilla.suse.com/1266895"
},
{
"category": "self",
"summary": "SUSE Bug 1266901",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "self",
"summary": "SUSE Bug 1266903",
"url": "https://bugzilla.suse.com/1266903"
},
{
"category": "self",
"summary": "SUSE Bug 1266916",
"url": "https://bugzilla.suse.com/1266916"
},
{
"category": "self",
"summary": "SUSE Bug 1266922",
"url": "https://bugzilla.suse.com/1266922"
},
{
"category": "self",
"summary": "SUSE Bug 1266927",
"url": "https://bugzilla.suse.com/1266927"
},
{
"category": "self",
"summary": "SUSE Bug 1266933",
"url": "https://bugzilla.suse.com/1266933"
},
{
"category": "self",
"summary": "SUSE Bug 1266969",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "self",
"summary": "SUSE Bug 1266972",
"url": "https://bugzilla.suse.com/1266972"
},
{
"category": "self",
"summary": "SUSE Bug 1267205",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "self",
"summary": "SUSE Bug 1267208",
"url": "https://bugzilla.suse.com/1267208"
},
{
"category": "self",
"summary": "SUSE Bug 1267214",
"url": "https://bugzilla.suse.com/1267214"
},
{
"category": "self",
"summary": "SUSE Bug 1267218",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "self",
"summary": "SUSE Bug 1267220",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "self",
"summary": "SUSE Bug 1267222",
"url": "https://bugzilla.suse.com/1267222"
},
{
"category": "self",
"summary": "SUSE Bug 1267361",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "self",
"summary": "SUSE Bug 1267381",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267431",
"url": "https://bugzilla.suse.com/1267431"
},
{
"category": "self",
"summary": "SUSE Bug 1267531",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "self",
"summary": "SUSE Bug 1267621",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267626",
"url": "https://bugzilla.suse.com/1267626"
},
{
"category": "self",
"summary": "SUSE Bug 1267628",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "self",
"summary": "SUSE Bug 1267640",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267652",
"url": "https://bugzilla.suse.com/1267652"
},
{
"category": "self",
"summary": "SUSE Bug 1267654",
"url": "https://bugzilla.suse.com/1267654"
},
{
"category": "self",
"summary": "SUSE Bug 1267663",
"url": "https://bugzilla.suse.com/1267663"
},
{
"category": "self",
"summary": "SUSE Bug 1267682",
"url": "https://bugzilla.suse.com/1267682"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267697",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "self",
"summary": "SUSE Bug 1267726",
"url": "https://bugzilla.suse.com/1267726"
},
{
"category": "self",
"summary": "SUSE Bug 1267732",
"url": "https://bugzilla.suse.com/1267732"
},
{
"category": "self",
"summary": "SUSE Bug 1267744",
"url": "https://bugzilla.suse.com/1267744"
},
{
"category": "self",
"summary": "SUSE Bug 1268307",
"url": "https://bugzilla.suse.com/1268307"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68324 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23303 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23327 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23438 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23444 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31396 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31429 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31446 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31448 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31453 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31454 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31455 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31464 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31473 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31480 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31493 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31495 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31516 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31518 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31546 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31580 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31590 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31592 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31596 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31613 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31614 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31629 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31655 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31665 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31671 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31673 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31678 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31697 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31698 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31699 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31703 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31752 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31758 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31767 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31771 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43013 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43023 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43026 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43030 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43035 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43040 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43049 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43052 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43054 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43059 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43065 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43066 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43068 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43074 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43109 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43171 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43206 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43234 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43249 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43252 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43261 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43284 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43296 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43325 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43333 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43338 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43341 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43345 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43360 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43361 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43362 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43407 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43411 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43413 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43455 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43470 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43483 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43491 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43501 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43503 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45840 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45842 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45843 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45846 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45852 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45856 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45862 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45878 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45886 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45894 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45910 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45932 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45940 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45961 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45964 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45970 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45974 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45983 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46021 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46043 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46079 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46090 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46094 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46110 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46111 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46113 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46114 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46123 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46157 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46159 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46176 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46181 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46197 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46209 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46227 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-06-30T11:07:10Z",
"generator": {
"date": "2026-06-30T11:07:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22458-1",
"initial_release_date": "2026-06-30T11:07:10Z",
"revision_history": [
{
"date": "2026-06-30T11:07:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-48.1.aarch64",
"product": {
"name": "kernel-rt-6.4.0-48.1.aarch64",
"product_id": "kernel-rt-6.4.0-48.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-48.1.aarch64",
"product": {
"name": "kernel-rt-devel-6.4.0-48.1.aarch64",
"product_id": "kernel-rt-devel-6.4.0-48.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-48.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-48.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-48.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-48.1.noarch",
"product_id": "kernel-source-rt-6.4.0-48.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-48.1.x86_64",
"product_id": "kernel-rt-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-48.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-48.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64"
},
"product_reference": "kernel-rt-6.4.0-48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-48.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64"
},
"product_reference": "kernel-rt-devel-6.4.0-48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
},
{
"category": "external",
"summary": "SUSE Bug 1270230 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1270230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-38549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths\n\nWhen processing mount options, efivarfs allocates efivarfs_fs_info (sfi)\nearly in fs_context initialization. However, sfi is associated with the\nsuperblock and typically freed when the superblock is destroyed. If the\nfs_context is released (final put) before fill_super is called-such as\non error paths or during reconfiguration-the sfi structure would leak,\nas ownership never transfers to the superblock.\n\nImplement the .free callback in efivarfs_context_ops to ensure any\nallocated sfi is properly freed if the fs_context is torn down before\nfill_super, preventing this memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38549",
"url": "https://www.suse.com/security/cve/CVE-2025-38549"
},
{
"category": "external",
"summary": "SUSE Bug 1248235 for CVE-2025-38549",
"url": "https://bugzilla.suse.com/1248235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "low"
}
],
"title": "CVE-2025-38549"
},
{
"cve": "CVE-2025-68324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: imm: Fix use-after-free bug caused by unfinished delayed work\n\nThe delayed work item \u0027imm_tq\u0027 is initialized in imm_attach() and\nscheduled via imm_queuecommand() for processing SCSI commands. When the\nIMM parallel port SCSI host adapter is detached through imm_detach(),\nthe imm_struct device instance is deallocated.\n\nHowever, the delayed work might still be pending or executing\nwhen imm_detach() is called, leading to use-after-free bugs\nwhen the work function imm_interrupt() accesses the already\nfreed imm_struct memory.\n\nThe race condition can occur as follows:\n\nCPU 0(detach thread) | CPU 1\n | imm_queuecommand()\n | imm_queuecommand_lck()\nimm_detach() | schedule_delayed_work()\n kfree(dev) //FREE | imm_interrupt()\n | dev = container_of(...) //USE\n dev-\u003e //USE\n\nAdd disable_delayed_work_sync() in imm_detach() to guarantee proper\ncancellation of the delayed work item before imm_struct is deallocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68324",
"url": "https://www.suse.com/security/cve/CVE-2025-68324"
},
{
"category": "external",
"summary": "SUSE Bug 1255416 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "external",
"summary": "SUSE Bug 1257117 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1257117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-68324"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2026-23303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds\n\nWhen debug logging is enabled, cifs_set_cifscreds() logs the key\npayload and exposes the plaintext username and password. Remove the\ndebug log to avoid exposing credentials.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23303",
"url": "https://www.suse.com/security/cve/CVE-2026-23303"
},
{
"category": "external",
"summary": "SUSE Bug 1260502 for CVE-2026-23303",
"url": "https://bugzilla.suse.com/1260502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-23303"
},
{
"cve": "CVE-2026-23327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23327"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()\n\ncxl_payload_from_user_allowed() casts and dereferences the input\npayload without first verifying its size. When a raw mailbox command\nis sent with an undersized payload (ie: 1 byte for CXL_MBOX_OP_CLEAR_LOG,\nwhich expects a 16-byte UUID), uuid_equal() reads past the allocated buffer,\ntriggering a KASAN splat:\n\nBUG: KASAN: slab-out-of-bounds in memcmp+0x176/0x1d0 lib/string.c:683\nRead of size 8 at addr ffff88810130f5c0 by task syz.1.62/2258\n\nCPU: 2 UID: 0 PID: 2258 Comm: syz.1.62 Not tainted 6.19.0-dirty #3 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xab/0xe0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xce/0x650 mm/kasan/report.c:482\n kasan_report+0xce/0x100 mm/kasan/report.c:595\n memcmp+0x176/0x1d0 lib/string.c:683\n uuid_equal include/linux/uuid.h:73 [inline]\n cxl_payload_from_user_allowed drivers/cxl/core/mbox.c:345 [inline]\n cxl_mbox_cmd_ctor drivers/cxl/core/mbox.c:368 [inline]\n cxl_validate_cmd_from_user drivers/cxl/core/mbox.c:522 [inline]\n cxl_send_cmd+0x9c0/0xb50 drivers/cxl/core/mbox.c:643\n __cxl_memdev_ioctl drivers/cxl/core/memdev.c:698 [inline]\n cxl_memdev_ioctl+0x14f/0x190 drivers/cxl/core/memdev.c:713\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa8/0x330 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fdaf331ba79\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fdaf1d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fdaf3585fa0 RCX: 00007fdaf331ba79\nRDX: 00002000000001c0 RSI: 00000000c030ce02 RDI: 0000000000000003\nRBP: 00007fdaf33749df R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fdaf3586038 R14: 00007fdaf3585fa0 R15: 00007ffced2af768\n \u003c/TASK\u003e\n\nAdd \u0027in_size\u0027 parameter to cxl_payload_from_user_allowed() and validate\nthe payload is large enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23327",
"url": "https://www.suse.com/security/cve/CVE-2026-23327"
},
{
"category": "external",
"summary": "SUSE Bug 1260548 for CVE-2026-23327",
"url": "https://bugzilla.suse.com/1260548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-23327"
},
{
"cve": "CVE-2026-23359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stack-out-of-bounds write in devmap\n\nget_upper_ifindexes() iterates over all upper devices and writes their\nindices into an array without checking bounds.\n\nAlso the callers assume that the max number of upper devices is\nMAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack,\nbut that assumption is not correct and the number of upper devices could\nbe larger than MAX_NEST_DEV (e.g., many macvlans), causing a\nstack-out-of-bounds write.\n\nAdd a max parameter to get_upper_ifindexes() to avoid the issue.\nWhen there are too many upper devices, return -EOVERFLOW and abort the\nredirect.\n\nTo reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with\nan XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS.\nThen send a packet to the device to trigger the XDP redirect path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23359",
"url": "https://www.suse.com/security/cve/CVE-2026-23359"
},
{
"category": "external",
"summary": "SUSE Bug 1260584 for CVE-2026-23359",
"url": "https://bugzilla.suse.com/1260584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-23359"
},
{
"cve": "CVE-2026-23438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23438"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: guard flow control update with global_tx_fc in buffer switching\n\nmvpp2_bm_switch_buffers() unconditionally calls\nmvpp2_bm_pool_update_priv_fc() when switching between per-cpu and\nshared buffer pool modes. This function programs CM3 flow control\nregisters via mvpp2_cm3_read()/mvpp2_cm3_write(), which dereference\npriv-\u003ecm3_base without any NULL check.\n\nWhen the CM3 SRAM resource is not present in the device tree (the\nthird reg entry added by commit 60523583b07c (\"dts: marvell: add CM3\nSRAM memory to cp11x ethernet device tree\")), priv-\u003ecm3_base remains\nNULL and priv-\u003eglobal_tx_fc is false. Any operation that triggers\nmvpp2_bm_switch_buffers(), for example an MTU change that crosses\nthe jumbo frame threshold, will crash:\n\n Unable to handle kernel NULL pointer dereference at\n virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n pc : readl+0x0/0x18\n lr : mvpp2_cm3_read.isra.0+0x14/0x20\n Call trace:\n readl+0x0/0x18\n mvpp2_bm_pool_update_fc+0x40/0x12c\n mvpp2_bm_pool_update_priv_fc+0x94/0xd8\n mvpp2_bm_switch_buffers.isra.0+0x80/0x1c0\n mvpp2_change_mtu+0x140/0x380\n __dev_set_mtu+0x1c/0x38\n dev_set_mtu_ext+0x78/0x118\n dev_set_mtu+0x48/0xa8\n dev_ifsioc+0x21c/0x43c\n dev_ioctl+0x2d8/0x42c\n sock_ioctl+0x314/0x378\n\nEvery other flow control call site in the driver already guards\nhardware access with either priv-\u003eglobal_tx_fc or port-\u003etx_fc.\nmvpp2_bm_switch_buffers() is the only place that omits this check.\n\nAdd the missing priv-\u003eglobal_tx_fc guard to both the disable and\nre-enable calls in mvpp2_bm_switch_buffers(), consistent with the\nrest of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23438",
"url": "https://www.suse.com/security/cve/CVE-2026-23438"
},
{
"category": "external",
"summary": "SUSE Bug 1261619 for CVE-2026-23438",
"url": "https://bugzilla.suse.com/1261619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-23438"
},
{
"cve": "CVE-2026-23444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure\n\nieee80211_tx_prepare_skb() has three error paths, but only two of them\nfree the skb. The first error path (ieee80211_tx_prepare() returning\nTX_DROP) does not free it, while invoke_tx_handlers() failure and the\nfragmentation check both do.\n\nAdd kfree_skb() to the first error path so all three are consistent,\nand remove the now-redundant frees in callers (ath9k, mt76,\nmac80211_hwsim) to avoid double-free.\n\nDocument the skb ownership guarantee in the function\u0027s kdoc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23444",
"url": "https://www.suse.com/security/cve/CVE-2026-23444"
},
{
"category": "external",
"summary": "SUSE Bug 1266307 for CVE-2026-23444",
"url": "https://bugzilla.suse.com/1266307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-23444"
},
{
"cve": "CVE-2026-31396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use-after-free access to PTP clock\n\nPTP clock is registered on every opening of the interface and destroyed on\nevery closing. However it may be accessed via get_ts_info ethtool call\nwhich is possible while the interface is just present in the kernel.\n\nBUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\nRead of size 4 at addr ffff8880194345cc by task syz.0.6/948\n\nCPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:316 [inline]\n print_report+0x17f/0x496 mm/kasan/report.c:420\n kasan_report+0xd9/0x180 mm/kasan/report.c:524\n ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\n gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349\n macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371\n __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558\n ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline]\n __dev_ethtool net/ethtool/ioctl.c:3017 [inline]\n dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095\n dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510\n sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215\n sock_ioctl+0x577/0x6d0 net/socket.c:1320\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n \u003c/TASK\u003e\n\nAllocated by task 457:\n kmalloc include/linux/slab.h:563 [inline]\n kzalloc include/linux/slab.h:699 [inline]\n ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235\n gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375\n macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920\n __dev_open+0x2ce/0x500 net/core/dev.c:1501\n __dev_change_flags+0x56a/0x740 net/core/dev.c:8651\n dev_change_flags+0x92/0x170 net/core/dev.c:8722\n do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833\n __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608\n rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655\n rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150\n netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x14b/0x180 net/socket.c:730\n __sys_sendto+0x320/0x3b0 net/socket.c:2152\n __do_sys_sendto net/socket.c:2164 [inline]\n __se_sys_sendto net/socket.c:2160 [inline]\n __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nFreed by task 938:\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1729 [inline]\n slab_free_freelist_hook mm/slub.c:1755 [inline]\n slab_free mm/slub.c:3687 [inline]\n __kmem_cache_free+0xbc/0x320 mm/slub.c:3700\n device_release+0xa0/0x240 drivers/base/core.c:2507\n kobject_cleanup lib/kobject.c:681 [inline]\n kobject_release lib/kobject.c:712 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1cd/0x350 lib/kobject.c:729\n put_device+0x1b/0x30 drivers/base/core.c:3805\n ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391\n gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404\n macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966\n __dev_close_many+0x1b9/0x310 net/core/dev.c:1585\n __dev_close net/core/dev.c:1597 [inline]\n __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649\n dev_change_fl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31396",
"url": "https://www.suse.com/security/cve/CVE-2026-31396"
},
{
"category": "external",
"summary": "SUSE Bug 1261791 for CVE-2026-31396",
"url": "https://bugzilla.suse.com/1261791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31396"
},
{
"cve": "CVE-2026-31414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31414",
"url": "https://www.suse.com/security/cve/CVE-2026-31414"
},
{
"category": "external",
"summary": "SUSE Bug 1262085 for CVE-2026-31414",
"url": "https://bugzilla.suse.com/1262085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31429",
"url": "https://www.suse.com/security/cve/CVE-2026-31429"
},
{
"category": "external",
"summary": "SUSE Bug 1262392 for CVE-2026-31429",
"url": "https://bugzilla.suse.com/1262392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31446"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix use-after-free in update_super_work when racing with umount\n\nCommit b98535d09179 (\"ext4: fix bug_on in start_this_handle during umount\nfilesystem\") moved ext4_unregister_sysfs() before flushing s_sb_upd_work\nto prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups\nreads during unmount. However, this introduced a use-after-free because\nupdate_super_work calls ext4_notify_error_sysfs() -\u003e sysfs_notify() which\naccesses the kobject\u0027s kernfs_node after it has been freed by kobject_del()\nin ext4_unregister_sysfs():\n\n update_super_work ext4_put_super\n ----------------- --------------\n ext4_unregister_sysfs(sb)\n kobject_del(\u0026sbi-\u003es_kobj)\n __kobject_del()\n sysfs_remove_dir()\n kobj-\u003esd = NULL\n sysfs_put(sd)\n kernfs_put() // RCU free\n ext4_notify_error_sysfs(sbi)\n sysfs_notify(\u0026sbi-\u003es_kobj)\n kn = kobj-\u003esd // stale pointer\n kernfs_get(kn) // UAF on freed kernfs_node\n ext4_journal_destroy()\n flush_work(\u0026sbi-\u003es_sb_upd_work)\n\nInstead of reordering the teardown sequence, fix this by making\next4_notify_error_sysfs() detect that sysfs has already been torn down\nby checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call\nin that case. A dedicated mutex (s_error_notify_mutex) serializes\next4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs()\nto prevent TOCTOU races where the kobject could be deleted between the\nstate_in_sysfs check and the sysfs_notify() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31446",
"url": "https://www.suse.com/security/cve/CVE-2026-31446"
},
{
"category": "external",
"summary": "SUSE Bug 1262619 for CVE-2026-31446",
"url": "https://bugzilla.suse.com/1262619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31446"
},
{
"cve": "CVE-2026-31448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid infinite loops caused by residual data\n\nOn the mkdir/mknod path, when mapping logical blocks to physical blocks,\nif inserting a new extent into the extent tree fails (in this example,\nbecause the file system disabled the huge file feature when marking the\ninode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to\nreclaim the physical block without deleting the corresponding data in\nthe extent tree. This causes subsequent mkdir operations to reference\nthe previously reclaimed physical block number again, even though this\nphysical block is already being used by the xattr block. Therefore, a\nsituation arises where both the directory and xattr are using the same\nbuffer head block in memory simultaneously.\n\nThe above causes ext4_xattr_block_set() to enter an infinite loop about\n\"inserted\" and cannot release the inode lock, ultimately leading to the\n143s blocking problem mentioned in [1].\n\nIf the metadata is corrupted, then trying to remove some extent space\ncan do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE\nwas passed, remove space wrongly update quota information.\nJan Kara suggests distinguishing between two cases:\n\n1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully\nconsistent and we must maintain its consistency including all the\naccounting. However these errors can happen only early before we\u0027ve\ninserted the extent into the extent tree. So current code works correctly\nfor this case.\n\n2) Some other error - this means metadata is corrupted. We should strive to\ndo as few modifications as possible to limit damage. So I\u0027d just skip\nfreeing of allocated blocks.\n\n[1]\nINFO: task syz.0.17:5995 blocked for more than 143 seconds.\nCall Trace:\n inode_lock_nested include/linux/fs.h:1073 [inline]\n __start_dirop fs/namei.c:2923 [inline]\n start_dirop fs/namei.c:2934 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31448",
"url": "https://www.suse.com/security/cve/CVE-2026-31448"
},
{
"category": "external",
"summary": "SUSE Bug 1262622 for CVE-2026-31448",
"url": "https://bugzilla.suse.com/1262622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31448"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: avoid dereferencing log items after push callbacks\n\nAfter xfsaild_push_item() calls iop_push(), the log item may have been\nfreed if the AIL lock was dropped during the push. Background inode\nreclaim or the dquot shrinker can free the log item while the AIL lock\nis not held, and the tracepoints in the switch statement dereference\nthe log item after iop_push() returns.\n\nFix this by capturing the log item type, flags, and LSN before calling\nxfsaild_push_item(), and introducing a new xfs_ail_push_class trace\nevent class that takes these pre-captured values and the ailp pointer\ninstead of the log item pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31453",
"url": "https://www.suse.com/security/cve/CVE-2026-31453"
},
{
"category": "external",
"summary": "SUSE Bug 1262617 for CVE-2026-31453",
"url": "https://bugzilla.suse.com/1262617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31453"
},
{
"cve": "CVE-2026-31454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: save ailp before dropping the AIL lock in push callbacks\n\nIn xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock\nis dropped to perform buffer IO. Once the cluster buffer no longer\nprotects the log item from reclaim, the log item may be freed by\nbackground reclaim or the dquot shrinker. The subsequent spin_lock()\ncall dereferences lip-\u003eli_ailp, which is a use-after-free.\n\nFix this by saving the ailp pointer in a local variable while the AIL\nlock is held and the log item is guaranteed to be valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31454",
"url": "https://www.suse.com/security/cve/CVE-2026-31454"
},
{
"category": "external",
"summary": "SUSE Bug 1262624 for CVE-2026-31454",
"url": "https://bugzilla.suse.com/1262624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31454"
},
{
"cve": "CVE-2026-31455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: stop reclaim before pushing AIL during unmount\n\nThe unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while\nbackground reclaim and inodegc are still running. This is broken\nindependently of any use-after-free issues - background reclaim and\ninodegc should not be running while the AIL is being pushed during\nunmount, as inodegc can dirty and insert inodes into the AIL during the\nflush, and background reclaim can race to abort and free dirty inodes.\n\nReorder xfs_unmount_flush_inodes() to stop inodegc and cancel background\nreclaim before pushing the AIL. Stop inodegc before cancelling\nm_reclaim_work because the inodegc worker can re-queue m_reclaim_work\nvia xfs_inodegc_set_reclaimable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31455",
"url": "https://www.suse.com/security/cve/CVE-2026-31455"
},
{
"category": "external",
"summary": "SUSE Bug 1262615 for CVE-2026-31455",
"url": "https://bugzilla.suse.com/1262615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31455"
},
{
"cve": "CVE-2026-31464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()\n\nA malicious or compromised VIO server can return a num_written value in the\ndiscover targets MAD response that exceeds max_targets. This value is\nstored directly in vhost-\u003enum_targets without validation, and is then used\nas the loop bound in ibmvfc_alloc_targets() to index into disc_buf[], which\nis only allocated for max_targets entries. Indices at or beyond max_targets\naccess kernel memory outside the DMA-coherent allocation. The\nout-of-bounds data is subsequently embedded in Implicit Logout and PLOGI\nMADs that are sent back to the VIO server, leaking kernel memory.\n\nFix by clamping num_written to max_targets before storing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31464",
"url": "https://www.suse.com/security/cve/CVE-2026-31464"
},
{
"category": "external",
"summary": "SUSE Bug 1262656 for CVE-2026-31464",
"url": "https://bugzilla.suse.com/1262656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31464"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex\n\nMEDIA_REQUEST_IOC_REINIT can run concurrently with VIDIOC_REQBUFS(0)\nqueue teardown paths. This can race request object cleanup against vb2\nqueue cancellation and lead to use-after-free reports.\n\nWe already serialize request queueing against STREAMON/OFF with\nreq_queue_mutex. Extend that serialization to REQBUFS, and also take\nthe same mutex in media_request_ioctl_reinit() so REINIT is in the\nsame exclusion domain.\n\nThis keeps request cleanup and queue cancellation from running in\nparallel for request-capable devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31473",
"url": "https://www.suse.com/security/cve/CVE-2026-31473"
},
{
"category": "external",
"summary": "SUSE Bug 1262663 for CVE-2026-31473",
"url": "https://bugzilla.suse.com/1262663"
},
{
"category": "external",
"summary": "SUSE Bug 1262775 for CVE-2026-31473",
"url": "https://bugzilla.suse.com/1262775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31473"
},
{
"cve": "CVE-2026-31480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix potential deadlock in cpu hotplug with osnoise\n\nThe following sequence may leads deadlock in cpu hotplug:\n\n task1 task2 task3\n ----- ----- -----\n\n mutex_lock(\u0026interface_lock)\n\n [CPU GOING OFFLINE]\n\n cpus_write_lock();\n osnoise_cpu_die();\n kthread_stop(task3);\n wait_for_completion();\n\n osnoise_sleep();\n mutex_lock(\u0026interface_lock);\n\n cpus_read_lock();\n\n [DEAD LOCK]\n\nFix by swap the order of cpus_read_lock() and mutex_lock(\u0026interface_lock).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31480",
"url": "https://www.suse.com/security/cve/CVE-2026-31480"
},
{
"category": "external",
"summary": "SUSE Bug 1262634 for CVE-2026-31480",
"url": "https://bugzilla.suse.com/1262634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31480"
},
{
"cve": "CVE-2026-31492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Initialize free_qp completion before using it\n\nIn irdma_create_qp, if ib_copy_to_udata fails, it will call\nirdma_destroy_qp to clean up which will attempt to wait on\nthe free_qp completion, which is not initialized yet. Fix this\nby initializing the completion before the ib_copy_to_udata call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31492",
"url": "https://www.suse.com/security/cve/CVE-2026-31492"
},
{
"category": "external",
"summary": "SUSE Bug 1262748 for CVE-2026-31492",
"url": "https://bugzilla.suse.com/1262748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31492"
},
{
"cve": "CVE-2026-31493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31493"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/efa: Fix use of completion ctx after free\n\nOn admin queue completion handling, if the admin command completed with\nerror we print data from the completion context. The issue is that we\nalready freed the completion context in polling/interrupts handler which\nmeans we print data from context in an unknown state (it might be\nalready used again).\nChange the admin submission flow so alloc/dealloc of the context will be\nsymmetric and dealloc will be called after any potential use of the\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31493",
"url": "https://www.suse.com/security/cve/CVE-2026-31493"
},
{
"category": "external",
"summary": "SUSE Bug 1262668 for CVE-2026-31493",
"url": "https://bugzilla.suse.com/1262668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31493"
},
{
"cve": "CVE-2026-31495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31495",
"url": "https://www.suse.com/security/cve/CVE-2026-31495"
},
{
"category": "external",
"summary": "SUSE Bug 1262798 for CVE-2026-31495",
"url": "https://bugzilla.suse.com/1262798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix deadlock in l2cap_conn_del()\n\nl2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer\nand id_addr_timer while holding conn-\u003elock. However, the work functions\nl2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire\nconn-\u003elock, creating a potential AB-BA deadlock if the work is already\nexecuting when l2cap_conn_del() takes the lock.\n\nMove the work cancellations before acquiring conn-\u003elock and use\ndisable_delayed_work_sync() to additionally prevent the works from\nbeing rearmed after cancellation, consistent with the pattern used in\nhci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31499",
"url": "https://www.suse.com/security/cve/CVE-2026-31499"
},
{
"category": "external",
"summary": "SUSE Bug 1262674 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1262674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31499"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: prevent policy_hthresh.work from racing with netns teardown\n\nA XFRM_MSG_NEWSPDINFO request can queue the per-net work item\npolicy_hthresh.work onto the system workqueue.\n\nThe queued callback, xfrm_hash_rebuild(), retrieves the enclosing\nstruct net via container_of(). If the net namespace is torn down\nbefore that work runs, the associated struct net may already have\nbeen freed, and xfrm_hash_rebuild() may then dereference stale memory.\n\nxfrm_policy_fini() already flushes policy_hash_work during teardown,\nbut it does not synchronize policy_hthresh.work.\n\nSynchronize policy_hthresh.work in xfrm_policy_fini() as well, so the\nqueued work cannot outlive the net namespace teardown and access a\nfreed struct net.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31516",
"url": "https://www.suse.com/security/cve/CVE-2026-31516"
},
{
"category": "external",
"summary": "SUSE Bug 1262755 for CVE-2026-31516",
"url": "https://bugzilla.suse.com/1262755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31516"
},
{
"cve": "CVE-2026-31518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nesp: fix skb leak with espintcp and async crypto\n\nWhen the TX queue for espintcp is full, esp_output_tail_tcp will\nreturn an error and not free the skb, because with synchronous crypto,\nthe common xfrm output code will drop the packet for us.\n\nWith async crypto (esp_output_done), we need to drop the skb when\nesp_output_tail_tcp returns an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31518",
"url": "https://www.suse.com/security/cve/CVE-2026-31518"
},
{
"category": "external",
"summary": "SUSE Bug 1262606 for CVE-2026-31518",
"url": "https://bugzilla.suse.com/1262606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31518"
},
{
"cve": "CVE-2026-31546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix NULL deref in bond_debug_rlb_hash_show\n\nrlb_clear_slave intentionally keeps RLB hash-table entries on\nthe rx_hashtbl_used_head list with slave set to NULL when no\nreplacement slave is available. However, bond_debug_rlb_hash_show\nvisites client_info-\u003eslave without checking if it\u0027s NULL.\n\nOther used-list iterators in bond_alb.c already handle this NULL-slave\nstate safely:\n\n- rlb_update_client returns early on !client_info-\u003eslave\n- rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance\ncompare slave values before visiting\n- lb_req_update_subnet_clients continues if slave is NULL\n\nThe following NULL deref crash can be trigger in\nbond_debug_rlb_hash_show:\n\n[ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41)\n[ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286\n[ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204\n[ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078\n[ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000\n[ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0\n[ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8\n[ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000\n[ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0\n[ 1.295897] Call Trace:\n[ 1.296134] seq_read_iter (fs/seq_file.c:231)\n[ 1.296341] seq_read (fs/seq_file.c:164)\n[ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1))\n[ 1.296658] vfs_read (fs/read_write.c:572)\n[ 1.296981] ksys_read (fs/read_write.c:717)\n[ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n[ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nAdd a NULL check and print \"(none)\" for entries with no assigned slave.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31546",
"url": "https://www.suse.com/security/cve/CVE-2026-31546"
},
{
"category": "external",
"summary": "SUSE Bug 1263006 for CVE-2026-31546",
"url": "https://bugzilla.suse.com/1263006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31546"
},
{
"cve": "CVE-2026-31555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31555",
"url": "https://www.suse.com/security/cve/CVE-2026-31555"
},
{
"category": "external",
"summary": "SUSE Bug 1263178 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "external",
"summary": "SUSE Bug 1263179 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix cached_dev.sb_bio use-after-free and crash\n\nIn our production environment, we have received multiple crash reports\nregarding libceph, which have caught our attention:\n\n```\n[6888366.280350] Call Trace:\n[6888366.280452] blk_update_request+0x14e/0x370\n[6888366.280561] blk_mq_end_request+0x1a/0x130\n[6888366.280671] rbd_img_handle_request+0x1a0/0x1b0 [rbd]\n[6888366.280792] rbd_obj_handle_request+0x32/0x40 [rbd]\n[6888366.280903] __complete_request+0x22/0x70 [libceph]\n[6888366.281032] osd_dispatch+0x15e/0xb40 [libceph]\n[6888366.281164] ? inet_recvmsg+0x5b/0xd0\n[6888366.281272] ? ceph_tcp_recvmsg+0x6f/0xa0 [libceph]\n[6888366.281405] ceph_con_process_message+0x79/0x140 [libceph]\n[6888366.281534] ceph_con_v1_try_read+0x5d7/0xf30 [libceph]\n[6888366.281661] ceph_con_workfn+0x329/0x680 [libceph]\n```\n\nAfter analyzing the coredump file, we found that the address of\ndc-\u003esb_bio has been freed. We know that cached_dev is only freed when it\nis stopped.\n\nSince sb_bio is a part of struct cached_dev, rather than an alloc every\ntime. If the device is stopped while writing to the superblock, the\nreleased address will be accessed at endio.\n\nThis patch hopes to wait for sb_write to complete in cached_dev_free.\n\nIt should be noted that we analyzed the cause of the problem, then tell\nall details to the QWEN and adopted the modifications it made.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31580",
"url": "https://www.suse.com/security/cve/CVE-2026-31580"
},
{
"category": "external",
"summary": "SUSE Bug 1263169 for CVE-2026-31580",
"url": "https://bugzilla.suse.com/1263169"
},
{
"category": "external",
"summary": "SUSE Bug 1263171 for CVE-2026-31580",
"url": "https://bugzilla.suse.com/1263171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31580"
},
{
"cve": "CVE-2026-31590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION\n\nDrop the WARN in sev_pin_memory() on npages overflowing an int, as the\nWARN is comically trivially to trigger from userspace, e.g. by doing:\n\n struct kvm_enc_region range = {\n .addr = 0,\n .size = -1ul,\n };\n\n __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_REG_REGION, \u0026range);\n\nNote, the checks in sev_mem_enc_register_region() that presumably exist to\nverify the incoming address+size are completely worthless, as both \"addr\"\nand \"size\" are u64s and SEV is 64-bit only, i.e. they _can\u0027t_ be greater\nthan ULONG_MAX. That wart will be cleaned up in the near future.\n\n\tif (range-\u003eaddr \u003e ULONG_MAX || range-\u003esize \u003e ULONG_MAX)\n\t\treturn -EINVAL;\n\nOpportunistically add a comment to explain why the code calculates the\nnumber of pages the \"hard\" way, e.g. instead of just shifting @ulen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31590",
"url": "https://www.suse.com/security/cve/CVE-2026-31590"
},
{
"category": "external",
"summary": "SUSE Bug 1263152 for CVE-2026-31590",
"url": "https://bugzilla.suse.com/1263152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31590"
},
{
"cve": "CVE-2026-31592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock\n\nTake and hold kvm-\u003elock for before checking sev_guest() in\nsev_mem_enc_register_region(), as sev_guest() isn\u0027t stable unless kvm-\u003elock\nis held (or KVM can guarantee KVM_SEV_INIT{2} has completed and can\u0027t\nrollack state). If KVM_SEV_INIT{2} fails, KVM can end up trying to add to\na not-yet-initialized sev-\u003eregions_list, e.g. triggering a #GP\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n CPU: 110 UID: 0 PID: 72717 Comm: syz.15.11462 Tainted: G U W O 6.16.0-smp-DEV #1 NONE\n Tainted: [U]=USER, [W]=WARN, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:sev_mem_enc_register_region+0x3f0/0x4f0 ../include/linux/list.h:83\n Code: \u003c41\u003e 80 3c 04 00 74 08 4c 89 ff e8 f1 c7 a2 00 49 39 ed 0f 84 c6 00\n RSP: 0018:ffff88838647fbb8 EFLAGS: 00010256\n RAX: dffffc0000000000 RBX: 1ffff92015cf1e0b RCX: dffffc0000000000\n RDX: 0000000000000000 RSI: 0000000000001000 RDI: ffff888367870000\n RBP: ffffc900ae78f050 R08: ffffea000d9e0007 R09: 1ffffd4001b3c000\n R10: dffffc0000000000 R11: fffff94001b3c001 R12: 0000000000000000\n R13: ffff8982ab0bde00 R14: ffffc900ae78f058 R15: 0000000000000000\n FS: 00007f34e9dc66c0(0000) GS:ffff89ee64d33000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fe180adef98 CR3: 000000047210e000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vm_ioctl+0xa72/0x1240 ../arch/x86/kvm/x86.c:7371\n kvm_vm_ioctl+0x649/0x990 ../virt/kvm/kvm_main.c:5363\n __se_sys_ioctl+0x101/0x170 ../fs/ioctl.c:51\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x6f/0x1f0 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f34e9f7e9a9\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f34e9dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007f34ea1a6080 RCX: 00007f34e9f7e9a9\n RDX: 0000200000000280 RSI: 000000008010aebb RDI: 0000000000000007\n RBP: 00007f34ea000d69 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f34ea1a6080 R15: 00007ffce77197a8\n \u003c/TASK\u003e\n\nwith a syzlang reproducer that looks like:\n\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000040)={0x0, \u0026(0x7f0000000180)=ANY=[], 0x70}) (async)\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000080)={0x0, \u0026(0x7f0000000180)=ANY=[@ANYBLOB=\"...\"], 0x4f}) (async)\n r0 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000200), 0x0, 0x0)\n r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)\n r2 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000240), 0x0, 0x0)\n r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)\n ioctl$KVM_SET_CLOCK(r3, 0xc008aeba, \u0026(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) (async)\n ioctl$KVM_SET_PIT2(r3, 0x8010aebb, \u0026(0x7f0000000280)={[...], 0x5}) (async)\n ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) (async)\n r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)\n openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)\n ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, \u0026(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, \u0026(0x7f0000001000/0x2000)=nil}) (async)\n r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)\n close(r0) (async)\n openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000000), 0x8000, 0x0) (async)\n ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, \u0026(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x46, 0x0, 0x0, 0x0, 0x0, 0x1000]}) (async)\n ioctl$KVM_RUN(r5, 0xae80, 0x0)\n\nOpportunistically use guard() to avoid having to define a new error label\nand goto usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31592",
"url": "https://www.suse.com/security/cve/CVE-2026-31592"
},
{
"category": "external",
"summary": "SUSE Bug 1263123 for CVE-2026-31592",
"url": "https://bugzilla.suse.com/1263123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31596"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle invalid dinode in ocfs2_group_extend\n\n[BUG]\nkernel BUG at fs/ocfs2/resize.c:308!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nRIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308\nCode: 8b8520ff ffff83f8 860f8580 030000e8 5cc3c1fe\nCall Trace:\n ...\n ocfs2_ioctl+0x175/0x6e0 fs/ocfs2/ioctl.c:869\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x197/0x1e0 fs/ioctl.c:583\n x64_sys_call+0x1144/0x26a0 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x93/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\n[CAUSE]\nocfs2_group_extend() assumes that the global bitmap inode block\nreturned from ocfs2_inode_lock() has already been validated and\nBUG_ONs when the signature is not a dinode. That assumption is too\nstrong for crafted filesystems because the JBD2-managed buffer path\ncan bypass structural validation and return an invalid dinode to the\nresize ioctl.\n\n[FIX]\nValidate the dinode explicitly in ocfs2_group_extend(). If the global\nbitmap buffer does not contain a valid dinode, report filesystem\ncorruption with ocfs2_error() and fail the resize operation instead of\ncrashing the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31596",
"url": "https://www.suse.com/security/cve/CVE-2026-31596"
},
{
"category": "external",
"summary": "SUSE Bug 1263319 for CVE-2026-31596",
"url": "https://bugzilla.suse.com/1263319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31596"
},
{
"cve": "CVE-2026-31613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix OOB reads parsing symlink error response\n\nWhen a CREATE returns STATUS_STOPPED_ON_SYMLINK, smb2_check_message()\nreturns success without any length validation, leaving the symlink\nparsers as the only defense against an untrusted server.\n\nsymlink_data() walks SMB 3.1.1 error contexts with the loop test \"p \u003c\nend\", but reads p-\u003eErrorId at offset 4 and p-\u003eErrorDataLength at offset\n0. When the server-controlled ErrorDataLength advances p to within 1-7\nbytes of end, the next iteration will read past it. When the matching\ncontext is found, sym-\u003eSymLinkErrorTag is read at offset 4 from\np-\u003eErrorContextData with no check that the symlink header itself fits.\n\nsmb2_parse_symlink_response() then bounds-checks the substitute name\nusing SMB2_SYMLINK_STRUCT_SIZE as the offset of PathBuffer from\niov_base. That value is computed as sizeof(smb2_err_rsp) +\nsizeof(smb2_symlink_err_rsp), which is correct only when\nErrorContextCount == 0.\n\nWith at least one error context the symlink data sits 8 bytes deeper,\nand each skipped non-matching context shifts it further by 8 +\nALIGN(ErrorDataLength, 8). The check is too short, allowing the\nsubstitute name read to run past iov_len. The out-of-bound heap bytes\nare UTF-16-decoded into the symlink target and returned to userspace via\nreadlink(2).\n\nFix this all up by making the loops test require the full context header\nto fit, rejecting sym if its header runs past end, and bound the\nsubstitute name against the actual position of sym-\u003ePathBuffer rather\nthan a fixed offset.\n\nBecause sub_offs and sub_len are 16bits, the pointer math will not\noverflow here with the new greater-than.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31613",
"url": "https://www.suse.com/security/cve/CVE-2026-31613"
},
{
"category": "external",
"summary": "SUSE Bug 1263769 for CVE-2026-31613",
"url": "https://bugzilla.suse.com/1263769"
},
{
"category": "external",
"summary": "SUSE Bug 1263770 for CVE-2026-31613",
"url": "https://bugzilla.suse.com/1263770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31613"
},
{
"cve": "CVE-2026-31614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix off-by-8 bounds check in check_wsl_eas()\n\nThe bounds check uses (u8 *)ea + nlen + 1 + vlen as the end of the EA\nname and value, but ea_data sits at offset sizeof(struct\nsmb2_file_full_ea_info) = 8 from ea, not at offset 0. The strncmp()\nlater reads ea-\u003eea_data[0..nlen-1] and the value bytes follow at\nea_data[nlen+1..nlen+vlen], so the actual end is ea-\u003eea_data + nlen + 1\n+ vlen. Isn\u0027t pointer math fun?\n\nThe earlier check (u8 *)ea \u003e end - sizeof(*ea) only guarantees the\n8-byte header is in bounds, but since the last EA is placed within 8\nbytes of the end of the response, the name and value bytes are read past\nthe end of iov.\n\nFix this mess all up by using ea-\u003eea_data as the base for the bounds\ncheck.\n\nAn \"untrusted\" server can use this to leak up to 8 bytes of kernel heap\ninto the EA name comparison and influence which WSL xattr the data is\ninterpreted as.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31614",
"url": "https://www.suse.com/security/cve/CVE-2026-31614"
},
{
"category": "external",
"summary": "SUSE Bug 1263774 for CVE-2026-31614",
"url": "https://bugzilla.suse.com/1263774"
},
{
"category": "external",
"summary": "SUSE Bug 1263775 for CVE-2026-31614",
"url": "https://bugzilla.suse.com/1263775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31614"
},
{
"cve": "CVE-2026-31629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: add missing return after LLCP_CLOSED checks\n\nIn nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket\nstate is LLCP_CLOSED, the code correctly calls release_sock() and\nnfc_llcp_sock_put() but fails to return. Execution falls through to\nthe remainder of the function, which calls release_sock() and\nnfc_llcp_sock_put() again. This results in a double release_sock()\nand a refcount underflow via double nfc_llcp_sock_put(), leading to\na use-after-free.\n\nAdd the missing return statements after the LLCP_CLOSED branches\nin both functions to prevent the fall-through.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31629",
"url": "https://www.suse.com/security/cve/CVE-2026-31629"
},
{
"category": "external",
"summary": "SUSE Bug 1263790 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "external",
"summary": "SUSE Bug 1263791 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31629"
},
{
"cve": "CVE-2026-31655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled\n\nKeep the NOC_HDCP clock always enabled to fix the potential hang\ncaused by the NoC ADB400 port power down handshake.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31655",
"url": "https://www.suse.com/security/cve/CVE-2026-31655"
},
{
"category": "external",
"summary": "SUSE Bug 1263724 for CVE-2026-31655",
"url": "https://bugzilla.suse.com/1263724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31655"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31665",
"url": "https://www.suse.com/security/cve/CVE-2026-31665"
},
{
"category": "external",
"summary": "SUSE Bug 1263137 for CVE-2026-31665",
"url": "https://bugzilla.suse.com/1263137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm_user: fix info leak in build_report()\n\nstruct xfrm_user_report is a __u8 proto field followed by a struct\nxfrm_selector which means there is three \"empty\" bytes of padding, but\nthe padding is never zeroed before copying to userspace. Fix that up by\nzeroing the structure before setting individual member variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31671",
"url": "https://www.suse.com/security/cve/CVE-2026-31671"
},
{
"category": "external",
"summary": "SUSE Bug 1263115 for CVE-2026-31671",
"url": "https://bugzilla.suse.com/1263115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "low"
}
],
"title": "CVE-2026-31671"
},
{
"cve": "CVE-2026-31673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: read UNIX_DIAG_VFS data under unix_state_lock\n\nExact UNIX diag lookups hold a reference to the socket, but not to\nu-\u003epath. Meanwhile, unix_release_sock() clears u-\u003epath under\nunix_state_lock() and drops the path reference after unlocking.\n\nRead the inode and device numbers for UNIX_DIAG_VFS while holding\nunix_state_lock(), then emit the netlink attribute after dropping the\nlock.\n\nThis keeps the VFS data stable while the reply is being built.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31673",
"url": "https://www.suse.com/security/cve/CVE-2026-31673"
},
{
"category": "external",
"summary": "SUSE Bug 1263143 for CVE-2026-31673",
"url": "https://bugzilla.suse.com/1263143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31673"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: defer tunnel netdev_put to RCU release\n\novs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already\ndetached the device. Dropping the netdev reference in destroy can race\nwith concurrent readers that still observe vport-\u003edev.\n\nDo not release vport-\u003edev in ovs_netdev_tunnel_destroy(). Instead, let\nvport_netdev_free() drop the reference from the RCU callback, matching\nthe non-tunnel destroy path and avoiding additional synchronization\nunder RTNL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31678",
"url": "https://www.suse.com/security/cve/CVE-2026-31678"
},
{
"category": "external",
"summary": "SUSE Bug 1263562 for CVE-2026-31678",
"url": "https://bugzilla.suse.com/1263562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31678"
},
{
"cve": "CVE-2026-31680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31680",
"url": "https://www.suse.com/security/cve/CVE-2026-31680"
},
{
"category": "external",
"summary": "SUSE Bug 1263563 for CVE-2026-31680",
"url": "https://bugzilla.suse.com/1263563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31693",
"url": "https://www.suse.com/security/cve/CVE-2026-31693"
},
{
"category": "external",
"summary": "SUSE Bug 1267744 for CVE-2026-31693",
"url": "https://bugzilla.suse.com/1267744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31693"
},
{
"cve": "CVE-2026-31697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don\u0027t attempt to copy the ID blob to\nuserspace if the firmware command failed. If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31697",
"url": "https://www.suse.com/security/cve/CVE-2026-31697"
},
{
"category": "external",
"summary": "SUSE Bug 1264116 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "external",
"summary": "SUSE Bug 1264144 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31697"
},
{
"cve": "CVE-2026-31698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed\n\nWhen retrieving the PDH cert, don\u0027t attempt to copy the blobs to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff8885c4ab8aa0 by task syz.0.186/21033\n\n CPU: 51 UID: 0 PID: 21033 Comm: syz.0.186 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.84.12-0 11/17/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pdh_export+0x3d3/0x7c0 ../drivers/crypto/ccp/sev-dev.c:2347\n sev_ioctl+0x2a2/0x490 ../drivers/crypto/ccp/sev-dev.c:2568\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31698",
"url": "https://www.suse.com/security/cve/CVE-2026-31698"
},
{
"category": "external",
"summary": "SUSE Bug 1263880 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "external",
"summary": "SUSE Bug 1263929 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31698"
},
{
"cve": "CVE-2026-31699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed\n\nWhen retrieving the PEK CSR, don\u0027t attempt to copy the blob to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff898144612e20 by task syz.9.219/21405\n\n CPU: 14 UID: 0 PID: 21405 Comm: syz.9.219 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pek_csr+0x31f/0x590 ../drivers/crypto/ccp/sev-dev.c:1872\n sev_ioctl+0x3a4/0x490 ../drivers/crypto/ccp/sev-dev.c:2562\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31699",
"url": "https://www.suse.com/security/cve/CVE-2026-31699"
},
{
"category": "external",
"summary": "SUSE Bug 1263879 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "external",
"summary": "SUSE Bug 1263928 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31699"
},
{
"cve": "CVE-2026-31703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwriteback: Fix use after free in inode_switch_wbs_work_fn()\n\ninode_switch_wbs_work_fn() has a loop like:\n\n wb_get(new_wb);\n while (1) {\n list = llist_del_all(\u0026new_wb-\u003eswitch_wbs_ctxs);\n /* Nothing to do? */\n if (!list)\n break;\n ... process the items ...\n }\n\nNow adding of items to the list looks like:\n\nwb_queue_isw()\n if (llist_add(\u0026isw-\u003elist, \u0026wb-\u003eswitch_wbs_ctxs))\n queue_work(isw_wq, \u0026wb-\u003eswitch_work);\n\nBecause inode_switch_wbs_work_fn() loops when processing isw items, it\ncan happen that wb-\u003eswitch_work is pending while wb-\u003eswitch_wbs_ctxs is\nempty. This is a problem because in that case wb can get freed (no isw\nitems -\u003e no wb reference) while the work is still pending causing\nuse-after-free issues.\n\nWe cannot just fix this by cancelling work when freeing wb because that\ncould still trigger problematic 0 -\u003e 1 transitions on wb refcount due to\nwb_get() in inode_switch_wbs_work_fn(). It could be all handled with\nmore careful code but that seems unnecessarily complex so let\u0027s avoid\nthat until it is proven that the looping actually brings practical\nbenefit. Just remove the loop from inode_switch_wbs_work_fn() instead.\nThat way when wb_queue_isw() queues work, we are guaranteed we have\nadded the first item to wb-\u003eswitch_wbs_ctxs and nobody is going to\nremove it (and drop the wb reference it holds) until the queued work\nruns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31703",
"url": "https://www.suse.com/security/cve/CVE-2026-31703"
},
{
"category": "external",
"summary": "SUSE Bug 1263883 for CVE-2026-31703",
"url": "https://bugzilla.suse.com/1263883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31703"
},
{
"cve": "CVE-2026-31752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31752",
"url": "https://www.suse.com/security/cve/CVE-2026-31752"
},
{
"category": "external",
"summary": "SUSE Bug 1264045 for CVE-2026-31752",
"url": "https://bugzilla.suse.com/1264045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: usbtmc: Flush anchored URBs in usbtmc_release\n\nWhen calling usbtmc_release, pending anchored URBs must be flushed or\nkilled to prevent use-after-free errors (e.g. in the HCD giveback\npath). Call usbtmc_draw_down() to allow anchored URBs to be completed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31758",
"url": "https://www.suse.com/security/cve/CVE-2026-31758"
},
{
"category": "external",
"summary": "SUSE Bug 1264093 for CVE-2026-31758",
"url": "https://bugzilla.suse.com/1264093"
},
{
"category": "external",
"summary": "SUSE Bug 1264094 for CVE-2026-31758",
"url": "https://bugzilla.suse.com/1264094"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31758"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/dsi: Don\u0027t do DSC horizontal timing adjustments in command mode\n\nStop adjusting the horizontal timing values based on the\ncompression ratio in command mode. Bspec seems to be telling\nus to do this only in video mode, and this is also how the\nWindows driver does things.\n\nThis should also fix a div-by-zero on some machines because\nthe adjusted htotal ends up being so small that we end up with\nline_time_us==0 when trying to determine the vtotal value in\ncommand mode.\n\nNote that this doesn\u0027t actually make the display on the\nHuawei Matebook E work, but at least the kernel no longer\nexplodes when the driver loads.\n\n(cherry picked from commit 0b475e91ecc2313207196c6d7fd5c53e1a878525)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31767",
"url": "https://www.suse.com/security/cve/CVE-2026-31767"
},
{
"category": "external",
"summary": "SUSE Bug 1264124 for CVE-2026-31767",
"url": "https://bugzilla.suse.com/1264124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-31767"
},
{
"cve": "CVE-2026-31771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: move wake reason storage into validated event handlers\n\nhci_store_wake_reason() is called from hci_event_packet() immediately\nafter stripping the HCI event header but before hci_event_func()\nenforces the per-event minimum payload length from hci_ev_table.\nThis means a short HCI event frame can reach bacpy() before any bounds\ncheck runs.\n\nRather than duplicating skb parsing and per-event length checks inside\nhci_store_wake_reason(), move wake-address storage into the individual\nevent handlers after their existing event-length validation has\nsucceeded. Convert hci_store_wake_reason() into a small helper that only\nstores an already-validated bdaddr while the caller holds hci_dev_lock().\nUse the same helper after hci_event_func() with a NULL address to\npreserve the existing unexpected-wake fallback semantics when no\nvalidated event handler records a wake address.\n\nAnnotate the helper with __must_hold(\u0026hdev-\u003elock) and add\nlockdep_assert_held(\u0026hdev-\u003elock) so future call paths keep the lock\ncontract explicit.\n\nCall the helper from hci_conn_request_evt(), hci_conn_complete_evt(),\nhci_sync_conn_complete_evt(), le_conn_complete_evt(),\nhci_le_adv_report_evt(), hci_le_ext_adv_report_evt(),\nhci_le_direct_adv_report_evt(), hci_le_pa_sync_established_evt(), and\nhci_le_past_received_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31771",
"url": "https://www.suse.com/security/cve/CVE-2026-31771"
},
{
"category": "external",
"summary": "SUSE Bug 1264145 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "external",
"summary": "SUSE Bug 1264146 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-31771"
},
{
"cve": "CVE-2026-43013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: lag: Check for LAG device before creating debugfs\n\n__mlx5_lag_dev_add_mdev() may return 0 (success) even when an error\noccurs that is handled gracefully. Consequently, the initialization\nflow proceeds to call mlx5_ldev_add_debugfs() even when there is no\nvalid LAG context.\n\nmlx5_ldev_add_debugfs() blindly created the debugfs directory and\nattributes. This exposed interfaces (like the members file) that rely on\na valid ldev pointer, leading to potential NULL pointer dereferences if\naccessed when ldev is NULL.\n\nAdd a check to verify that mlx5_lag_dev(dev) returns a valid pointer\nbefore attempting to create the debugfs entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43013",
"url": "https://www.suse.com/security/cve/CVE-2026-43013"
},
{
"category": "external",
"summary": "SUSE Bug 1264011 for CVE-2026-43013",
"url": "https://bugzilla.suse.com/1264011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43013"
},
{
"cve": "CVE-2026-43023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: fix race conditions in sco_sock_connect()\n\nsco_sock_connect() checks sk_state and sk_type without holding\nthe socket lock. Two concurrent connect() syscalls on the same\nsocket can both pass the check and enter sco_connect(), leading\nto use-after-free.\n\nThe buggy scenario involves three participants and was confirmed\nwith additional logging instrumentation:\n\n Thread A (connect): HCI disconnect: Thread B (connect):\n\n sco_sock_connect(sk) sco_sock_connect(sk)\n sk_state==BT_OPEN sk_state==BT_OPEN\n (pass, no lock) (pass, no lock)\n sco_connect(sk): sco_connect(sk):\n hci_dev_lock hci_dev_lock\n hci_connect_sco \u003c- blocked\n -\u003e hcon1\n sco_conn_add-\u003econn1\n lock_sock(sk)\n sco_chan_add:\n conn1-\u003esk = sk\n sk-\u003econn = conn1\n sk_state=BT_CONNECT\n release_sock\n hci_dev_unlock\n hci_dev_lock\n sco_conn_del:\n lock_sock(sk)\n sco_chan_del:\n sk-\u003econn=NULL\n conn1-\u003esk=NULL\n sk_state=\n BT_CLOSED\n SOCK_ZAPPED\n release_sock\n hci_dev_unlock\n (unblocked)\n hci_connect_sco\n -\u003e hcon2\n sco_conn_add\n -\u003e conn2\n lock_sock(sk)\n sco_chan_add:\n sk-\u003econn=conn2\n sk_state=\n BT_CONNECT\n // zombie sk!\n release_sock\n hci_dev_unlock\n\nThread B revives a BT_CLOSED + SOCK_ZAPPED socket back to\nBT_CONNECT. Subsequent cleanup triggers double sock_put() and\nuse-after-free. Meanwhile conn1 is leaked as it was orphaned\nwhen sco_conn_del() cleared the association.\n\nFix this by:\n- Moving lock_sock() before the sk_state/sk_type checks in\n sco_sock_connect() to serialize concurrent connect attempts\n- Fixing the sk_type != SOCK_SEQPACKET check to actually\n return the error instead of just assigning it\n- Adding a state re-check in sco_connect() after lock_sock()\n to catch state changes during the window between the locks\n- Adding sco_pi(sk)-\u003econn check in sco_chan_add() to prevent\n double-attach of a socket to multiple connections\n- Adding hci_conn_drop() on sco_chan_add failure to prevent\n HCI connection leaks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43023",
"url": "https://www.suse.com/security/cve/CVE-2026-43023"
},
{
"category": "external",
"summary": "SUSE Bug 1264137 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "external",
"summary": "SUSE Bug 1264138 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43023"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent\n\nctnetlink_alloc_expect() allocates expectations from a non-zeroing\nslab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not\npresent in the netlink message, saved_addr and saved_proto are\nnever initialized. Stale data from a previous slab occupant can\nthen be dumped to userspace by ctnetlink_exp_dump_expect(), which\nchecks these fields to decide whether to emit CTA_EXPECT_NAT.\n\nThe safe sibling nf_ct_expect_init(), used by the packet path,\nexplicitly zeroes these fields.\n\nZero saved_addr, saved_proto and dir in the else branch, guarded\nby IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when\nNAT is enabled.\n\nConfirmed by priming the expect slab with NAT-bearing expectations,\nfreeing them, creating a new expectation without CTA_EXPECT_NAT,\nand observing that the ctnetlink dump emits a spurious\nCTA_EXPECT_NAT containing stale data from the prior allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43026",
"url": "https://www.suse.com/security/cve/CVE-2026-43026"
},
{
"category": "external",
"summary": "SUSE Bug 1263932 for CVE-2026-43026",
"url": "https://bugzilla.suse.com/1263932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43026"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix regsafe() for pointers to packet\n\nIn case rold-\u003ereg-\u003erange == BEYOND_PKT_END \u0026\u0026 rcur-\u003ereg-\u003erange == N\nregsafe() may return true which may lead to current state with\nvalid packet range not being explored. Fix the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43030",
"url": "https://www.suse.com/security/cve/CVE-2026-43030"
},
{
"category": "external",
"summary": "SUSE Bug 1264000 for CVE-2026-43030",
"url": "https://bugzilla.suse.com/1264000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43030"
},
{
"cve": "CVE-2026-43035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43035",
"url": "https://www.suse.com/security/cve/CVE-2026-43035"
},
{
"category": "external",
"summary": "SUSE Bug 1263996 for CVE-2026-43035",
"url": "https://bugzilla.suse.com/1263996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use skb_header_pointer() for TCPv4 GSO frag_off check\n\nSyzbot reported a KMSAN uninit-value warning in gso_features_check()\ncalled from netif_skb_features() [1].\n\ngso_features_check() reads iph-\u003efrag_off to decide whether to clear\nmangleid_features. Accessing the IPv4 header via ip_hdr()/inner_ip_hdr()\ncan rely on skb header offsets that are not always safe for direct\ndereference on packets injected from PF_PACKET paths.\n\nUse skb_header_pointer() for the TCPv4 frag_off check so the header read\nis robust whether data is already linear or needs copying.\n\n[1] https://syzkaller.appspot.com/bug?extid=1543a7d954d9c6d00407",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43036",
"url": "https://www.suse.com/security/cve/CVE-2026-43036"
},
{
"category": "external",
"summary": "SUSE Bug 1263993 for CVE-2026-43036",
"url": "https://bugzilla.suse.com/1263993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43036"
},
{
"cve": "CVE-2026-43040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak\n\nWhen processing Router Advertisements with user options the kernel\nbuilds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct\nhas three padding fields that are never zeroed and can leak kernel data\n\nThe fix is simple, just zeroes the padding fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43040",
"url": "https://www.suse.com/security/cve/CVE-2026-43040"
},
{
"category": "external",
"summary": "SUSE Bug 1264091 for CVE-2026-43040",
"url": "https://bugzilla.suse.com/1264091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43040"
},
{
"cve": "CVE-2026-43049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure\n\nPresently, if the force feedback initialisation fails when probing the\nLogitech G920 Driving Force Racing Wheel for Xbox One, an error number\nwill be returned and propagated before the userspace infrastructure\n(sysfs and /dev/input) has been torn down. If userspace ignores the\nerrors and continues to use its references to these dangling entities, a\nUAF will promptly follow.\n\nWe have 2 options; continue to return the error, but ensure that all of\nthe infrastructure is torn down accordingly or continue to treat this\ncondition as a warning by emitting the message but returning success.\nIt is thought that the original author\u0027s intention was to emit the\nwarning but keep the device functional, less the force feedback feature,\nso let\u0027s go with that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43049",
"url": "https://www.suse.com/security/cve/CVE-2026-43049"
},
{
"category": "external",
"summary": "SUSE Bug 1264080 for CVE-2026-43049",
"url": "https://bugzilla.suse.com/1264080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43049"
},
{
"cve": "CVE-2026-43052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check tdls flag in ieee80211_tdls_oper\n\nWhen NL80211_TDLS_ENABLE_LINK is called, the code only checks if the\nstation exists but not whether it is actually a TDLS station. This\nallows the operation to proceed for non-TDLS stations, causing\nunintended side effects like modifying channel context and HT\nprotection before failing.\n\nAdd a check for sta-\u003esta.tdls early in the ENABLE_LINK case, before\nany side effects occur, to ensure the operation is only allowed for\nactual TDLS peers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43052",
"url": "https://www.suse.com/security/cve/CVE-2026-43052"
},
{
"category": "external",
"summary": "SUSE Bug 1263945 for CVE-2026-43052",
"url": "https://bugzilla.suse.com/1263945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43052"
},
{
"cve": "CVE-2026-43053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: close crash window in attr dabtree inactivation\n\nWhen inactivating an inode with node-format extended attributes,\nxfs_attr3_node_inactive() invalidates all child leaf/node blocks via\nxfs_trans_binval(), but intentionally does not remove the corresponding\nentries from their parent node blocks. The implicit assumption is that\nxfs_attr_inactive() will truncate the entire attr fork to zero extents\nafterwards, so log recovery will never reach the root node and follow\nthose stale pointers.\n\nHowever, if a log shutdown occurs after the leaf/node block cancellations\ncommit but before the attr bmap truncation commits, this assumption\nbreaks. Recovery replays the attr bmap intact (the inode still has\nattr fork extents), but suppresses replay of all cancelled leaf/node\nblocks, maybe leaving them as stale data on disk. On the next mount,\nxlog_recover_process_iunlinks() retries inactivation and attempts to\nread the root node via the attr bmap. If the root node was not replayed,\nreading the unreplayed root block triggers a metadata verification\nfailure immediately; if it was replayed, following its child pointers\nto unreplayed child blocks triggers the same failure:\n\n XFS (pmem0): Metadata corruption detected at\n xfs_da3_node_read_verify+0x53/0x220, xfs_da3_node block 0x78\n XFS (pmem0): Unmount and run xfs_repair\n XFS (pmem0): First 128 bytes of corrupted metadata buffer:\n 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n XFS (pmem0): metadata I/O error in \"xfs_da_read_buf+0x104/0x190\" at daddr 0x78 len 8 error 117\n\nFix this in two places:\n\nIn xfs_attr3_node_inactive(), after calling xfs_trans_binval() on a\nchild block, immediately remove the entry that references it from the\nparent node in the same transaction. This eliminates the window where\nthe parent holds a pointer to a cancelled block. Once all children are\nremoved, the now-empty root node is converted to a leaf block within the\nsame transaction. This node-to-leaf conversion is necessary for crash\nsafety. If the system shutdown after the empty node is written to the\nlog but before the second-phase bmap truncation commits, log recovery\nwill attempt to verify the root block on disk. xfs_da3_node_verify()\ndoes not permit a node block with count == 0; such a block will fail\nverification and trigger a metadata corruption shutdown. on the other\nhand, leaf blocks are allowed to have this transient state.\n\nIn xfs_attr_inactive(), split the attr fork truncation into two explicit\nphases. First, truncate all extents beyond the root block (the child\nextents whose parent references have already been removed above).\nSecond, invalidate the root block and truncate the attr bmap to zero in\na single transaction. The two operations in the second phase must be\natomic: as long as the attr bmap has any non-zero length, recovery can\nfollow it to the root block, so the root block invalidation must commit\ntogether with the bmap-to-zero truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43053",
"url": "https://www.suse.com/security/cve/CVE-2026-43053"
},
{
"category": "external",
"summary": "SUSE Bug 1264084 for CVE-2026-43053",
"url": "https://bugzilla.suse.com/1264084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43053"
},
{
"cve": "CVE-2026-43054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcm_loop: Drain commands in target_reset handler\n\ntcm_loop_target_reset() violates the SCSI EH contract: it returns SUCCESS\nwithout draining any in-flight commands. The SCSI EH documentation\n(scsi_eh.rst) requires that when a reset handler returns SUCCESS the driver\nhas made lower layers \"forget about timed out scmds\" and is ready for new\ncommands. Every other SCSI LLD (virtio_scsi, mpt3sas, ipr, scsi_debug,\nmpi3mr) enforces this by draining or completing outstanding commands before\nreturning SUCCESS.\n\nBecause tcm_loop_target_reset() doesn\u0027t drain, the SCSI EH reuses in-flight\nscsi_cmnd structures for recovery commands (e.g. TUR) while the target core\nstill has async completion work queued for the old se_cmd. The memset in\nqueuecommand zeroes se_lun and lun_ref_active, causing\ntransport_lun_remove_cmd() to skip its percpu_ref_put(). The leaked LUN\nreference prevents transport_clear_lun_ref() from completing, hanging\nconfigfs LUN unlink forever in D-state:\n\n INFO: task rm:264 blocked for more than 122 seconds.\n rm D 0 264 258 0x00004000\n Call Trace:\n __schedule+0x3d0/0x8e0\n schedule+0x36/0xf0\n transport_clear_lun_ref+0x78/0x90 [target_core_mod]\n core_tpg_remove_lun+0x28/0xb0 [target_core_mod]\n target_fabric_port_unlink+0x50/0x60 [target_core_mod]\n configfs_unlink+0x156/0x1f0 [configfs]\n vfs_unlink+0x109/0x290\n do_unlinkat+0x1d5/0x2d0\n\nFix this by making tcm_loop_target_reset() actually drain commands:\n\n 1. Issue TMR_LUN_RESET via tcm_loop_issue_tmr() to drain all commands that\n the target core knows about (those not yet CMD_T_COMPLETE).\n\n 2. Use blk_mq_tagset_busy_iter() to iterate all started requests and\n flush_work() on each se_cmd - this drains any deferred completion work\n for commands that already had CMD_T_COMPLETE set before the TMR (which\n the TMR skips via __target_check_io_state()). This is the same pattern\n used by mpi3mr, scsi_debug, and libsas to drain outstanding commands\n during reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43054",
"url": "https://www.suse.com/security/cve/CVE-2026-43054"
},
{
"category": "external",
"summary": "SUSE Bug 1264063 for CVE-2026-43054",
"url": "https://bugzilla.suse.com/1264063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43054"
},
{
"cve": "CVE-2026-43059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix list corruption and UAF in command complete handlers\n\nCommit 302a1f674c00 (\"Bluetooth: MGMT: Fix possible UAFs\") introduced\nmgmt_pending_valid(), which not only validates the pending command but\nalso unlinks it from the pending list if it is valid. This change in\nsemantics requires updates to several completion handlers to avoid list\ncorruption and memory safety issues.\n\nThis patch addresses two left-over issues from the aforementioned rework:\n\n1. In mgmt_add_adv_patterns_monitor_complete(), mgmt_pending_remove()\nis replaced with mgmt_pending_free() in the success path. Since\nmgmt_pending_valid() already unlinks the command at the beginning of\nthe function, calling mgmt_pending_remove() leads to a double list_del()\nand subsequent list corruption/kernel panic.\n\n2. In set_mesh_complete(), the use of mgmt_pending_foreach() in the error\npath is removed. Since the current command is already unlinked by\nmgmt_pending_valid(), this foreach loop would incorrectly target other\npending mesh commands, potentially freeing them while they are still being\nprocessed concurrently (leading to UAFs). The redundant mgmt_cmd_status()\nis also simplified to use cmd-\u003eopcode directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43059",
"url": "https://www.suse.com/security/cve/CVE-2026-43059"
},
{
"category": "external",
"summary": "SUSE Bug 1264184 for CVE-2026-43059",
"url": "https://bugzilla.suse.com/1264184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43059"
},
{
"cve": "CVE-2026-43065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: always drain queued discard work in ext4_mb_release()\n\nWhile reviewing recent ext4 patch[1], Sashiko raised the following\nconcern[2]:\n\n\u003e If the filesystem is initially mounted with the discard option,\n\u003e deleting files will populate sbi-\u003es_discard_list and queue\n\u003e s_discard_work. If it is then remounted with nodiscard, the\n\u003e EXT4_MOUNT_DISCARD flag is cleared, but the pending s_discard_work is\n\u003e neither cancelled nor flushed.\n\n[1] https://lore.kernel.org/r/20260319094545.19291-1-qiang.zhang@linux.dev/\n[2] https://sashiko.dev/#/patchset/20260319094545.19291-1-qiang.zhang%40linux.dev\n\nThe concern was valid, but it had nothing to do with the patch[1].\nOne of the problems with Sashiko in its current (early) form is that\nit will detect pre-existing issues and report it as a problem with the\npatch that it is reviewing.\n\nIn practice, it would be hard to hit deliberately (unless you are a\nmalicious syzkaller fuzzer), since it would involve mounting the file\nsystem with -o discard, and then deleting a large number of files,\nremounting the file system with -o nodiscard, and then immediately\nunmounting the file system before the queued discard work has a change\nto drain on its own.\n\nFix it because it\u0027s a real bug, and to avoid Sashiko from raising this\nconcern when analyzing future patches to mballoc.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43065",
"url": "https://www.suse.com/security/cve/CVE-2026-43065"
},
{
"category": "external",
"summary": "SUSE Bug 1264243 for CVE-2026-43065",
"url": "https://bugzilla.suse.com/1264243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "low"
}
],
"title": "CVE-2026-43065"
},
{
"cve": "CVE-2026-43066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix iloc.bh leak in ext4_fc_replay_inode() error paths\n\nDuring code review, Joseph found that ext4_fc_replay_inode() calls\next4_get_fc_inode_loc() to get the inode location, which holds a\nreference to iloc.bh that must be released via brelse().\n\nHowever, several error paths jump to the \u0027out\u0027 label without\nreleasing iloc.bh:\n\n - ext4_handle_dirty_metadata() failure\n - sync_dirty_buffer() failure\n - ext4_mark_inode_used() failure\n - ext4_iget() failure\n\nFix this by introducing an \u0027out_brelse\u0027 label placed just before\nthe existing \u0027out\u0027 label to ensure iloc.bh is always released.\n\nAdditionally, make ext4_fc_replay_inode() propagate errors\nproperly instead of always returning 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43066",
"url": "https://www.suse.com/security/cve/CVE-2026-43066"
},
{
"category": "external",
"summary": "SUSE Bug 1264245 for CVE-2026-43066",
"url": "https://bugzilla.suse.com/1264245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43066"
},
{
"cve": "CVE-2026-43068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocate block from corrupted group in ext4_mb_find_by_goal()\n\nThere\u0027s issue as follows:\n...\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 2243 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 2239 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): error count since last fsck: 1\nEXT4-fs (mmcblk0p1): initial error at time 1765597433: ext4_mb_generate_buddy:760\nEXT4-fs (mmcblk0p1): last error at time 1765597433: ext4_mb_generate_buddy:760\n...\n\nAccording to the log analysis, blocks are always requested from the\ncorrupted block group. This may happen as follows:\next4_mb_find_by_goal\n ext4_mb_load_buddy\n ext4_mb_load_buddy_gfp\n ext4_mb_init_cache\n ext4_read_block_bitmap_nowait\n ext4_wait_block_bitmap\n ext4_validate_block_bitmap\n if (!grp || EXT4_MB_GRP_BBITMAP_CORRUPT(grp))\n return -EFSCORRUPTED; // There\u0027s no logs.\n if (err)\n return err; // Will return error\next4_lock_group(ac-\u003eac_sb, group);\n if (unlikely(EXT4_MB_GRP_BBITMAP_CORRUPT(e4b-\u003ebd_info))) // Unreachable\n goto out;\n\nAfter commit 9008a58e5dce (\"ext4: make the bitmap read routines return\nreal error codes\") merged, Commit 163a203ddb36 (\"ext4: mark block group\nas corrupt on block bitmap error\") is no real solution for allocating\nblocks from corrupted block groups. This is because if\n\u0027EXT4_MB_GRP_BBITMAP_CORRUPT(e4b-\u003ebd_info)\u0027 is true, then\n\u0027ext4_mb_load_buddy()\u0027 may return an error. This means that the block\nallocation will fail.\nTherefore, check block group if corrupted when ext4_mb_load_buddy()\nreturns error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43068",
"url": "https://www.suse.com/security/cve/CVE-2026-43068"
},
{
"category": "external",
"summary": "SUSE Bug 1264255 for CVE-2026-43068",
"url": "https://bugzilla.suse.com/1264255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43068"
},
{
"cve": "CVE-2026-43074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: defer struct eventpoll free to RCU grace period\n\nIn certain situations, ep_free() in eventpoll.c will kfree the epi-\u003eep\neventpoll struct while it still being used by another concurrent thread.\nDefer the kfree() to an RCU callback to prevent UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43074",
"url": "https://www.suse.com/security/cve/CVE-2026-43074"
},
{
"category": "external",
"summary": "SUSE Bug 1264263 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "external",
"summary": "SUSE Bug 1265307 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1265307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43074"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ioam6: fix OOB and missing lock\n\nWhen trace-\u003etype.bit6 is set:\n\n if (trace-\u003etype.bit6) {\n ...\n queue = skb_get_tx_queue(dev, skb);\n qdisc = rcu_dereference(queue-\u003eqdisc);\n\nThis code can lead to an out-of-bounds access of the dev-\u003e_tx[] array\nwhen is_input is true. In such a case, the packet is on the RX path and\nskb-\u003equeue_mapping contains the RX queue index of the ingress device. If\nthe ingress device has more RX queues than the egress device (dev) has\nTX queues, skb_get_queue_mapping(skb) will exceed dev-\u003enum_tx_queues.\nAdd a check to avoid this situation since skb_get_tx_queue() does not\nclamp the index. This issue has also revealed that per queue visibility\ncannot be accurate and will be replaced later as a new feature.\n\nWhile at it, add missing lock around qdisc_qstats_qlen_backlog(). The\nfunction __ioam6_fill_trace_data() is called from both softirq and\nprocess contexts, hence the use of spin_lock_bh() here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43083",
"url": "https://www.suse.com/security/cve/CVE-2026-43083"
},
{
"category": "external",
"summary": "SUSE Bug 1264266 for CVE-2026-43083",
"url": "https://bugzilla.suse.com/1264266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43083"
},
{
"cve": "CVE-2026-43101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()\n\nWe need to check __in6_dev_get() for possible NULL value, as\nsuggested by Yiming Qian.\n\nAlso add skb_dst_dev_rcu() instead of skb_dst_dev(),\nand two missing READ_ONCE().\n\nNote that @dev can\u0027t be NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43101",
"url": "https://www.suse.com/security/cve/CVE-2026-43101"
},
{
"category": "external",
"summary": "SUSE Bug 1264239 for CVE-2026-43101",
"url": "https://bugzilla.suse.com/1264239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43101"
},
{
"cve": "CVE-2026-43109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86: shadow stacks: proper error handling for mmap lock\n\n\uae40\uc601\ubbfc reports that shstk_pop_sigframe() doesn\u0027t check for errors from\nmmap_read_lock_killable(), which is a silly oversight, and also shows\nthat we haven\u0027t marked those functions with \"__must_check\", which would\nhave immediately caught it.\n\nSo let\u0027s fix both issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43109",
"url": "https://www.suse.com/security/cve/CVE-2026-43109"
},
{
"category": "external",
"summary": "SUSE Bug 1264484 for CVE-2026-43109",
"url": "https://bugzilla.suse.com/1264484"
},
{
"category": "external",
"summary": "SUSE Bug 1269282 for CVE-2026-43109",
"url": "https://bugzilla.suse.com/1269282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43109"
},
{
"cve": "CVE-2026-43112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43112",
"url": "https://www.suse.com/security/cve/CVE-2026-43112"
},
{
"category": "external",
"summary": "SUSE Bug 1264437 for CVE-2026-43112",
"url": "https://bugzilla.suse.com/1264437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43112"
},
{
"cve": "CVE-2026-43119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status\n\n__hci_cmd_sync_sk() sets hdev-\u003ereq_status under hdev-\u003ereq_lock:\n\n hdev-\u003ereq_status = HCI_REQ_PEND;\n\nHowever, several other functions read or write hdev-\u003ereq_status without\nholding any lock:\n\n - hci_send_cmd_sync() reads req_status in hci_cmd_work (workqueue)\n - hci_cmd_sync_complete() reads/writes from HCI event completion\n - hci_cmd_sync_cancel() / hci_cmd_sync_cancel_sync() read/write\n - hci_abort_conn() reads in connection abort path\n\nSince __hci_cmd_sync_sk() runs on hdev-\u003ereq_workqueue while\nhci_send_cmd_sync() runs on hdev-\u003eworkqueue, these are different\nworkqueues that can execute concurrently on different CPUs. The plain\nC accesses constitute a data race.\n\nAdd READ_ONCE()/WRITE_ONCE() annotations on all concurrent accesses\nto hdev-\u003ereq_status to prevent potential compiler optimizations that\ncould affect correctness (e.g., load fusing in the wait_event\ncondition or store reordering).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43119",
"url": "https://www.suse.com/security/cve/CVE-2026-43119"
},
{
"category": "external",
"summary": "SUSE Bug 1264561 for CVE-2026-43119",
"url": "https://bugzilla.suse.com/1264561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43119"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nEFI/CPER: don\u0027t dump the entire memory region\n\nThe current logic at cper_print_fw_err() doesn\u0027t check if the\nerror record length is big enough to handle offset. On a bad firmware,\nif the ofset is above the actual record, length -= offset will\nunderflow, making it dump the entire memory.\n\nThe end result can be:\n\n - the logic taking a lot of time dumping large regions of memory;\n - data disclosure due to the memory dumps;\n - an OOPS, if it tries to dump an unmapped memory region.\n\nFix it by checking if the section length is too small before doing\na hex dump.\n\n[ rjw: Subject tweaks ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43171",
"url": "https://www.suse.com/security/cve/CVE-2026-43171"
},
{
"category": "external",
"summary": "SUSE Bug 1264549 for CVE-2026-43171",
"url": "https://bugzilla.suse.com/1264549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43171"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()\n\nThe kfd_event_page_set() function writes KFD_SIGNAL_EVENT_LIMIT * 8\nbytes via memset without checking the buffer size parameter. This allows\nunprivileged userspace to trigger an out-of bounds kernel memory write\nby passing a small buffer, leading to potential privilege\nescalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43206",
"url": "https://www.suse.com/security/cve/CVE-2026-43206"
},
{
"category": "external",
"summary": "SUSE Bug 1264551 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "external",
"summary": "SUSE Bug 1266668 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1266668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43206"
},
{
"cve": "CVE-2026-43234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: avoid NETDEV_CHANGEMTU event when unregistering slave\n\nsyzbot is reporting\n\n unregister_netdevice: waiting for netdevsim0 to become free. Usage count = 3\n ref_tracker: netdev@ffff88807dcf8618 has 1/2 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4400 [inline]\n netdev_hold include/linux/netdevice.h:4429 [inline]\n inetdev_init+0x201/0x4e0 net/ipv4/devinet.c:286\n inetdev_event+0x251/0x1610 net/ipv4/devinet.c:1600\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_mtu net/core/dev.c:2318 [inline]\n netif_set_mtu_ext+0x5aa/0x800 net/core/dev.c:9886\n netif_set_mtu+0xd7/0x1b0 net/core/dev.c:9907\n dev_set_mtu+0x126/0x260 net/core/dev_api.c:248\n team_port_del+0xb07/0xcb0 drivers/net/team/team_core.c:1333\n team_del_slave drivers/net/team/team_core.c:1936 [inline]\n team_device_event+0x207/0x5b0 drivers/net/team/team_core.c:2929\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2281 [inline]\n call_netdevice_notifiers net/core/dev.c:2295 [inline]\n __dev_change_net_namespace+0xcb7/0x2050 net/core/dev.c:12592\n do_setlink+0x2ce/0x4590 net/core/rtnetlink.c:3060\n rtnl_changelink net/core/rtnetlink.c:3776 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3935 [inline]\n rtnl_newlink+0x15a9/0x1be0 net/core/rtnetlink.c:4072\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\n\nproblem. Ido Schimmel found steps to reproduce\n\n ip link add name team1 type team\n ip link add name dummy1 mtu 1499 master team1 type dummy\n ip netns add ns1\n ip link set dev dummy1 netns ns1\n ip -n ns1 link del dev dummy1\n\nand also found that the same issue was fixed in the bond driver in\ncommit f51048c3e07b (\"bonding: avoid NETDEV_CHANGEMTU event when\nunregistering slave\").\n\nLet\u0027s do similar thing for the team driver, with commit ad7c7b2172c3 (\"net:\nhold netdev instance lock during sysfs operations\") and commit 303a8487a657\n(\"net: s/__dev_set_mtu/__netif_set_mtu/\") also applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43234",
"url": "https://www.suse.com/security/cve/CVE-2026-43234"
},
{
"category": "external",
"summary": "SUSE Bug 1264409 for CVE-2026-43234",
"url": "https://bugzilla.suse.com/1264409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43234"
},
{
"cve": "CVE-2026-43239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: prevent races in -\u003equery_interfaces()\n\nIt was possible for two query interface works to be concurrently trying\nto update the interfaces.\n\nPrevent this by checking and updating iface_last_update under\niface_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43239",
"url": "https://www.suse.com/security/cve/CVE-2026-43239"
},
{
"category": "external",
"summary": "SUSE Bug 1264444 for CVE-2026-43239",
"url": "https://bugzilla.suse.com/1264444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43239"
},
{
"cve": "CVE-2026-43249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/xen: protect xen_9pfs_front_free against concurrent calls\n\nThe xenwatch thread can race with other back-end change notifications\nand call xen_9pfs_front_free() twice, hitting the observed general\nprotection fault due to a double-free. Guard the teardown path so only\none caller can release the front-end state at a time, preventing the\ncrash.\n\nThis is a fix for the following double-free:\n\n[ 27.052347] Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 27.052357] CPU: 0 UID: 0 PID: 32 Comm: xenwatch Not tainted 6.18.0-02087-g51ab33fc0a8b-dirty #60 PREEMPT(none)\n[ 27.052363] RIP: e030:xen_9pfs_front_free+0x1d/0x150\n[ 27.052368] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54 55 48 89 fd 48 c7 c7 48 d0 92 85 53 e8 cb cb 05 00 48 8b 45 08 48 8b 55 00 \u003c48\u003e 3b 28 0f 85 f9 28 35 fe 48 3b 6a 08 0f 85 ef 28 35 fe 48 89 42\n[ 27.052377] RSP: e02b:ffffc9004016fdd0 EFLAGS: 00010246\n[ 27.052381] RAX: 6b6b6b6b6b6b6b6b RBX: ffff88800d66e400 RCX: 0000000000000000\n[ 27.052385] RDX: 6b6b6b6b6b6b6b6b RSI: 0000000000000000 RDI: 0000000000000000\n[ 27.052389] RBP: ffff88800a887040 R08: 0000000000000000 R09: 0000000000000000\n[ 27.052393] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888009e46b68\n[ 27.052397] R13: 0000000000000200 R14: 0000000000000000 R15: ffff88800a887040\n[ 27.052404] FS: 0000000000000000(0000) GS:ffff88808ca57000(0000) knlGS:0000000000000000\n[ 27.052408] CS: e030 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 27.052412] CR2: 00007f9714004360 CR3: 0000000004834000 CR4: 0000000000050660\n[ 27.052418] Call Trace:\n[ 27.052420] \u003cTASK\u003e\n[ 27.052422] xen_9pfs_front_changed+0x5d5/0x720\n[ 27.052426] ? xenbus_otherend_changed+0x72/0x140\n[ 27.052430] ? __pfx_xenwatch_thread+0x10/0x10\n[ 27.052434] xenwatch_thread+0x94/0x1c0\n[ 27.052438] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 27.052442] kthread+0xf8/0x240\n[ 27.052445] ? __pfx_kthread+0x10/0x10\n[ 27.052449] ? __pfx_kthread+0x10/0x10\n[ 27.052452] ret_from_fork+0x16b/0x1a0\n[ 27.052456] ? __pfx_kthread+0x10/0x10\n[ 27.052459] ret_from_fork_asm+0x1a/0x30\n[ 27.052463] \u003c/TASK\u003e\n[ 27.052465] Modules linked in:\n[ 27.052471] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43249",
"url": "https://www.suse.com/security/cve/CVE-2026-43249"
},
{
"category": "external",
"summary": "SUSE Bug 1264476 for CVE-2026-43249",
"url": "https://bugzilla.suse.com/1264476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43249"
},
{
"cve": "CVE-2026-43252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: in-kernel: always set ID as avail when rm endp\n\nSyzkaller managed to find a combination of actions that was generating\nthis warning:\n\n WARNING: net/mptcp/pm_kernel.c:1074 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1074 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_fullmesh net/mptcp/pm_kernel.c:1446 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_set_flags_all net/mptcp/pm_kernel.c:1474 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_set_flags+0x5de/0x640 net/mptcp/pm_kernel.c:1538, CPU#1: syz.7.48/2535\n Modules linked in:\n CPU: 1 UID: 0 PID: 2535 Comm: syz.7.48 Not tainted 6.18.0-03987-gea5f5e676cf5 #17 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 25.10 PC (i440FX + PIIX, 1996), BIOS 1.17.0-debian-1.17.0-1 04/01/2014\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_kernel.c:1074 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_kernel.c:1446 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags_all net/mptcp/pm_kernel.c:1474 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x5de/0x640 net/mptcp/pm_kernel.c:1538\n Code: 89 c7 e8 c5 8c 73 fe e9 f7 fd ff ff 49 83 ef 80 e8 b7 8c 73 fe 4c 89 ff be 03 00 00 00 e8 4a 29 e3 fe eb ac e8 a3 8c 73 fe 90 \u003c0f\u003e 0b 90 e9 3d ff ff ff e8 95 8c 73 fe b8 a1 ff ff ff eb 1a e8 89\n RSP: 0018:ffffc9001535b820 EFLAGS: 00010287\n netdevsim0: tun_chr_ioctl cmd 1074025677\n RAX: ffffffff82da294d RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc900096d0000 RSI: 00000000000006d6 RDI: 00000000000006d7\n netdevsim0: linktype set to 823\n RBP: ffff88802cdb2240 R08: 00000000000104ae R09: ffffffffffffffff\n R10: ffffffff82da27d4 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff88801246d8c0 R14: ffffc9001535b8b8 R15: ffff88802cdb1800\n FS: 00007fc6ac5a76c0(0000) GS:ffff8880f90c8000(0000) knlGS:0000000000000000\n netlink: \u0027syz.3.50\u0027: attribute type 5 has an invalid length.\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n netlink: 1232 bytes leftover after parsing attributes in process `syz.3.50\u0027.\n CR2: 0000200000010000 CR3: 0000000025b1a000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_set_flags net/mptcp/pm_netlink.c:277 [inline]\n mptcp_pm_nl_set_flags_doit+0x1d7/0x210 net/mptcp/pm_netlink.c:282\n genl_family_rcv_msg_doit+0x117/0x180 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x3a8/0x3f0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16d/0x240 net/netlink/af_netlink.c:2550\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x3e9/0x4c0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x4ab/0x5b0 net/netlink/af_netlink.c:1894\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0xc9/0xf0 net/socket.c:733\n ____sys_sendmsg+0x272/0x3b0 net/socket.c:2608\n ___sys_sendmsg+0x2de/0x320 net/socket.c:2662\n __sys_sendmsg net/socket.c:2694 [inline]\n __do_sys_sendmsg net/socket.c:2699 [inline]\n __se_sys_sendmsg net/socket.c:2697 [inline]\n __x64_sys_sendmsg+0x110/0x1a0 net/socket.c:2697\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xed/0x360 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7fc6adb66f6d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fc6ac5a6ff8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007fc6addf5fa0 RCX: 00007fc6adb66f6d\n RDX: 0000000000048084 RSI: 00002000000002c0 RDI: 000000000000000e\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43252",
"url": "https://www.suse.com/security/cve/CVE-2026-43252"
},
{
"category": "external",
"summary": "SUSE Bug 1264300 for CVE-2026-43252",
"url": "https://bugzilla.suse.com/1264300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43252"
},
{
"cve": "CVE-2026-43261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Add support for TSV110 Spectre-BHB mitigation\n\nThe TSV110 processor is vulnerable to the Spectre-BHB (Branch History\nBuffer) attack, which can be exploited to leak information through\nbranch prediction side channels. This commit adds the MIDR of TSV110\nto the list for software mitigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43261",
"url": "https://www.suse.com/security/cve/CVE-2026-43261"
},
{
"category": "external",
"summary": "SUSE Bug 1264430 for CVE-2026-43261",
"url": "https://bugzilla.suse.com/1264430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43261"
},
{
"cve": "CVE-2026-43284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: esp: avoid in-place decrypt on shared skb frags\n\nMSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP\nmarks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(),\nso later paths that may modify packet data can first make a private\ncopy. The IPv4/IPv6 datagram append paths did not set this flag when\nsplicing pages into UDP skbs.\n\nThat leaves an ESP-in-UDP packet made from shared pipe pages looking\nlike an ordinary uncloned nonlinear skb. ESP input then takes the no-COW\nfast path for uncloned skbs without a frag_list and decrypts in place\nover data that is not owned privately by the skb.\n\nMark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching\nTCP. Also make ESP input fall back to skb_cow_data() when the flag is\npresent, so ESP does not decrypt externally backed frags in place.\nPrivate nonlinear skb frags still use the existing fast path.\n\nThis intentionally does not change ESP output. In esp_output_head(),\nthe path that appends the ESP trailer to existing skb tailroom without\ncalling skb_cow_data() is not reachable for nonlinear skbs:\nskb_tailroom() returns zero when skb-\u003edata_len is nonzero, while ESP\ntailen is positive. Thus ESP output will either use the separate\ndestination-frag path or fall back to skb_cow_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43284",
"url": "https://www.suse.com/security/cve/CVE-2026-43284"
},
{
"category": "external",
"summary": "SUSE Bug 1264449 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "external",
"summary": "SUSE Bug 1264459 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264459"
},
{
"category": "external",
"summary": "SUSE Bug 1265383 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1265383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43284"
},
{
"cve": "CVE-2026-43296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Workaround SQM/PSE stalls by disabling sticky\n\nNIX SQ manager sticky mode is known to cause stalls when multiple SQs\nshare an SMQ and transmit concurrently. Additionally, PSE may deadlock\non transitions between sticky and non-sticky transmissions. There is\nalso a credit drop issue observed when certain condition clocks are\ngated.\n\nwork around these hardware errata by:\n- Disabling SQM sticky operation:\n - Clear TM6 (bit 15)\n - Clear TM11 (bit 14)\n- Disabling sticky -\u003e non-sticky transition path that can deadlock PSE:\n - Clear TM5 (bit 23)\n- Preventing credit drops by keeping the control-flow clock enabled:\n - Set TM9 (bit 21)\n\nThese changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this\nconfiguration the SQM/PSE maintain forward progress under load without\ncredit loss, at the cost of disabling sticky optimizations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43296",
"url": "https://www.suse.com/security/cve/CVE-2026-43296"
},
{
"category": "external",
"summary": "SUSE Bug 1264805 for CVE-2026-43296",
"url": "https://bugzilla.suse.com/1264805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43296"
},
{
"cve": "CVE-2026-43325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t send a 6E related command when not supported\n\nMCC_ALLOWED_AP_TYPE_CMD is related to 6E support. Do not send it if the\ndevice doesn\u0027t support 6E.\nApparently, the firmware is mistakenly advertising support for this\ncommand even on AX201 which does not support 6E and then the firmware\ncrashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43325",
"url": "https://www.suse.com/security/cve/CVE-2026-43325"
},
{
"category": "external",
"summary": "SUSE Bug 1265110 for CVE-2026-43325",
"url": "https://bugzilla.suse.com/1265110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43325"
},
{
"cve": "CVE-2026-43333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: reject direct access to nullable PTR_TO_BUF pointers\n\ncheck_mem_access() matches PTR_TO_BUF via base_type() which strips\nPTR_MAYBE_NULL, allowing direct dereference without a null check.\n\nMap iterator ctx-\u003ekey and ctx-\u003evalue are PTR_TO_BUF | PTR_MAYBE_NULL.\nOn stop callbacks these are NULL, causing a kernel NULL dereference.\n\nAdd a type_may_be_null() guard to the PTR_TO_BUF branch, matching the\nexisting PTR_TO_BTF_ID pattern.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43333",
"url": "https://www.suse.com/security/cve/CVE-2026-43333"
},
{
"category": "external",
"summary": "SUSE Bug 1264726 for CVE-2026-43333",
"url": "https://bugzilla.suse.com/1264726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43333"
},
{
"cve": "CVE-2026-43338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43338"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reserve enough transaction items for qgroup ioctls\n\nCurrently our qgroup ioctls don\u0027t reserve any space, they just do a\ntransaction join, which does not reserve any space, neither for the quota\ntree updates nor for the delayed refs generated when updating the quota\ntree. The quota root uses the global block reserve, which is fine most of\nthe time since we don\u0027t expect a lot of updates to the quota root, or to\nbe too close to -ENOSPC such that other critical metadata updates need to\nresort to the global reserve.\n\nHowever this is not optimal, as not reserving proper space may result in a\ntransaction abort due to not reserving space for delayed refs and then\nabusing the use of the global block reserve.\n\nFor example, the following reproducer (which is unlikely to model any\nreal world use case, but just to illustrate the problem), triggers such a\ntransaction abort due to -ENOSPC when running delayed refs:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/nullb0\n MNT=/mnt/nullb0\n\n umount $DEV \u0026\u003e /dev/null\n # Limit device to 1G so that it\u0027s much faster to reproduce the issue.\n mkfs.btrfs -f -b 1G $DEV\n mount -o commit=600 $DEV $MNT\n\n fallocate -l 800M $MNT/filler\n btrfs quota enable $MNT\n\n for ((i = 1; i \u003c= 400000; i++)); do\n btrfs qgroup create 1/$i $MNT\n done\n\n umount $MNT\n\nWhen running this, we can see in dmesg/syslog that a transaction abort\nhappened:\n\n [436.490] BTRFS error (device nullb0): failed to run delayed ref for logical 30408704 num_bytes 16384 type 176 action 1 ref_mod 1: -28\n [436.493] ------------[ cut here ]------------\n [436.494] BTRFS: Transaction aborted (error -28)\n [436.495] WARNING: fs/btrfs/extent-tree.c:2247 at btrfs_run_delayed_refs+0xd9/0x110 [btrfs], CPU#4: umount/2495372\n [436.497] Modules linked in: btrfs loop (...)\n [436.508] CPU: 4 UID: 0 PID: 2495372 Comm: umount Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [436.510] Tainted: [W]=WARN\n [436.511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [436.513] RIP: 0010:btrfs_run_delayed_refs+0xdf/0x110 [btrfs]\n [436.514] Code: 0f 82 ea (...)\n [436.518] RSP: 0018:ffffd511850b7d78 EFLAGS: 00010292\n [436.519] RAX: 00000000ffffffe4 RBX: ffff8f120dad37e0 RCX: 0000000002040001\n [436.520] RDX: 0000000000000002 RSI: 00000000ffffffe4 RDI: ffffffffc090fd80\n [436.522] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffffc04d1867\n [436.523] R10: ffff8f18dc1fffa8 R11: 0000000000000003 R12: ffff8f173aa89400\n [436.524] R13: 0000000000000000 R14: ffff8f173aa89400 R15: 0000000000000000\n [436.526] FS: 00007fe59045d840(0000) GS:ffff8f192e22e000(0000) knlGS:0000000000000000\n [436.527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [436.528] CR2: 00007fe5905ff2b0 CR3: 000000060710a002 CR4: 0000000000370ef0\n [436.530] Call Trace:\n [436.530] \u003cTASK\u003e\n [436.530] btrfs_commit_transaction+0x73/0xc00 [btrfs]\n [436.531] ? btrfs_attach_transaction_barrier+0x1e/0x70 [btrfs]\n [436.532] sync_filesystem+0x7a/0x90\n [436.533] generic_shutdown_super+0x28/0x180\n [436.533] kill_anon_super+0x12/0x40\n [436.534] btrfs_kill_super+0x12/0x20 [btrfs]\n [436.534] deactivate_locked_super+0x2f/0xb0\n [436.534] cleanup_mnt+0xea/0x180\n [436.535] task_work_run+0x58/0xa0\n [436.535] exit_to_user_mode_loop+0xed/0x480\n [436.536] ? __x64_sys_umount+0x68/0x80\n [436.536] do_syscall_64+0x2a5/0xf20\n [436.537] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [436.537] RIP: 0033:0x7fe5906b6217\n [436.538] Code: 0d 00 f7 (...)\n [436.540] RSP: 002b:00007ffcd87a61f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n [436.541] RAX: 0000000000000000 RBX: 00005618b9ecadc8 RCX: 00007fe5906b6217\n [436.541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005618b9ecb100\n [436.542] RBP: 0000000000000000 R08: 00007ffcd87a4fe0 R09: 00000000ffffffff\n [436.544] R10: 0000000000000103 R11: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43338",
"url": "https://www.suse.com/security/cve/CVE-2026-43338"
},
{
"category": "external",
"summary": "SUSE Bug 1264716 for CVE-2026-43338",
"url": "https://bugzilla.suse.com/1264716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43338"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43341"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: ioam6: prevent schema length wraparound in trace fill\n\nioam6_fill_trace_data() stores the schema contribution to the trace\nlength in a u8. With bit 22 enabled and the largest schema payload,\nsclen becomes 1 + 1020 / 4, wraps from 256 to 0, and bypasses the\nremaining-space check. __ioam6_fill_trace_data() then positions the\nwrite cursor without reserving the schema area but still copies the\n4-byte schema header and the full schema payload, overrunning the trace\nbuffer.\n\nKeep sclen in an unsigned int so the remaining-space check and the write\ncursor calculation both see the full schema length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43341",
"url": "https://www.suse.com/security/cve/CVE-2026-43341"
},
{
"category": "external",
"summary": "SUSE Bug 1265044 for CVE-2026-43341",
"url": "https://bugzilla.suse.com/1265044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43341"
},
{
"cve": "CVE-2026-43345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix event ring index not programmed for IPA v5.0+\n\nFor IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to\nCH_C_CNTXT_1. The v5.0 register definition intended to define this\nfield in the CH_C_CNTXT_1 fmask array but used the old identifier of\nERINDEX instead of CH_ERINDEX.\n\nWithout a valid event ring, GSI channels could never signal transfer\ncompletions. This caused gsi_channel_trans_quiesce() to block\nforever in wait_for_completion().\n\nAt least for IPA v5.2 this resolves an issue seen where runtime\nsuspend, system suspend, and remoteproc stop all hanged forever. It\nalso meant the IPA data path was completely non functional.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43345",
"url": "https://www.suse.com/security/cve/CVE-2026-43345"
},
{
"category": "external",
"summary": "SUSE Bug 1265103 for CVE-2026-43345",
"url": "https://bugzilla.suse.com/1265103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43345"
},
{
"cve": "CVE-2026-43359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort on set received ioctl due to item overflow\n\nIf the set received ioctl fails due to an item overflow when attempting to\nadd the BTRFS_UUID_KEY_RECEIVED_SUBVOL we have to abort the transaction\nsince we did some metadata updates before.\n\nThis means that if a user calls this ioctl with the same received UUID\nfield for a lot of subvolumes, we will hit the overflow, trigger the\ntransaction abort and turn the filesystem into RO mode. A malicious user\ncould exploit this, and this ioctl does not even requires that a user\nhas admin privileges (CAP_SYS_ADMIN), only that he/she owns the subvolume.\n\nFix this by doing an early check for item overflow before starting a\ntransaction. This is also race safe because we are holding the subvol_sem\nsemaphore in exclusive (write) mode.\n\nA test case for fstests will follow soon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43359",
"url": "https://www.suse.com/security/cve/CVE-2026-43359"
},
{
"category": "external",
"summary": "SUSE Bug 1264719 for CVE-2026-43359",
"url": "https://bugzilla.suse.com/1264719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43359"
},
{
"cve": "CVE-2026-43360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort on file creation due to name hash collision\n\nIf we attempt to create several files with names that result in the same\nhash, we have to pack them in same dir item and that has a limit inherent\nto the leaf size. However if we reach that limit, we trigger a transaction\nabort and turns the filesystem into RO mode. This allows for a malicious\nuser to disrupt a system, without the need to have administration\nprivileges/capabilities.\n\nReproducer:\n\n $ cat exploit-hash-collisions.sh\n #!/bin/bash\n\n DEV=/dev/sdi\n MNT=/mnt/sdi\n\n # Use smallest node size to make the test faster and require fewer file\n # names that result in hash collision.\n mkfs.btrfs -f --nodesize 4K $DEV\n mount $DEV $MNT\n\n # List of names that result in the same crc32c hash for btrfs.\n declare -a names=(\n \u0027foobar\u0027\n \u0027%a8tYkxfGMLWRGr55QSeQc4PBNH9PCLIvR6jZnkDtUUru1t@RouaUe_L:@xGkbO3nCwvLNYeK9vhE628gss:T$yZjZ5l-Nbd6CbC$M=hqE-ujhJICXyIxBvYrIU9-TDC\u0027\n \u0027AQci3EUB%shMsg-N%frgU:02ByLs=IPJU0OpgiWit5nexSyxZDncY6WB:=zKZuk5Zy0DD$Ua78%MelgBuMqaHGyKsJUFf9s=UW80PcJmKctb46KveLSiUtNmqrMiL9-Y0I_l5Fnam04CGIg=8@U:Z\u0027\n \u0027CvVqJpJzueKcuA$wqwePfyu7VxuWNN3ho$p0zi2H8QFYK$7YlEqOhhb%:hHgjhIjW5vnqWHKNP4\u0027\n \u0027ET:vk@rFU4tsvMB0$C_p=xQHaYZjvoF%-BTc%wkFW8yaDAPcCYoR%x$FH5O:\u0027\n \u0027HwTon%v7SGSP4FE08jBwwiu5aot2CFKXHTeEAa@38fUcNGOWvE@Mz6WBeDH_VooaZ6AgsXPkVGwy9l@@ZbNXabUU9csiWrrOp0MWUdfi$EZ3w9GkIqtz7I_eOsByOkBOO\u0027\n \u0027Ij%2VlFGXSuPvxJGf5UWy6O@1svxGha%b@=%wjkq:CIgE6u7eJOjmQY5qTtxE2Rjbis9@us\u0027\n \u0027KBkjG5%9R8K9sOG8UTnAYjxLNAvBmvV5vz3IiZaPmKuLYO03-6asI9lJ_j4@6Xo$KZicaLWJ3Pv8XEwVeUPMwbHYWwbx0pYvNlGMO9F:ZhHAwyctnGy%_eujl%WPd4U2BI7qooOSr85J-C2V$LfY\u0027\n \u0027NcRfDfuUQ2=zP8K3CCF5dFcpfiOm6mwenShsAb_F%n6GAGC7fT2JFFn:c35X-3aYwoq7jNX5$ZJ6hI3wnZs$7KgGi7wjulffhHNUxAT0fRRLF39vJ@NvaEMxsMO\u0027\n \u0027Oj42AQAEzRoTxa5OuSKIr=A_lwGMy132v4g3Pdq1GvUG9874YseIFQ6QU\u0027\n \u0027Ono7avN5GjC:_6dBJ_\u0027\n \u0027WHmN2gnmaN-9dVDy4aWo:yNGFzz8qsJyJhWEWcud7$QzN2D9R0efIWWEdu5kwWr73NZm4=@CoCDxrrZnRITr-kGtU_cfW2:%2_am\u0027\n \u0027WiFnuTEhAG9FEC6zopQmj-A-$LDQ0T3WULz%ox3UZAPybSV6v1Z$b4L_XBi4M4BMBtJZpz93r9xafpB77r:lbwvitWRyo$odnAUYlYMmU4RvgnNd--e=I5hiEjGLETTtaScWlQp8mYsBovZwM2k\u0027\n \u0027XKyH=OsOAF3p%uziGF_ZVr$ivrvhVgD@1u%5RtrV-gl_vqAwHkK@x7YwlxX3qT6WKKQ%PR56NrUBU2dOAOAdzr2=5nJuKPM-T-$ZpQfCL7phxQbUcb:BZOTPaFExc-qK-gDRCDW2\u0027\n \u0027d3uUR6OFEwZr%ns1XH_@tbxA@cCPmbBRLdyh7p6V45H$P2$F%w0RqrD3M0g8aGvWpoTFMiBdOTJXjD:JF7=h9a_43xBywYAP%r$SPZi%zDg%ql-KvkdUCtF9OLaQlxmd\u0027\n \u0027ePTpbnit%hyNm@WELlpKzNZYOzOTf8EQ$sEfkMy1VOfIUu3coyvIr13-Y7Sv5v-Ivax2Go_GQRFMU1b3362nktT9WOJf3SpT%z8sZmM3gvYQBDgmKI%%RM-G7hyrhgYflOw%z::ZRcv5O:lDCFm\u0027\n \u0027evqk743Y@dvZAiG5J05L_ROFV@$2%rVWJ2%3nxV72-W7$e$-SK3tuSHA2mBt$qloC5jwNx33GmQUjD%akhBPu=VJ5g$xhlZiaFtTrjeeM5x7dt4cHpX0cZkmfImndYzGmvwQG:$euFYmXn$_2rA9mKZ\u0027\n \u0027gkgUtnihWXsZQTEkrMAWIxir09k3t7jk_IK25t1:cy1XWN0GGqC%FrySdcmU7M8MuPO_ppkLw3=Dfr0UuBAL4%GFk2$Ma10V1jDRGJje%Xx9EV2ERaWKtjpwiZwh0gCSJsj5UL7CR8RtW5opCVFKGGy8Cky\u0027\n \u0027hNgsG_8lNRik3PvphqPm0yEH3P%%fYG:kQLY=6O-61Wa6nrV_WVGR6TLB09vHOv%g4VQRP8Gzx7VXUY1qvZyS\u0027\n \u0027isA7JVzN12xCxVPJZ_qoLm-pTBuhjjHMvV7o=F:EaClfYNyFGlsfw-Kf%uxdqW-kwk1sPl2vhbjyHU1A6$hz\u0027\n \u0027kiJ_fgcdZFDiOptjgH5PN9-PSyLO4fbk_:u5_2tz35lV_iXiJ6cx7pwjTtKy-XGaQ5IefmpJ4N_ZqGsqCsKuqOOBgf9LkUdffHet@Wu\u0027\n \u0027lvwtxyhE9:%Q3UxeHiViUyNzJsy:fm38pg_b6s25JvdhOAT=1s0$pG25x=LZ2rlHTszj=gN6M4zHZYr_qrB49i=pA--@WqWLIuX7o1S_SfS@2FSiUZN\u0027\n \u0027rC24cw3UBDZ=5qJBUMs9e$=S4Y94ni%Z8639vnrGp=0Hv4z3dNFL0fBLmQ40=EYIY:Z=SLc@QLMSt2zsss2ZXrP7j4=\u0027\n \u0027uwGl2s-fFrf@GqS=DQqq2I0LJSsOmM%xzTjS:lzXguE3wChdMoHYtLRKPvfaPOZF2fER@j53evbKa7R%A7r4%YEkD=kicJe@SFiGtXHbKe4gCgPAYbnVn\u0027\n \u0027UG37U6KKua2bgc:IHzRs7BnB6FD:2Mt5Cc5NdlsW%$1tyvnfz7S27FvNkroXwAW:mBZLA1@qa9WnDbHCDmQmfPMC9z-Eq6QT0jhhPpqyymaD:R02ghwYo%yx7SAaaq-:x33LYpei$5g8DMl3C\u0027\n \u0027y2vjek0FE1PDJC0qpfnN:x8k2wCFZ9xiUF2ege=JnP98R%wxjKkdfEiLWvQzmnW\u0027\n \u00278-HCSgH5B%K7P8_jaVtQhBXpBk:pE-$P7ts58U0J@iR9YZntMPl7j$s62yAJO@_9eanFPS54b=UTw$94C-t=HLxT8n6o9P=QnIxq-f1=Ne2dvhe6WbjEQtc\u0027\n \u0027YPPh:IFt2mtR6XWSmjHptXL_hbSYu8bMw-JP8@PNyaFkdNFsk$M=xfL6LDKCDM-mSyGA_2MBwZ8Dr4=R1D%7-mC\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43360",
"url": "https://www.suse.com/security/cve/CVE-2026-43360"
},
{
"category": "external",
"summary": "SUSE Bug 1264720 for CVE-2026-43360",
"url": "https://bugzilla.suse.com/1264720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43360"
},
{
"cve": "CVE-2026-43361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort when snapshotting received subvolumes\n\nCurrently a user can trigger a transaction abort by snapshotting a\npreviously received snapshot a bunch of times until we reach a\nBTRFS_UUID_KEY_RECEIVED_SUBVOL item overflow (the maximum item size we\ncan store in a leaf). This is very likely not common in practice, but\nif it happens, it turns the filesystem into RO mode. The snapshot, send\nand set_received_subvol and subvol_setflags (used by receive) don\u0027t\nrequire CAP_SYS_ADMIN, just inode_owner_or_capable(). A malicious user\ncould use this to turn a filesystem into RO mode and disrupt a system.\n\nReproducer script:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/sdi\n MNT=/mnt/sdi\n\n # Use smallest node size to make the test faster.\n mkfs.btrfs -f --nodesize 4K $DEV\n mount $DEV $MNT\n\n # Create a subvolume and set it to RO so that it can be used for send.\n btrfs subvolume create $MNT/sv\n touch $MNT/sv/foo\n btrfs property set $MNT/sv ro true\n\n # Send and receive the subvolume into snaps/sv.\n mkdir $MNT/snaps\n btrfs send $MNT/sv | btrfs receive $MNT/snaps\n\n # Now snapshot the received subvolume, which has a received_uuid, a\n # lot of times to trigger the leaf overflow.\n total=500\n for ((i = 1; i \u003c= $total; i++)); do\n echo -ne \"\\rCreating snapshot $i/$total\"\n btrfs subvolume snapshot -r $MNT/snaps/sv $MNT/snaps/sv_$i \u003e /dev/null\n done\n echo\n\n umount $MNT\n\nWhen running the test:\n\n $ ./test.sh\n (...)\n Create subvolume \u0027/mnt/sdi/sv\u0027\n At subvol /mnt/sdi/sv\n At subvol sv\n Creating snapshot 496/500ERROR: Could not create subvolume: Value too large for defined data type\n Creating snapshot 497/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 498/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 499/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 500/500ERROR: Could not create subvolume: Read-only file system\n\nAnd in dmesg/syslog:\n\n $ dmesg\n (...)\n [251067.627338] BTRFS warning (device sdi): insert uuid item failed -75 (0x4628b21c4ac8d898, 0x2598bee2b1515c91) type 252!\n [251067.629212] ------------[ cut here ]------------\n [251067.630033] BTRFS: Transaction aborted (error -75)\n [251067.630871] WARNING: fs/btrfs/transaction.c:1907 at create_pending_snapshot.cold+0x52/0x465 [btrfs], CPU#10: btrfs/615235\n [251067.632851] Modules linked in: btrfs dm_zero (...)\n [251067.644071] CPU: 10 UID: 0 PID: 615235 Comm: btrfs Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [251067.646165] Tainted: [W]=WARN\n [251067.646733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [251067.648735] RIP: 0010:create_pending_snapshot.cold+0x55/0x465 [btrfs]\n [251067.649984] Code: f0 48 0f (...)\n [251067.653313] RSP: 0018:ffffce644908fae8 EFLAGS: 00010292\n [251067.653987] RAX: 00000000ffffff01 RBX: ffff8e5639e63a80 RCX: 00000000ffffffd3\n [251067.655042] RDX: ffff8e53faa76b00 RSI: 00000000ffffffb5 RDI: ffffffffc0919750\n [251067.656077] RBP: ffffce644908fbd8 R08: 0000000000000000 R09: ffffce644908f820\n [251067.657068] R10: ffff8e5adc1fffa8 R11: 0000000000000003 R12: ffff8e53c0431bd0\n [251067.658050] R13: ffff8e5414593600 R14: ffff8e55efafd000 R15: 00000000ffffffb5\n [251067.659019] FS: 00007f2a4944b3c0(0000) GS:ffff8e5b27dae000(0000) knlGS:0000000000000000\n [251067.660115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [251067.660943] CR2: 00007ffc5aa57898 CR3: 00000005813a2003 CR4: 0000000000370ef0\n [251067.661972] Call Trace:\n [251067.662292] \u003cTASK\u003e\n [251067.662653] create_pending_snapshots+0x97/0xc0 [btrfs]\n [251067.663413] btrfs_commit_transaction+0x26e/0xc00 [btrfs]\n [251067.664257] ? btrfs_qgroup_convert_reserved_meta+0x35/0x390 [btrfs]\n [251067.665238] ? _raw_spin_unlock+0x15/0x30\n [251067.665837] ? record_root_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43361",
"url": "https://www.suse.com/security/cve/CVE-2026-43361"
},
{
"category": "external",
"summary": "SUSE Bug 1264722 for CVE-2026-43361",
"url": "https://bugzilla.suse.com/1264722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43361"
},
{
"cve": "CVE-2026-43362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix in-place encryption corruption in SMB2_write()\n\nSMB2_write() places write payload in iov[1..n] as part of rq_iov.\nsmb3_init_transform_rq() pointer-shares rq_iov, so crypt_message()\nencrypts iov[1] in-place, replacing the original plaintext with\nciphertext. On a replayable error, the retry sends the same iov[1]\nwhich now contains ciphertext instead of the original data,\nresulting in corruption.\n\nThe corruption is most likely to be observed when connections are\nunstable, as reconnects trigger write retries that re-send the\nalready-encrypted data.\n\nThis affects SFU mknod, MF symlinks, etc. On kernels before\n6.10 (prior to the netfs conversion), sync writes also used\nthis path and were similarly affected. The async write path\nwasn\u0027t unaffected as it uses rq_iter which gets deep-copied.\n\nFix by moving the write payload into rq_iter via iov_iter_kvec(),\nso smb3_init_transform_rq() deep-copies it before encryption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43362",
"url": "https://www.suse.com/security/cve/CVE-2026-43362"
},
{
"category": "external",
"summary": "SUSE Bug 1264989 for CVE-2026-43362",
"url": "https://bugzilla.suse.com/1264989"
},
{
"category": "external",
"summary": "SUSE Bug 1264990 for CVE-2026-43362",
"url": "https://bugzilla.suse.com/1264990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43362"
},
{
"cve": "CVE-2026-43405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Use u32 for non-negative values in ceph_monmap_decode()\n\nThis patch fixes unnecessary implicit conversions that change signedness\nof blob_len and num_mon in ceph_monmap_decode().\nCurrently blob_len and num_mon are (signed) int variables. They are used\nto hold values that are always non-negative and get assigned in\nceph_decode_32_safe(), which is meant to assign u32 values. Both\nvariables are subsequently used as unsigned values, and the value of\nnum_mon is further assigned to monmap-\u003enum_mon, which is of type u32.\nTherefore, both variables should be of type u32. This is especially\nrelevant for num_mon. If the value read from the incoming message is\nvery large, it is interpreted as a negative value, and the check for\nnum_mon \u003e CEPH_MAX_MON does not catch it. This leads to the attempt to\nallocate a very large chunk of memory for monmap, which will most likely\nfail. In this case, an unnecessary attempt to allocate memory is\nperformed, and -ENOMEM is returned instead of -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43405",
"url": "https://www.suse.com/security/cve/CVE-2026-43405"
},
{
"category": "external",
"summary": "SUSE Bug 1264741 for CVE-2026-43405",
"url": "https://bugzilla.suse.com/1264741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43405"
},
{
"cve": "CVE-2026-43406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in process_message_header()\n\nIf the message frame is (maliciously) corrupted in a way that the\nlength of the control segment ends up being less than the size of the\nmessage header or a different frame is made to look like a message\nframe, out-of-bounds reads may ensue in process_message_header().\n\nPerform an explicit bounds check before decoding the message header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43406",
"url": "https://www.suse.com/security/cve/CVE-2026-43406"
},
{
"category": "external",
"summary": "SUSE Bug 1265073 for CVE-2026-43406",
"url": "https://bugzilla.suse.com/1265073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43406"
},
{
"cve": "CVE-2026-43407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()\n\nThis patch fixes an out-of-bounds access in ceph_handle_auth_reply()\nthat can be triggered by a message of type CEPH_MSG_AUTH_REPLY. In\nceph_handle_auth_reply(), the value of the payload_len field of such a\nmessage is stored in a variable of type int. A value greater than\nINT_MAX leads to an integer overflow and is interpreted as a negative\nvalue. This leads to decrementing the pointer address by this value and\nsubsequently accessing it because ceph_decode_need() only checks that\nthe memory access does not exceed the end address of the allocation.\n\nThis patch fixes the issue by changing the data type of payload_len to\nu32. Additionally, the data type of result_msg_len is changed to u32,\nas it is also a variable holding a non-negative length.\n\nAlso, an additional layer of sanity checks is introduced, ensuring that\ndirectly after reading it from the message, payload_len and\nresult_msg_len are not greater than the overall segment length.\n\nBUG: KASAN: slab-out-of-bounds in ceph_handle_auth_reply+0x642/0x7a0 [libceph]\nRead of size 4 at addr ffff88811404df14 by task kworker/20:1/262\n\nCPU: 20 UID: 0 PID: 262 Comm: kworker/20:1 Not tainted 6.19.2 #5 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nWorkqueue: ceph-msgr ceph_con_workfn [libceph]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x76/0xa0\n print_report+0xd1/0x620\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? kasan_complete_mode_report_info+0x72/0x210\n kasan_report+0xe7/0x130\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n __asan_report_load_n_noabort+0xf/0x20\n ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n mon_dispatch+0x973/0x23d0 [libceph]\n ? apparmor_socket_recvmsg+0x6b/0xa0\n ? __pfx_mon_dispatch+0x10/0x10 [libceph]\n ? __kasan_check_write+0x14/0x30i\n ? mutex_unlock+0x7f/0xd0\n ? __pfx_mutex_unlock+0x10/0x10\n ? __pfx_do_recvmsg+0x10/0x10 [libceph]\n ceph_con_process_message+0x1f1/0x650 [libceph]\n process_message+0x1e/0x450 [libceph]\n ceph_con_v2_try_read+0x2e48/0x6c80 [libceph]\n ? __pfx_ceph_con_v2_try_read+0x10/0x10 [libceph]\n ? save_fpregs_to_fpstate+0xb0/0x230\n ? raw_spin_rq_unlock+0x17/0xa0\n ? finish_task_switch.isra.0+0x13b/0x760\n ? __switch_to+0x385/0xda0\n ? __kasan_check_write+0x14/0x30\n ? mutex_lock+0x8d/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n ceph_con_workfn+0x248/0x10c0 [libceph]\n process_one_work+0x629/0xf80\n ? __kasan_check_write+0x14/0x30\n worker_thread+0x87f/0x1570\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? __pfx_try_to_wake_up+0x10/0x10\n ? kasan_print_address_stack_frame+0x1f7/0x280\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x396/0x830\n ? __pfx__raw_spin_lock_irq+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ? __kasan_check_write+0x14/0x30\n ? recalc_sigpending+0x180/0x210\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x3f7/0x610\n ? __pfx_ret_from_fork+0x10/0x10\n ? __switch_to+0x385/0xda0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n[ idryomov: replace if statements with ceph_decode_need() for\n payload_len and result_msg_len ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43407",
"url": "https://www.suse.com/security/cve/CVE-2026-43407"
},
{
"category": "external",
"summary": "SUSE Bug 1265020 for CVE-2026-43407",
"url": "https://bugzilla.suse.com/1265020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43407"
},
{
"cve": "CVE-2026-43411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix divide-by-zero in tipc_sk_filter_connect()\n\nA user can set conn_timeout to any value via\nsetsockopt(TIPC_CONN_TIMEOUT), including values less than 4. When a\nSYN is rejected with TIPC_ERR_OVERLOAD and the retry path in\ntipc_sk_filter_connect() executes:\n\n delay %= (tsk-\u003econn_timeout / 4);\n\nIf conn_timeout is in the range [0, 3], the integer division yields 0,\nand the modulo operation triggers a divide-by-zero exception, causing a\nkernel oops/panic.\n\nFix this by clamping conn_timeout to a minimum of 4 at the point of use\nin tipc_sk_filter_connect().\n\nOops: divide error: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 119 Comm: poc-F144 Not tainted 7.0.0-rc2+\nRIP: 0010:tipc_sk_filter_rcv (net/tipc/socket.c:2236 net/tipc/socket.c:2362)\nCall Trace:\n tipc_sk_backlog_rcv (include/linux/instrumented.h:82 include/linux/atomic/atomic-instrumented.h:32 include/net/sock.h:2357 net/tipc/socket.c:2406)\n __release_sock (include/net/sock.h:1185 net/core/sock.c:3213)\n release_sock (net/core/sock.c:3797)\n tipc_connect (net/tipc/socket.c:2570)\n __sys_connect (include/linux/file.h:62 include/linux/file.h:83 net/socket.c:2098)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43411",
"url": "https://www.suse.com/security/cve/CVE-2026-43411"
},
{
"category": "external",
"summary": "SUSE Bug 1264672 for CVE-2026-43411",
"url": "https://bugzilla.suse.com/1264672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43411"
},
{
"cve": "CVE-2026-43413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix NULL pointer exception during user_scan()\n\nuser_scan() invokes updated sas_user_scan() for channel 0, and if\nsuccessful, iteratively scans remaining channels (1 to shost-\u003emax_channel)\nvia scsi_scan_host_selected() in commit 37c4e72b0651 (\"scsi: Fix\nsas_user_scan() to handle wildcard and multi-channel scans\"). However,\nhisi_sas supports only one channel, and the current value of max_channel is\n1. sas_user_scan() for channel 1 will trigger the following NULL pointer\nexception:\n\n[ 441.554662] Unable to handle kernel NULL pointer dereference at virtual address 00000000000008b0\n[ 441.554699] Mem abort info:\n[ 441.554710] ESR = 0x0000000096000004\n[ 441.554718] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 441.554723] SET = 0, FnV = 0\n[ 441.554726] EA = 0, S1PTW = 0\n[ 441.554730] FSC = 0x04: level 0 translation fault\n[ 441.554735] Data abort info:\n[ 441.554737] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 441.554742] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 441.554747] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 441.554752] user pgtable: 4k pages, 48-bit VAs, pgdp=00000828377a6000\n[ 441.554757] [00000000000008b0] pgd=0000000000000000, p4d=0000000000000000\n[ 441.554769] Internal error: Oops: 0000000096000004 [#1] SMP\n[ 441.629589] Modules linked in: arm_spe_pmu arm_smmuv3_pmu tpm_tis_spi hisi_uncore_sllc_pmu hisi_uncore_pa_pmu hisi_uncore_l3c_pmu hisi_uncore_hha_pmu hisi_uncore_ddrc_pmu hisi_uncore_cpa_pmu hns3_pmu hisi_ptt hisi_pcie_pmu tpm_tis_core spidev spi_hisi_sfc_v3xx hisi_uncore_pmu spi_dw_mmio fuse hclge hclge_common hisi_sec2 hisi_hpre hisi_zip hisi_qm hns3 hisi_sas_v3_hw sm3_ce sbsa_gwdt hnae3 hisi_sas_main uacce hisi_dma i2c_hisi dm_mirror dm_region_hash dm_log dm_mod\n[ 441.670819] CPU: 46 UID: 0 PID: 6994 Comm: bash Kdump: loaded Not tainted 7.0.0-rc2+ #84 PREEMPT\n[ 441.691327] pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[ 441.698277] pc : sas_find_dev_by_rphy+0x44/0x118\n[ 441.702896] lr : sas_find_dev_by_rphy+0x3c/0x118\n[ 441.707502] sp : ffff80009abbba40\n[ 441.710805] x29: ffff80009abbba40 x28: ffff082819a40008 x27: ffff082810c37c08\n[ 441.717930] x26: ffff082810c37c28 x25: ffff082819a40290 x24: ffff082810c37c00\n[ 441.725054] x23: 0000000000000000 x22: 0000000000000001 x21: ffff082819a40000\n[ 441.732179] x20: ffff082819a40290 x19: 0000000000000000 x18: 0000000000000020\n[ 441.739304] x17: 0000000000000000 x16: ffffb5dad6bda690 x15: 00000000ffffffff\n[ 441.746428] x14: ffff082814c3b26c x13: 00000000ffffffff x12: ffff082814c3b26a\n[ 441.753553] x11: 00000000000000c0 x10: 000000000000003a x9 : ffffb5dad5ea94f4\n[ 441.760678] x8 : 000000000000003a x7 : ffff80009abbbab0 x6 : 0000000000000030\n[ 441.767802] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n[ 441.774926] x2 : ffff08280f35a300 x1 : ffffb5dad7127180 x0 : 0000000000000000\n[ 441.782053] Call trace:\n[ 441.784488] sas_find_dev_by_rphy+0x44/0x118 (P)\n[ 441.789095] sas_target_alloc+0x24/0xb0\n[ 441.792920] scsi_alloc_target+0x290/0x330\n[ 441.797010] __scsi_scan_target+0x88/0x258\n[ 441.801096] scsi_scan_channel+0x74/0xb8\n[ 441.805008] scsi_scan_host_selected+0x170/0x188\n[ 441.809615] sas_user_scan+0xfc/0x148\n[ 441.813267] store_scan+0x10c/0x180\n[ 441.816743] dev_attr_store+0x20/0x40\n[ 441.820398] sysfs_kf_write+0x84/0xa8\n[ 441.824054] kernfs_fop_write_iter+0x130/0x1c8\n[ 441.828487] vfs_write+0x2c0/0x370\n[ 441.831880] ksys_write+0x74/0x118\n[ 441.835271] __arm64_sys_write+0x24/0x38\n[ 441.839182] invoke_syscall+0x50/0x120\n[ 441.842919] el0_svc_common.constprop.0+0xc8/0xf0\n[ 441.847611] do_el0_svc+0x24/0x38\n[ 441.850913] el0_svc+0x38/0x158\n[ 441.854043] el0t_64_sync_handler+0xa0/0xe8\n[ 441.858214] el0t_64_sync+0x1ac/0x1b0\n[ 441.861865] Code: aa1303e0 97ff70a8 34ffff80 d10a4273 (f9445a75)\n[ 441.867946] ---[ end trace 0000000000000000 ]---\n\nTherefore\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43413",
"url": "https://www.suse.com/security/cve/CVE-2026-43413"
},
{
"category": "external",
"summary": "SUSE Bug 1264671 for CVE-2026-43413",
"url": "https://bugzilla.suse.com/1264671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43413"
},
{
"cve": "CVE-2026-43414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Completely fix fcport double free\n\nIn qla24xx_els_dcmd_iocb() sp-\u003efree is set to qla2x00_els_dcmd_sp_free().\nWhen an error happens, this function is called by qla2x00_sp_release(),\nwhen kref_put() releases the first and the last reference.\n\nqla2x00_els_dcmd_sp_free() frees fcport by calling qla2x00_free_fcport().\nDoing it one more time after kref_put() is a bad idea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43414",
"url": "https://www.suse.com/security/cve/CVE-2026-43414"
},
{
"category": "external",
"summary": "SUSE Bug 1264669 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "external",
"summary": "SUSE Bug 1264670 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43414"
},
{
"cve": "CVE-2026-43455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmctp: route: hold key-\u003elock in mctp_flow_prepare_output()\n\nmctp_flow_prepare_output() checks key-\u003edev and may call\nmctp_dev_set_key(), but it does not hold key-\u003elock while doing so.\n\nmctp_dev_set_key() and mctp_dev_release_key() are annotated with\n__must_hold(\u0026key-\u003elock), so key-\u003edev access is intended to be\nserialized by key-\u003elock. The mctp_sendmsg() transmit path reaches\nmctp_flow_prepare_output() via mctp_local_output() -\u003e mctp_dst_output()\nwithout holding key-\u003elock, so the check-and-set sequence is racy.\n\nExample interleaving:\n\n CPU0 CPU1\n ---- ----\n mctp_flow_prepare_output(key, devA)\n if (!key-\u003edev) // sees NULL\n mctp_flow_prepare_output(\n key, devB)\n if (!key-\u003edev) // still NULL\n mctp_dev_set_key(devB, key)\n mctp_dev_hold(devB)\n key-\u003edev = devB\n mctp_dev_set_key(devA, key)\n mctp_dev_hold(devA)\n key-\u003edev = devA // overwrites devB\n\nNow both devA and devB references were acquired, but only the final\nkey-\u003edev value is tracked for release. One reference can be lost,\ncausing a resource leak as mctp_dev_release_key() would only decrease\nthe reference on one dev.\n\nFix by taking key-\u003elock around the key-\u003edev check and\nmctp_dev_set_key() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43455",
"url": "https://www.suse.com/security/cve/CVE-2026-43455"
},
{
"category": "external",
"summary": "SUSE Bug 1264765 for CVE-2026-43455",
"url": "https://bugzilla.suse.com/1264765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43455"
},
{
"cve": "CVE-2026-43469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: Decrement re_receiving on the early exit paths\n\nIn the event that rpcrdma_post_recvs() fails to create a work request\n(due to memory allocation failure, say) or otherwise exits early, we\nshould decrement ep-\u003ere_receiving before returning. Otherwise we will\nhang in rpcrdma_xprt_drain() as re_receiving will never reach zero and\nthe completion will never be triggered.\n\nOn a system with high memory pressure, this can appear as the following\nhung task:\n\n INFO: task kworker/u385:17:8393 blocked for more than 122 seconds.\n Tainted: G S E 6.19.0 #3\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u385:17 state:D stack:0 pid:8393 tgid:8393 ppid:2 task_flags:0x4248060 flags:0x00080000\n Workqueue: xprtiod xprt_autoclose [sunrpc]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x48b/0x18b0\n ? ib_post_send_mad+0x247/0xae0 [ib_core]\n schedule+0x27/0xf0\n schedule_timeout+0x104/0x110\n __wait_for_common+0x98/0x180\n ? __pfx_schedule_timeout+0x10/0x10\n wait_for_completion+0x24/0x40\n rpcrdma_xprt_disconnect+0x444/0x460 [rpcrdma]\n xprt_rdma_close+0x12/0x40 [rpcrdma]\n xprt_autoclose+0x5f/0x120 [sunrpc]\n process_one_work+0x191/0x3e0\n worker_thread+0x2e3/0x420\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x230\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x273/0x2b0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43469",
"url": "https://www.suse.com/security/cve/CVE-2026-43469"
},
{
"category": "external",
"summary": "SUSE Bug 1265143 for CVE-2026-43469",
"url": "https://bugzilla.suse.com/1265143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43469"
},
{
"cve": "CVE-2026-43470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: return EISDIR on nfs3_proc_create if d_alias is a dir\n\nIf we found an alias through nfs3_do_create/nfs_add_or_obtain\n/d_splice_alias which happens to be a dir dentry, we don\u0027t return\nany error, and simply forget about this alias, but the original\ndentry we were adding and passed as parameter remains negative.\n\nThis later causes an oops on nfs_atomic_open_v23/finish_open since we\nsupply a negative dentry to do_dentry_open.\n\nThis has been observed running lustre-racer, where dirs and files are\ncreated/removed concurrently with the same name and O_EXCL is not\nused to open files (frequent file redirection).\n\nWhile d_splice_alias typically returns a directory alias or NULL, we\nexplicitly check d_is_dir() to ensure that we don\u0027t attempt to perform\nfile operations (like finish_open) on a directory inode, which triggers\nthe observed oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43470",
"url": "https://www.suse.com/security/cve/CVE-2026-43470"
},
{
"category": "external",
"summary": "SUSE Bug 1265128 for CVE-2026-43470",
"url": "https://bugzilla.suse.com/1265128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43470"
},
{
"cve": "CVE-2026-43483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated\n\nExplicitly set/clear CR8 write interception when AVIC is (de)activated to\nfix a bug where KVM leaves the interception enabled after AVIC is\nactivated. E.g. if KVM emulates INIT=\u003eWFS while AVIC is deactivated, CR8\nwill remain intercepted in perpetuity.\n\nOn its own, the dangling CR8 intercept is \"just\" a performance issue, but\ncombined with the TPR sync bug fixed by commit d02e48830e3f (\"KVM: SVM:\nSync TPR from LAPIC into VMCB::V_TPR even if AVIC is active\"), the danging\nintercept is fatal to Windows guests as the TPR seen by hardware gets\nwildly out of sync with reality.\n\nNote, VMX isn\u0027t affected by the bug as TPR_THRESHOLD is explicitly ignored\nwhen Virtual Interrupt Delivery is enabled, i.e. when APICv is active in\nKVM\u0027s world. I.e. there\u0027s no need to trigger update_cr8_intercept(), this\nis firmly an SVM implementation flaw/detail.\n\nWARN if KVM gets a CR8 write #VMEXIT while AVIC is active, as KVM should\nnever enter the guest with AVIC enabled and CR8 writes intercepted.\n\n[Squash fix to avic_deactivate_vmcb. - Paolo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43483",
"url": "https://www.suse.com/security/cve/CVE-2026-43483"
},
{
"category": "external",
"summary": "SUSE Bug 1265240 for CVE-2026-43483",
"url": "https://bugzilla.suse.com/1265240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43483"
},
{
"cve": "CVE-2026-43491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit the maximum server registration per node\n\nCurrent code does no bound checking on the number of servers added per\nnode. A malicious client can flood NEW_SERVER messages and exhaust memory.\n\nFix this issue by limiting the maximum number of server registrations to\n256 per node. If the NEW_SERVER message is received for an old port, then\ndon\u0027t restrict it as it will get replaced. While at it, also rate limit\nthe error messages in the failure path of qrtr_ns_worker().\n\nNote that the limit of 256 is chosen based on the current platform\nrequirements. If requirement changes in the future, this limit can be\nincreased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43491",
"url": "https://www.suse.com/security/cve/CVE-2026-43491"
},
{
"category": "external",
"summary": "SUSE Bug 1265628 for CVE-2026-43491",
"url": "https://bugzilla.suse.com/1265628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-43491"
},
{
"cve": "CVE-2026-43499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtmutex: Use waiter::task instead of current in remove_waiter()\n\nremove_waiter() is used by the slowlock paths, but it is also used for\nproxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from\nfutex_requeue().\n\nIn the latter case waiter::task is not current, but remove_waiter()\noperates on current for the dequeue operation. That results in several\nproblems:\n\n 1) the rbtree dequeue happens without waiter::task::pi_lock being held\n\n 2) the waiter task\u0027s pi_blocked_on state is not cleared, which leaves a\n dangling pointer primed for UAF around.\n\n 3) rt_mutex_adjust_prio_chain() operates on the wrong top priority waiter\n task\n\nUse waiter::task instead of current in all related operations in\nremove_waiter() to cure those problems.\n\n[ tglx: Fixup rt_mutex_adjust_prio_chain(), add a comment and amend the\n \tchangelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43499",
"url": "https://www.suse.com/security/cve/CVE-2026-43499"
},
{
"category": "external",
"summary": "SUSE Bug 1266001 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "external",
"summary": "SUSE Bug 1266014 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43499"
},
{
"cve": "CVE-2026-43501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43501"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: rpl: reserve mac_len headroom when recompressed SRH grows\n\nipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header, swaps\nthe next segment into ipv6_hdr-\u003edaddr, recompresses, then pulls the old\nheader and pushes the new one plus the IPv6 header back. The\nrecompressed header can be larger than the received one when the swap\nreduces the common-prefix length the segments share with daddr (CmprI=0,\nCmprE\u003e0, seg[0][0] != daddr[0] gives the maximum +8 bytes).\n\npskb_expand_head() was gated on segments_left == 0, so on earlier\nsegments the push consumed unchecked headroom. Once skb_push() leaves\nfewer than skb-\u003emac_len bytes in front of data,\nskb_mac_header_rebuild()\u0027s call to:\n\n\tskb_set_mac_header(skb, -skb-\u003emac_len);\n\nwill store (data - head) - mac_len into the u16 mac_header field, which\nwraps to ~65530, and the following memmove() writes mac_len bytes ~64KiB\npast skb-\u003ehead.\n\nA single AF_INET6/SOCK_RAW/IPV6_HDRINCL packet over lo with a two\nsegment type-3 SRH (CmprI=0, CmprE=15) reaches headroom 8 after one\npass; KASAN reports a 14-byte OOB write in ipv6_rthdr_rcv.\n\nFix this by expanding the head whenever the remaining room is less than\nthe push size plus mac_len, and request that much extra so the rebuilt\nMAC header fits afterwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43501",
"url": "https://www.suse.com/security/cve/CVE-2026-43501"
},
{
"category": "external",
"summary": "SUSE Bug 1266009 for CVE-2026-43501",
"url": "https://bugzilla.suse.com/1266009"
},
{
"category": "external",
"summary": "SUSE Bug 1266015 for CVE-2026-43501",
"url": "https://bugzilla.suse.com/1266015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43501"
},
{
"cve": "CVE-2026-43503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: propagate shared-frag marker through frag-transfer helpers\n\nTwo frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail\nto propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()-\u003eflags when\nmoving frags from source to destination. __pskb_copy_fclone() defers\nthe rest of the shinfo metadata to skb_copy_header() after copying\nfrag descriptors, but that helper only carries over gso_{size,segs,\ntype} and never touches skb_shinfo()-\u003eflags; skb_shift() moves frag\ndescriptors directly and leaves flags untouched. As a result, the\ndestination skb keeps a reference to the same externally-owned or\npage-cache-backed pages while reporting skb_has_shared_frag() as\nfalse.\n\nThe mismatch is harmful in any in-place writer that uses\nskb_has_shared_frag() to decide whether shared pages must be detoured\nthrough skb_cow_data(). ESP input is one such writer (esp4.c,\nesp6.c), and a single nft \u0027dup to \u003clocal\u003e\u0027 rule -- or any other\nnf_dup_ipv4() / xt_TEE caller -- is enough to land a pskb_copy()\u0027d\nskb in esp_input() with the marker stripped, letting an unprivileged\nuser write into the page cache of a root-owned read-only file via\nauthencesn-ESN stray writes.\n\nSet SKBFL_SHARED_FRAG on the destination whenever frag descriptors\nwere actually moved from the source. skb_copy() and skb_copy_expand()\nshare skb_copy_header() too but linearize all paged data into freshly\nallocated head storage and emerge with nr_frags == 0, so\nskb_has_shared_frag() returns false on its own; they need no change.\n\nThe same omission exists in skb_gro_receive() and skb_gro_receive_list().\nThe former moves the incoming skb\u0027s frag descriptors into the\naccumulator\u0027s last sub-skb via two paths (a direct frag-move loop and\nthe head_frag + memcpy path); the latter chains the incoming skb whole\nonto p\u0027s frag_list. Downstream skb_segment() reads only\nskb_shinfo(p)-\u003eflags, and skb_segment_list() reuses each sub-skb\u0027s\nshinfo as the nskb -- both p and lp must carry the marker.\n\nThe same omission also exists in tcp_clone_payload(), which builds an\nMTU probe skb by moving frag descriptors from skbs on sk_write_queue\ninto a freshly allocated nskb. The helper falls into the same family\nand warrants the same fix for consistency; no TCP TX-side in-place\nwriter is currently known to reach a user page through this gap, but\na future consumer depending on the marker would regress silently.\n\nThe same omission exists in skb_segment(): the per-iteration flag\nmerge takes only head_skb\u0027s flag, and the inner switch that rebinds\nfrag_skb to list_skb on head_skb-frags exhaustion does not fold the\nnew frag_skb\u0027s flag into nskb. Fold frag_skb\u0027s flag at both sites\nso segments drawing frags from frag_list members carry the marker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43503",
"url": "https://www.suse.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "SUSE Bug 1265209 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265209"
},
{
"category": "external",
"summary": "SUSE Bug 1265960 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "external",
"summary": "SUSE Bug 1266229 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1266229"
},
{
"category": "external",
"summary": "SUSE Bug 1269878 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1269878"
},
{
"category": "external",
"summary": "SUSE Bug 1270098 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1270098"
},
{
"category": "external",
"summary": "SUSE Bug 1270100 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1270100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-43503"
},
{
"cve": "CVE-2026-45840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: cap upcall PID array size and pre-size vport replies\n\nThe vport netlink reply helpers allocate a fixed-size skb with\nnlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\narray via ovs_vport_get_upcall_portids(). Since\novs_vport_set_upcall_portids() accepts any non-zero multiple of\nsizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\narray large enough to overflow the reply buffer, causing nla_put() to\nfail with -EMSGSIZE and hitting BUG_ON(err \u003c 0). On systems with\nunprivileged user namespaces enabled (e.g., Ubuntu default), this is\nreachable via unshare -Urn since OVS vport mutation operations use\nGENL_UNS_ADMIN_PERM.\n\n kernel BUG at net/openvswitch/datapath.c:2414!\n Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n genl_rcv_msg (net/netlink/genetlink.c:1194)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sys_sendto (net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nReject attempts to set more PIDs than nr_cpu_ids in\novs_vport_set_upcall_portids(), and pre-compute the worst-case reply\nsize in ovs_vport_cmd_msg_size() based on that bound, similar to the\nexisting ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\nused by the per-CPU dispatch configuration on the datapath side\n(ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\ntwo sides stay consistent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45840",
"url": "https://www.suse.com/security/cve/CVE-2026-45840"
},
{
"category": "external",
"summary": "SUSE Bug 1266397 for CVE-2026-45840",
"url": "https://bugzilla.suse.com/1266397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45840"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: reject VJ receive packets on instances with no rstate array\n\nslhc_init() accepts rslots == 0 as a valid configuration, with the\ndocumented meaning of \u0027no receive compression\u0027. In that case the\nallocation loop in slhc_init() is skipped, so comp-\u003erstate stays\nNULL and comp-\u003erslot_limit stays 0 (from the kzalloc of struct\nslcompress).\n\nThe receive helpers do not defend against that configuration.\nslhc_uncompress() dereferences comp-\u003erstate[x] when the VJ header\ncarries an explicit connection ID, and slhc_remember() later assigns\ncs = \u0026comp-\u003erstate[...] after only comparing the packet\u0027s slot number\nto comp-\u003erslot_limit. Because rslot_limit is 0, slot 0 passes the\nrange check, and the code dereferences a NULL rstate.\n\nThe configuration is reachable in-tree through PPP. PPPIOCSMAXCID\nstores its argument in a signed int, and (val \u003e\u003e 16) uses arithmetic\nshift. Passing 0xffff0000 therefore sign-extends to -1, so val2 + 1\nis 0 and ppp_generic.c ends up calling slhc_init(0, 1). Because\n/dev/ppp open is gated by ns_capable(CAP_NET_ADMIN), the whole path\nis reachable from an unprivileged user namespace. Once the malformed\nVJ state is installed, any inbound VJ-compressed or VJ-uncompressed\nframe that selects slot 0 crashes the kernel in softirq context:\n\n Oops: general protection fault, probably for non-canonical\n address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:slhc_uncompress (drivers/net/slip/slhc.c:519)\n Call Trace:\n \u003cTASK\u003e\n ppp_receive_nonmp_frame (drivers/net/ppp/ppp_generic.c:2466)\n ppp_input (drivers/net/ppp/ppp_generic.c:2359)\n ppp_async_process (drivers/net/ppp/ppp_async.c:492)\n tasklet_action_common (kernel/softirq.c:926)\n handle_softirqs (kernel/softirq.c:623)\n run_ksoftirqd (kernel/softirq.c:1055)\n smpboot_thread_fn (kernel/smpboot.c:160)\n kthread (kernel/kthread.c:436)\n ret_from_fork (arch/x86/kernel/process.c:164)\n \u003c/TASK\u003e\n\nReject the receive side on such instances instead of touching rstate.\nslhc_uncompress() falls through to its existing \u0027bad\u0027 label, which\nbumps sls_i_error and enters the toss state. slhc_remember() mirrors\nthat with an explicit sls_i_error increment followed by slhc_toss();\nthe sls_i_runt counter is not used here because a missing rstate is\nan internal configuration state, not a runt packet.\n\nThe transmit path is unaffected: the only in-tree caller that picks\nrslots from userspace (ppp_generic.c) still supplies tslots \u003e= 1, and\nslip.c always calls slhc_init(16, 16), so comp-\u003etstate remains valid\nand slhc_compress() continues to work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45842",
"url": "https://www.suse.com/security/cve/CVE-2026-45842"
},
{
"category": "external",
"summary": "SUSE Bug 1266400 for CVE-2026-45842",
"url": "https://bugzilla.suse.com/1266400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45842"
},
{
"cve": "CVE-2026-45843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: bound decode() reads against the compressed packet length\n\nslhc_uncompress() parses a VJ-compressed TCP header by advancing a\npointer through the packet via decode() and pull16(). Neither helper\nbounds-checks against isize, and decode() masks its return with\n\u0026 0xffff so it can never return the -1 that callers test for -- those\nerror paths are dead code.\n\nA short compressed frame whose change byte requests optional fields\nlets decode() read past the end of the packet. The over-read bytes\nare folded into the cached cstate and reflected into subsequent\nreconstructed packets.\n\nMake decode() and pull16() take the packet end pointer and return -1\nwhen exhausted. Add a bounds check before the TCP-checksum read.\nThe existing == -1 tests now do what they were always meant to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45843",
"url": "https://www.suse.com/security/cve/CVE-2026-45843"
},
{
"category": "external",
"summary": "SUSE Bug 1266395 for CVE-2026-45843",
"url": "https://bugzilla.suse.com/1266395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45843"
},
{
"cve": "CVE-2026-45846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst()\n\nbareudp_fill_metadata_dst() passes bareudp-\u003esock to\nudp_tunnel6_dst_lookup() in the IPv6 path without a NULL check.\nThe socket is only created in bareudp_open() and NULLed in\nbareudp_stop(), so calling this function while the device is down\ntriggers a NULL dereference via sock-\u003esk.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n RIP: 0010:udp_tunnel6_dst_lookup (net/ipv6/ip6_udp_tunnel.c:160)\n Call Trace:\n \u003cTASK\u003e\n bareudp_fill_metadata_dst (drivers/net/bareudp.c:532)\n do_execute_actions (net/openvswitch/actions.c:901)\n ovs_execute_actions (net/openvswitch/actions.c:1589)\n ovs_packet_cmd_execute (net/openvswitch/datapath.c:700)\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1114)\n genl_rcv_msg (net/netlink/genetlink.c:1209)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n \u003c/TASK\u003e\n\nAdd a NULL check returning -ESHUTDOWN, consistent with the xmit paths\nin the same driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45846",
"url": "https://www.suse.com/security/cve/CVE-2026-45846"
},
{
"category": "external",
"summary": "SUSE Bug 1266394 for CVE-2026-45846",
"url": "https://bugzilla.suse.com/1266394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45846"
},
{
"cve": "CVE-2026-45852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix double free in rxe_srq_from_init\n\nIn rxe_srq_from_init(), the queue pointer \u0027q\u0027 is assigned to\n\u0027srq-\u003erq.queue\u0027 before copying the SRQ number to user space.\nIf copy_to_user() fails, the function calls rxe_queue_cleanup()\nto free the queue, but leaves the now-invalid pointer in\n\u0027srq-\u003erq.queue\u0027.\n\nThe caller of rxe_srq_from_init() (rxe_create_srq) eventually\ncalls rxe_srq_cleanup() upon receiving the error, which triggers\na second rxe_queue_cleanup() on the same memory, leading to a\ndouble free.\n\nThe call trace looks like this:\n kmem_cache_free+0x.../0x...\n rxe_queue_cleanup+0x1a/0x30 [rdma_rxe]\n rxe_srq_cleanup+0x42/0x60 [rdma_rxe]\n rxe_elem_release+0x31/0x70 [rdma_rxe]\n rxe_create_srq+0x12b/0x1a0 [rdma_rxe]\n ib_create_srq_user+0x9a/0x150 [ib_core]\n\nFix this by moving \u0027srq-\u003erq.queue = q\u0027 after copy_to_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45852",
"url": "https://www.suse.com/security/cve/CVE-2026-45852"
},
{
"category": "external",
"summary": "SUSE Bug 1266711 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "external",
"summary": "SUSE Bug 1266727 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-45852"
},
{
"cve": "CVE-2026-45856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send\n\nib_uverbs_post_send() uses cmd.wqe_size from userspace without any\nvalidation before passing it to kmalloc() and using the allocated\nbuffer as struct ib_uverbs_send_wr.\n\nIf a user provides a small wqe_size value (e.g., 1), kmalloc() will\nsucceed, but subsequent accesses to user_wr-\u003eopcode, user_wr-\u003enum_sge,\nand other fields will read beyond the allocated buffer, resulting in\nan out-of-bounds read from kernel heap memory. This could potentially\nleak sensitive kernel information to userspace.\n\nAdditionally, providing an excessively large wqe_size can trigger a\nWARNING in the memory allocation path, as reported by syzkaller.\n\nThis is inconsistent with ib_uverbs_unmarshall_recv() which properly\nvalidates that wqe_size \u003e= sizeof(struct ib_uverbs_recv_wr) before\nproceeding.\n\nAdd the same validation for ib_uverbs_post_send() to ensure wqe_size\nis at least sizeof(struct ib_uverbs_send_wr).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45856",
"url": "https://www.suse.com/security/cve/CVE-2026-45856"
},
{
"category": "external",
"summary": "SUSE Bug 1266720 for CVE-2026-45856",
"url": "https://bugzilla.suse.com/1266720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45856"
},
{
"cve": "CVE-2026-45862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Flush cache for PASID table before using it\n\nWhen writing the address of a freshly allocated zero-initialized PASID\ntable to a PASID directory entry, do that after the CPU cache flush for\nthis PASID table, not before it, to avoid the time window when this\nPASID table may be already used by non-coherent IOMMU hardware while\nits contents in RAM is still some random old data, not zero-initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45862",
"url": "https://www.suse.com/security/cve/CVE-2026-45862"
},
{
"category": "external",
"summary": "SUSE Bug 1266705 for CVE-2026-45862",
"url": "https://bugzilla.suse.com/1266705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45862"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix watch_id bounds checking in debug address watch v2\n\nThe address watch clear code receives watch_id as an unsigned value\n(u32), but some helper functions were using a signed int and checked\nbits by shifting with watch_id.\n\nIf a very large watch_id is passed from userspace, it can be converted\nto a negative value. This can cause invalid shifts and may access\nmemory outside the watch_points array.\n\ndrm/amdkfd: Fix watch_id bounds checking in debug address watch v2\n\nFix this by checking that watch_id is within MAX_WATCH_ADDRESSES before\nusing it. Also use BIT(watch_id) to test and clear bits safely.\n\nThis keeps the behavior unchanged for valid watch IDs and avoids\nundefined behavior for invalid ones.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_debug.c:448\nkfd_dbg_trap_clear_dev_address_watch() error: buffer overflow\n\u0027pdd-\u003ewatch_points\u0027 4 \u003c= u32max user_rl=\u00270-3,2147483648-u32max\u0027 uncapped\n\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_debug.c\n 433 int kfd_dbg_trap_clear_dev_address_watch(struct kfd_process_device *pdd,\n 434 uint32_t watch_id)\n 435 {\n 436 int r;\n 437\n 438 if (!kfd_dbg_owns_dev_watch_id(pdd, watch_id))\n\nkfd_dbg_owns_dev_watch_id() doesn\u0027t check for negative values so if\nwatch_id is larger than INT_MAX it leads to a buffer overflow.\n(Negative shifts are undefined).\n\n 439 return -EINVAL;\n 440\n 441 if (!pdd-\u003edev-\u003ekfd-\u003eshared_resources.enable_mes) {\n 442 r = debug_lock_and_unmap(pdd-\u003edev-\u003edqm);\n 443 if (r)\n 444 return r;\n 445 }\n 446\n 447 amdgpu_gfx_off_ctrl(pdd-\u003edev-\u003eadev, false);\n--\u003e 448 pdd-\u003ewatch_points[watch_id] = pdd-\u003edev-\u003ekfd2kgd-\u003eclear_address_watch(\n 449 pdd-\u003edev-\u003eadev,\n 450 watch_id);\n\nv2: (as per, Jonathan Kim)\n - Add early watch_id \u003e= MAX_WATCH_ADDRESSES validation in the set path to\n match the clear path.\n - Drop the redundant bounds check in kfd_dbg_owns_dev_watch_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45878",
"url": "https://www.suse.com/security/cve/CVE-2026-45878"
},
{
"category": "external",
"summary": "SUSE Bug 1266767 for CVE-2026-45878",
"url": "https://bugzilla.suse.com/1266767"
},
{
"category": "external",
"summary": "SUSE Bug 1266768 for CVE-2026-45878",
"url": "https://bugzilla.suse.com/1266768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-45878"
},
{
"cve": "CVE-2026-45886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_xdp_store_bytes proto for read-only arg\n\nWhile making some maps in Cilium read-only from the BPF side, we noticed\nthat the bpf_xdp_store_bytes proto is incorrect. In particular, the\nverifier was throwing the following error:\n\n ; ret = ctx_store_bytes(ctx, l3_off + offsetof(struct iphdr, saddr),\n \u0026nat-\u003eaddress, 4, 0);\n 635: (79) r1 = *(u64 *)(r10 -144) ; R1=ctx() R10=fp0 fp-144=ctx()\n 636: (b4) w2 = 26 ; R2=26\n 637: (b4) w4 = 4 ; R4=4\n 638: (b4) w5 = 0 ; R5=0\n 639: (85) call bpf_xdp_store_bytes#190\n write into map forbidden, value_size=6 off=0 size=4\n\nnat comes from a BPF_F_RDONLY_PROG map, so R3 is a PTR_TO_MAP_VALUE.\nThe verifier checks the helper\u0027s memory access to R3 in\ncheck_mem_size_reg, as it reaches ARG_CONST_SIZE argument. The third\nargument has expected type ARG_PTR_TO_UNINIT_MEM, which includes the\nMEM_WRITE flag. The verifier thus checks for a BPF_WRITE access on R3.\nGiven R3 points to a read-only map, the check fails.\n\nConversely, ARG_PTR_TO_UNINIT_MEM can also lead to the helper reading\nfrom uninitialized memory.\n\nThis patch simply fixes the expected argument type to match that of\nbpf_skb_store_bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45886",
"url": "https://www.suse.com/security/cve/CVE-2026-45886"
},
{
"category": "external",
"summary": "SUSE Bug 1266810 for CVE-2026-45886",
"url": "https://bugzilla.suse.com/1266810"
},
{
"category": "external",
"summary": "SUSE Bug 1266851 for CVE-2026-45886",
"url": "https://bugzilla.suse.com/1266851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-45886"
},
{
"cve": "CVE-2026-45894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clear Present bit before tearing down PASID entry\n\nThe Intel VT-d Scalable Mode PASID table entry consists of 512 bits (64\nbytes). When tearing down an entry, the current implementation zeros the\nentire 64-byte structure immediately using multiple 64-bit writes.\n\nSince the IOMMU hardware may fetch these 64 bytes using multiple\ninternal transactions (e.g., four 128-bit bursts), updating or zeroing\nthe entire entry while it is active (P=1) risks a \"torn\" read. If a\nhardware fetch occurs simultaneously with the CPU zeroing the entry, the\nhardware could observe an inconsistent state, leading to unpredictable\nbehavior or spurious faults.\n\nFollow the \"Guidance to Software for Invalidations\" in the VT-d spec\n(Section 6.5.3.3) by implementing the recommended ownership handshake:\n\n1. Clear only the \u0027Present\u0027 (P) bit of the PASID entry.\n2. Use a dma_wmb() to ensure the cleared bit is visible to hardware\n before proceeding.\n3. Execute the required invalidation sequence (PASID cache, IOTLB, and\n Device-TLB flush) to ensure the hardware has released all cached\n references.\n4. Only after the flushes are complete, zero out the remaining fields\n of the PASID entry.\n\nAlso, add a dma_wmb() in pasid_set_present() to ensure that all other\nfields of the PASID entry are visible to the hardware before the Present\nbit is set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45894",
"url": "https://www.suse.com/security/cve/CVE-2026-45894"
},
{
"category": "external",
"summary": "SUSE Bug 1266895 for CVE-2026-45894",
"url": "https://bugzilla.suse.com/1266895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45894"
},
{
"cve": "CVE-2026-45910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix race condition in QP timer handlers\n\nI encontered the following warning:\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:249 at rxe_sched_task+0x1c8/0x238 [rdma_rxe], CPU#0: swapper/0/0\n...\n libsha1 [last unloaded: ip6_udp_tunnel]\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G C 6.19.0-rc5-64k-v8+ #37 PREEMPT\n Tainted: [C]=CRAP\n Hardware name: Raspberry Pi 4 Model B Rev 1.2\n Call trace:\n rxe_sched_task+0x1c8/0x238 [rdma_rxe] (P)\n retransmit_timer+0x130/0x188 [rdma_rxe]\n call_timer_fn+0x68/0x4d0\n __run_timers+0x630/0x888\n...\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:38 at rxe_sched_task+0x1c0/0x238 [rdma_rxe], CPU#0: swapper/0/0\n...\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:111 at do_work+0x488/0x5c8 [rdma_rxe], CPU#3: kworker/u17:4/93400\n...\n refcount_t: underflow; use-after-free.\n WARNING: lib/refcount.c:28 at refcount_warn_saturate+0x138/0x1a0, CPU#3: kworker/u17:4/93400\n\nThe issue is caused by a race condition between retransmit_timer() and\nrxe_destroy_qp, leading to the Queue Pair\u0027s (QP) reference count dropping\nto zero during timer handler execution.\n\nIt seems this warning is harmless because rxe_qp_do_cleanup() will flush\nall pending timers and requests.\n\nExample of flow causing the issue:\n\nCPU0 CPU1\nretransmit_timer() {\n spin_lock_irqsave\n rxe_destroy_qp()\n __rxe_cleanup()\n __rxe_put() // qp-\u003eref_count decrease to 0\n rxe_qp_do_cleanup() {\n if (qp-\u003evalid) {\n rxe_sched_task() {\n WARN_ON(rxe_read(task-\u003eqp) \u003c= 0);\n }\n }\n spin_unlock_irqrestore\n}\n spin_lock_irqsave\n qp-\u003evalid = 0\n spin_unlock_irqrestore\n }\n\nEnsure the QP\u0027s reference count is maintained and its validity is checked\nwithin the timer callbacks by adding calls to rxe_get(qp) and corresponding\nrxe_put(qp) after use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45910",
"url": "https://www.suse.com/security/cve/CVE-2026-45910"
},
{
"category": "external",
"summary": "SUSE Bug 1266889 for CVE-2026-45910",
"url": "https://bugzilla.suse.com/1266889"
},
{
"category": "external",
"summary": "SUSE Bug 1266907 for CVE-2026-45910",
"url": "https://bugzilla.suse.com/1266907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-45910"
},
{
"cve": "CVE-2026-45932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix tcx/netkit detach permissions when prog fd isn\u0027t given\n\nThis commit fixes a security issue where BPF_PROG_DETACH on tcx or\nnetkit devices could be executed by any user when no program fd was\nprovided, bypassing permission checks. The fix adds a capability\ncheck for CAP_NET_ADMIN or CAP_SYS_ADMIN in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45932",
"url": "https://www.suse.com/security/cve/CVE-2026-45932"
},
{
"category": "external",
"summary": "SUSE Bug 1266827 for CVE-2026-45932",
"url": "https://bugzilla.suse.com/1266827"
},
{
"category": "external",
"summary": "SUSE Bug 1266829 for CVE-2026-45932",
"url": "https://bugzilla.suse.com/1266829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-45932"
},
{
"cve": "CVE-2026-45940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix oops when split header is enabled\n\nFor GMAC4, when split header is enabled, in some rare cases, the\nhardware does not fill buf2 of the first descriptor with payload.\nThus we cannot assume buf2 is always fully filled if it is not\nthe last descriptor. Otherwise, the length of buf2 of the second\ndescriptor will be calculated wrong and cause an oops:\n\nUnable to handle kernel paging request at virtual address ffff00019246bfc0\n...\nx2 : 0000000000000040 x1 : ffff00019246bfc0 x0 : ffff00009246c000\nCall trace:\n dcache_inval_poc+0x28/0x58 (P)\n dma_direct_sync_single_for_cpu+0x38/0x6c\n __dma_sync_single_for_cpu+0x34/0x6c\n stmmac_napi_poll_rx+0x8f0/0xb60\n __napi_poll.constprop.0+0x30/0x144\n net_rx_action+0x160/0x274\n handle_softirqs+0x1b8/0x1fc\n...\n\nTo fix this, the PL bit-field in RDES3 register is used for all\ndescriptors, whether it is the last descriptor or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45940",
"url": "https://www.suse.com/security/cve/CVE-2026-45940"
},
{
"category": "external",
"summary": "SUSE Bug 1266916 for CVE-2026-45940",
"url": "https://bugzilla.suse.com/1266916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45940"
},
{
"cve": "CVE-2026-45961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix memory leaks in gfs2_fill_super error path\n\nFix two memory leaks in the gfs2_fill_super() error handling path when\ntransitioning a filesystem to read-write mode fails.\n\nFirst leak: kthread objects (thread_struct, task_struct, etc.)\nWhen gfs2_freeze_lock_shared() fails after init_threads() succeeds, the\ncreated kernel threads (logd and quotad) are never destroyed. This\noccurs because the fail_per_node label doesn\u0027t call\ngfs2_destroy_threads().\n\nSecond leak: quota bitmap buffer (8192 bytes)\nWhen gfs2_make_fs_rw() fails after gfs2_quota_init() succeeds but\nbefore other operations complete, the allocated quota bitmap is never\nfreed.\n\nThe fix moves thread cleanup to the fail_per_node label to handle all\nerror paths uniformly. gfs2_destroy_threads() is safe to call\nunconditionally as it checks for NULL pointers. Quota cleanup is added\nin gfs2_make_fs_rw() to properly handle the withdrawal case where\nquota initialization succeeds but the filesystem is then withdrawn.\n\nThread leak backtrace (gfs2_freeze_lock_shared failure):\n unreferenced object 0xffff88801d7bca80 (size 4480):\n copy_process+0x3a1/0x4670 kernel/fork.c:2422\n kernel_clone+0xf3/0x6e0 kernel/fork.c:2779\n kthread_create_on_node+0x100/0x150 kernel/kthread.c:478\n init_threads+0xab/0x350 fs/gfs2/ops_fstype.c:611\n gfs2_fill_super+0xe5c/0x1240 fs/gfs2/ops_fstype.c:1265\n\nQuota leak backtrace (gfs2_make_fs_rw failure):\n unreferenced object 0xffff88812de7c000 (size 8192):\n gfs2_quota_init+0xe5/0x820 fs/gfs2/quota.c:1409\n gfs2_make_fs_rw+0x7a/0xe0 fs/gfs2/super.c:149\n gfs2_fill_super+0xfbb/0x1240 fs/gfs2/ops_fstype.c:1275",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45961",
"url": "https://www.suse.com/security/cve/CVE-2026-45961"
},
{
"category": "external",
"summary": "SUSE Bug 1266933 for CVE-2026-45961",
"url": "https://bugzilla.suse.com/1266933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "low"
}
],
"title": "CVE-2026-45961"
},
{
"cve": "CVE-2026-45964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix gss_auth kref leak in gss_alloc_msg error path\n\nCommit 5940d1cf9f42 (\"SUNRPC: Rebalance a kref in auth_gss.c\") added\na kref_get(\u0026gss_auth-\u003ekref) call to balance the gss_put_auth() done\nin gss_release_msg(), but forgot to add a corresponding kref_put()\non the error path when kstrdup_const() fails.\n\nIf service_name is non-NULL and kstrdup_const() fails, the function\njumps to err_put_pipe_version which calls put_pipe_version() and\nkfree(gss_msg), but never releases the gss_auth reference. This leads\nto a kref leak where the gss_auth structure is never freed.\n\nAdd a forward declaration for gss_free_callback() and call kref_put()\nin the err_put_pipe_version error path to properly release the\nreference taken earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45964",
"url": "https://www.suse.com/security/cve/CVE-2026-45964"
},
{
"category": "external",
"summary": "SUSE Bug 1266698 for CVE-2026-45964",
"url": "https://bugzilla.suse.com/1266698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45964"
},
{
"cve": "CVE-2026-45965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix invalid deref of rawdata when export_binary is unset\n\nIf the export_binary parameter is disabled on runtime, profiles that\nwere loaded before that will still have their rawdata stored in\napparmorfs, with a symbolic link to the rawdata on the policy\ndirectory. When one of those profiles are replaced, the rawdata is set\nto NULL, but when trying to resolve the symbolic links to rawdata for\nthat profile, it will try to dereference profile-\u003erawdata-\u003ename when\nprofile-\u003erawdata is now NULL causing an oops. Fix it by checking if\nrawdata is set.\n\n[ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088\n[ 168.657420] #PF: supervisor read access in kernel mode\n[ 168.660619] #PF: error_code(0x0000) - not-present page\n[ 168.663613] PGD 0 P4D 0\n[ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary)\n[ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330\n[ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 \u003c48\u003e 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8\n[ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282\n[ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158\n[ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80\n[ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000\n[ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80\n[ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0\n[ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000\n[ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0\n[ 168.701696] Call Trace:\n[ 168.702325] \u003cTASK\u003e\n[ 168.702995] rawdata_get_link_data+0x1c/0x30\n[ 168.704145] vfs_readlink+0xd4/0x160\n[ 168.705152] do_readlinkat+0x114/0x180\n[ 168.706214] __x64_sys_readlink+0x1e/0x30\n[ 168.708653] x64_sys_call+0x1d77/0x26b0\n[ 168.709525] do_syscall_64+0x81/0x500\n[ 168.710348] ? do_statx+0x72/0xb0\n[ 168.711109] ? putname+0x3e/0x80\n[ 168.711845] ? __x64_sys_statx+0xb7/0x100\n[ 168.712711] ? x64_sys_call+0x10fc/0x26b0\n[ 168.713577] ? do_syscall_64+0xbf/0x500\n[ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0\n[ 168.715404] ? irqentry_exit+0xb2/0x740\n[ 168.716359] ? exc_page_fault+0x90/0x1b0\n[ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45965",
"url": "https://www.suse.com/security/cve/CVE-2026-45965"
},
{
"category": "external",
"summary": "SUSE Bug 1267208 for CVE-2026-45965",
"url": "https://bugzilla.suse.com/1267208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45965"
},
{
"cve": "CVE-2026-45970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: alb: fix UAF in rlb_arp_recv during bond up/down\n\nThe ALB RX path may access rx_hashtbl concurrently with bond\nteardown. During rapid bond up/down cycles, rlb_deinitialize()\nfrees rx_hashtbl while RX handlers are still running, leading\nto a null pointer dereference detected by KASAN.\n\nHowever, the root cause is that rlb_arp_recv() can still be accessed\nafter setting recv_probe to NULL, which is actually a use-after-free\n(UAF) issue. That is the reason for using the referenced commit in the\nFixes tag.\n\n[ 214.174138] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001d: 0000 [#1] SMP KASAN PTI\n[ 214.186478] KASAN: null-ptr-deref in range [0x00000000000000e8-0x00000000000000ef]\n[ 214.194933] CPU: 30 UID: 0 PID: 2375 Comm: ping Kdump: loaded Not tainted 6.19.0-rc8+ #2 PREEMPT(voluntary)\n[ 214.205907] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.14.0 01/14/2022\n[ 214.214357] RIP: 0010:rlb_arp_recv+0x505/0xab0 [bonding]\n[ 214.220320] Code: 0f 85 2b 05 00 00 48 b8 00 00 00 00 00 fc ff df 40 0f b6 ed 48 c1 e5 06 49 03 ad 78 01 00 00 48 8d 7d 28 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6\n 04 02 84 c0 74 06 0f 8e 12 05 00 00 80 7d 28 00 0f 84 8c 00\n[ 214.241280] RSP: 0018:ffffc900073d8870 EFLAGS: 00010206\n[ 214.247116] RAX: dffffc0000000000 RBX: ffff888168556822 RCX: ffff88816855681e\n[ 214.255082] RDX: 000000000000001d RSI: dffffc0000000000 RDI: 00000000000000e8\n[ 214.263048] RBP: 00000000000000c0 R08: 0000000000000002 R09: ffffed11192021c8\n[ 214.271013] R10: ffff8888c9010e43 R11: 0000000000000001 R12: 1ffff92000e7b119\n[ 214.278978] R13: ffff8888c9010e00 R14: ffff888168556822 R15: ffff888168556810\n[ 214.286943] FS: 00007f85d2d9cb80(0000) GS:ffff88886ccb3000(0000) knlGS:0000000000000000\n[ 214.295966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 214.302380] CR2: 00007f0d047b5e34 CR3: 00000008a1c2e002 CR4: 00000000001726f0\n[ 214.310347] Call Trace:\n[ 214.313070] \u003cIRQ\u003e\n[ 214.315318] ? __pfx_rlb_arp_recv+0x10/0x10 [bonding]\n[ 214.320975] bond_handle_frame+0x166/0xb60 [bonding]\n[ 214.326537] ? __pfx_bond_handle_frame+0x10/0x10 [bonding]\n[ 214.332680] __netif_receive_skb_core.constprop.0+0x576/0x2710\n[ 214.339199] ? __pfx_arp_process+0x10/0x10\n[ 214.343775] ? sched_balance_find_src_group+0x98/0x630\n[ 214.349513] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10\n[ 214.356513] ? arp_rcv+0x307/0x690\n[ 214.360311] ? __pfx_arp_rcv+0x10/0x10\n[ 214.364499] ? __lock_acquire+0x58c/0xbd0\n[ 214.368975] __netif_receive_skb_one_core+0xae/0x1b0\n[ 214.374518] ? __pfx___netif_receive_skb_one_core+0x10/0x10\n[ 214.380743] ? lock_acquire+0x10b/0x140\n[ 214.385026] process_backlog+0x3f1/0x13a0\n[ 214.389502] ? process_backlog+0x3aa/0x13a0\n[ 214.394174] __napi_poll.constprop.0+0x9f/0x370\n[ 214.399233] net_rx_action+0x8c1/0xe60\n[ 214.403423] ? __pfx_net_rx_action+0x10/0x10\n[ 214.408193] ? lock_acquire.part.0+0xbd/0x260\n[ 214.413058] ? sched_clock_cpu+0x6c/0x540\n[ 214.417540] ? mark_held_locks+0x40/0x70\n[ 214.421920] handle_softirqs+0x1fd/0x860\n[ 214.426302] ? __pfx_handle_softirqs+0x10/0x10\n[ 214.431264] ? __neigh_event_send+0x2d6/0xf50\n[ 214.436131] do_softirq+0xb1/0xf0\n[ 214.439830] \u003c/IRQ\u003e\n\nThe issue is reproducible by repeatedly running\nip link set bond0 up/down while receiving ARP messages, where\nrlb_arp_recv() can race with rlb_deinitialize() and dereference\na freed rx_hashtbl entry.\n\nFix this by setting recv_probe to NULL and then calling\nsynchronize_net() to wait for any concurrent RX processing to finish.\nThis ensures that no RX handler can access rx_hashtbl after it is freed\nin bond_alb_deinitialize().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45970",
"url": "https://www.suse.com/security/cve/CVE-2026-45970"
},
{
"category": "external",
"summary": "SUSE Bug 1267205 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "external",
"summary": "SUSE Bug 1267206 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-45970"
},
{
"cve": "CVE-2026-45974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45974",
"url": "https://www.suse.com/security/cve/CVE-2026-45974"
},
{
"category": "external",
"summary": "SUSE Bug 1266922 for CVE-2026-45974",
"url": "https://bugzilla.suse.com/1266922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45974"
},
{
"cve": "CVE-2026-45983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: never defer requests during idmap lookup\n\nDuring v4 request compound arg decoding, some ops (e.g. SETATTR)\ncan trigger idmap lookup upcalls. When those upcall responses get\ndelayed beyond the allowed time limit, cache_check() will mark the\nrequest for deferral and cause it to be dropped.\n\nThis prevents nfs4svc_encode_compoundres from being executed, and\nthus the session slot flag NFSD4_SLOT_INUSE never gets cleared.\nSubsequent client requests will fail with NFSERR_JUKEBOX, given\nthat the slot will be marked as in-use, making the SEQUENCE op\nfail.\n\nFix this by making sure that the RQ_USEDEFERRAL flag is always\nclear during nfs4svc_decode_compoundargs(), since no v4 request\nshould ever be deferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45983",
"url": "https://www.suse.com/security/cve/CVE-2026-45983"
},
{
"category": "external",
"summary": "SUSE Bug 1266697 for CVE-2026-45983",
"url": "https://bugzilla.suse.com/1266697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-45983"
},
{
"cve": "CVE-2026-45984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix use-after-free in iomap inline data write path\n\nThe inline data buffer head (dibh) is being released prematurely in\ngfs2_iomap_begin() via release_metapath() while iomap-\u003einline_data\nstill points to dibh-\u003eb_data. This causes a use-after-free when\niomap_write_end_inline() later attempts to write to the inline data\narea.\n\nThe bug sequence:\n1. gfs2_iomap_begin() calls gfs2_meta_inode_buffer() to read inode\n metadata into dibh\n2. Sets iomap-\u003einline_data = dibh-\u003eb_data + sizeof(struct gfs2_dinode)\n3. Calls release_metapath() which calls brelse(dibh), dropping refcount\n to 0\n4. kswapd reclaims the page (~39ms later in the syzbot report)\n5. iomap_write_end_inline() tries to memcpy() to iomap-\u003einline_data\n6. KASAN detects use-after-free write to freed memory\n\nFix by storing dibh in iomap-\u003eprivate and incrementing its refcount\nwith get_bh() in gfs2_iomap_begin(). The buffer is then properly\nreleased in gfs2_iomap_end() after the inline write completes,\nensuring the page stays alive for the entire iomap operation.\n\nNote: A C reproducer is not available for this issue. The fix is based\non analysis of the KASAN report and code review showing the buffer head\nis freed before use.\n\n[agruenba: Take buffer head reference in gfs2_iomap_begin() to avoid\nleaks in gfs2_iomap_get() and gfs2_iomap_alloc().]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45984",
"url": "https://www.suse.com/security/cve/CVE-2026-45984"
},
{
"category": "external",
"summary": "SUSE Bug 1267214 for CVE-2026-45984",
"url": "https://bugzilla.suse.com/1267214"
},
{
"category": "external",
"summary": "SUSE Bug 1267215 for CVE-2026-45984",
"url": "https://bugzilla.suse.com/1267215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-45984"
},
{
"cve": "CVE-2026-46004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: caiaq: Handle probe errors properly\n\nThe probe procedure of setup_card() in caiaq driver doesn\u0027t treat the\nerror cases gracefully, e.g. the error from snd_card_register() calls\nsnd_card_free() but continues. This would lead to a UAF for the\nfurther calls like snd_usb_caiaq_control_init(), as Berk suggested in\nanother patch in the link below.\n\nHowever, the problem is not only that; in general, this function drops\nthe all error handlings (as it\u0027s a void function) although its caller\ncan propagate an error to snd_probe(), which eventually calls\nsnd_card_free() as a proper error path. That said, we should treat\neach error case in setup_card(), and just return the error code\npromptly, which is then handled later as a fatal error in snd_probe().\n\nThis patch achieves it by changing the setup_card() to return an error\ncode. Also, the superfluous snd_card_free() call is removed, too.\n\nNote that card-\u003eprivate_free can be set still safely at returning an\nerror. All called functions in card_free() have checks of the\nunassigned resources or NULL checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46004",
"url": "https://www.suse.com/security/cve/CVE-2026-46004"
},
{
"category": "external",
"summary": "SUSE Bug 1267222 for CVE-2026-46004",
"url": "https://bugzilla.suse.com/1267222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46004"
},
{
"cve": "CVE-2026-46005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix a resource leak in xfs_alloc_buftarg()\n\nIn the error path, call fs_put_dax() to drop the DAX\ndevice reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46005",
"url": "https://www.suse.com/security/cve/CVE-2026-46005"
},
{
"category": "external",
"summary": "SUSE Bug 1267431 for CVE-2026-46005",
"url": "https://bugzilla.suse.com/1267431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46005"
},
{
"cve": "CVE-2026-46021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Fix thermal zone governor cleanup issues\n\nIf thermal_zone_device_register_with_trips() fails after adding\na thermal governor to the thermal zone being registered, the\ngovernor is not removed from it as appropriate which may lead to\na memory leak.\n\nIn turn, thermal_zone_device_unregister() calls thermal_set_governor()\nwithout acquiring the thermal zone lock beforehand which may race with\na governor update via sysfs and may lead to a use-after-free in that\ncase.\n\nAddress these issues by adding two thermal_set_governor() calls, one to\nthermal_release() to remove the governor from the given thermal zone,\nand one to the thermal zone registration error path to cover failures\npreceding the thermal zone device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46021",
"url": "https://www.suse.com/security/cve/CVE-2026-46021"
},
{
"category": "external",
"summary": "SUSE Bug 1267220 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "external",
"summary": "SUSE Bug 1267221 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46021"
},
{
"cve": "CVE-2026-46024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()\n\nIf a message of type CEPH_MSG_AUTH_REPLY contains a zero value for both\nprotocol and result, this is currently not treated as an error. In case\nof ac-\u003enegotiating == true and ac-\u003eprotocol \u003e 0, this leads to setting\nac-\u003eprotocol = 0 and ac-\u003eops = NULL. Thereafter, the check for\nac-\u003eprotocol != protocol returns false, and init_protocol() is not\ncalled. Subsequently, ac-\u003eops-\u003ehandle_reply() is called, which leads to\na null pointer dereference, because ac-\u003eops is still NULL.\n\nThis patch changes the check for ac-\u003eprotocol != protocol to\n!ac-\u003eprotocol, as this also includes the case when the protocol was set\nto zero in the message. This causes the message to be treated as\ncontaining a bad auth protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46024",
"url": "https://www.suse.com/security/cve/CVE-2026-46024"
},
{
"category": "external",
"summary": "SUSE Bug 1267218 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "external",
"summary": "SUSE Bug 1267219 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267219"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46024"
},
{
"cve": "CVE-2026-46037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: icmp: validate reply type before using icmp_pointers\n\nExtended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type.\nThat value is outside the range covered by icmp_pointers[], which only\ndescribes the traditional ICMP types up to NR_ICMP_TYPES.\n\nAvoid consulting icmp_pointers[] for reply types outside that range, and\nuse array_index_nospec() for the remaining in-range lookup. Normal ICMP\nreplies keep their existing behavior unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46037",
"url": "https://www.suse.com/security/cve/CVE-2026-46037"
},
{
"category": "external",
"summary": "SUSE Bug 1267361 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "external",
"summary": "SUSE Bug 1267362 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46037"
},
{
"cve": "CVE-2026-46043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv\n\nrxe_rcv() currently checks only that the incoming packet is at least\nheader_size(pkt) bytes long before payload_size() is used.\n\nHowever, payload_size() subtracts both the attacker-controlled BTH pad\nfield and RXE_ICRC_SIZE from pkt-\u003epaylen:\n\n payload_size = pkt-\u003epaylen - offset[RXE_PAYLOAD] - bth_pad(pkt)\n - RXE_ICRC_SIZE\n\nThis means a short packet can still make payload_size() underflow even\nif it includes enough bytes for the fixed headers. Simply requiring\nheader_size(pkt) + RXE_ICRC_SIZE is not sufficient either, because a\npacket with a forged non-zero BTH pad can still leave payload_size()\nnegative and pass an underflowed value to later receive-path users.\n\nFix this by validating pkt-\u003epaylen against the full minimum length\nrequired by payload_size(): header_size(pkt) + bth_pad(pkt) +\nRXE_ICRC_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46043",
"url": "https://www.suse.com/security/cve/CVE-2026-46043"
},
{
"category": "external",
"summary": "SUSE Bug 1266901 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "external",
"summary": "SUSE Bug 1266902 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46043"
},
{
"cve": "CVE-2026-46079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrbd: fix null-ptr-deref when device_add_disk() fails\n\ndo_rbd_add() publishes the device with device_add() before calling\ndevice_add_disk(). If device_add_disk() fails after device_add()\nsucceeds, the error path calls rbd_free_disk() directly and then later\nfalls through to rbd_dev_device_release(), which calls rbd_free_disk()\nagain. This double teardown can leave blk-mq cleanup operating on\ninvalid state and trigger a null-ptr-deref in\n__blk_mq_free_map_and_rqs(), reached from blk_mq_free_tag_set().\n\nFix this by following the normal remove ordering: call device_del()\nbefore rbd_dev_device_release() when device_add_disk() fails after\ndevice_add(). That keeps the teardown sequence consistent and avoids\nre-entering disk cleanup through the wrong path.\n\nThe bug was first flagged by an experimental analysis tool we are\ndeveloping for kernel memory-management bugs while analyzing\nv6.13-rc1. The tool is still under development and is not yet publicly\navailable.\n\nWe reproduced the bug on v7.0 with a real Ceph backend and a QEMU x86_64\nguest booted with KASAN and CONFIG_FAILSLAB enabled. The reproducer\nconfines failslab injections to the __add_disk() range and injects\nfail-nth while mapping an RBD image through\n/sys/bus/rbd/add_single_major.\n\nOn the unpatched kernel, fail-nth=4 reliably triggered the fault:\n\n\tOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n\tKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n\tCPU: 0 UID: 0 PID: 273 Comm: bash Not tainted 7.0.0-01247-gd60bc1401583 #6 PREEMPT(lazy)\n\tHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n\tRIP: 0010:__blk_mq_free_map_and_rqs+0x8c/0x240\n\tCode: 00 00 48 8b 6b 60 41 89 f4 49 c1 e4 03 4c 01 e5 45 85 ed 0f 85 0a 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 e9 48 c1 e9 03 \u003c80\u003e 3c 01 00 0f 85 31 01 00 00 4c 8b 6d 00 4d 85 ed 0f 84 e2 00 00\n\tRSP: 0018:ff1100000ab0fac8 EFLAGS: 00000246\n\tRAX: dffffc0000000000 RBX: ff1100000c4806a0 RCX: 0000000000000000\n\tRDX: 0000000000000002 RSI: 0000000000000000 RDI: ff1100000c4806f4\n\tRBP: 0000000000000000 R08: 0000000000000001 R09: ffe21c000189001b\n\tR10: ff1100000c4800df R11: ff1100006cf37be0 R12: 0000000000000000\n\tR13: 0000000000000000 R14: ff1100000c480700 R15: ff1100000c480004\n\tFS: 00007f0fbe8fe740(0000) GS:ff110000e5851000(0000) knlGS:0000000000000000\n\tCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\tCR2: 00007fe53473b2e0 CR3: 0000000012eef000 CR4: 00000000007516f0\n\tPKRU: 55555554\n\tCall Trace:\n\t \u003cTASK\u003e\n\t blk_mq_free_tag_set+0x77/0x460\n\t do_rbd_add+0x1446/0x2b80\n\t ? __pfx_do_rbd_add+0x10/0x10\n\t ? lock_acquire+0x18c/0x300\n\t ? find_held_lock+0x2b/0x80\n\t ? sysfs_file_kobj+0xb6/0x1b0\n\t ? __pfx_sysfs_kf_write+0x10/0x10\n\t kernfs_fop_write_iter+0x2f4/0x4a0\n\t vfs_write+0x98e/0x1000\n\t ? expand_files+0x51f/0x850\n\t ? __pfx_vfs_write+0x10/0x10\n\t ksys_write+0xf2/0x1d0\n\t ? __pfx_ksys_write+0x10/0x10\n\t do_syscall_64+0x115/0x690\n\t entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\tRIP: 0033:0x7f0fbea15907\n\tCode: 10 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24\n\tRSP: 002b:00007ffe22346ea8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n\tRAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0fbea15907\n\tRDX: 0000000000000058 RSI: 0000563ace6c0ef0 RDI: 0000000000000001\n\tRBP: 0000563ace6c0ef0 R08: 0000563ace6c0ef0 R09: 6b6435726d694141\n\tR10: 5250337279762f78 R11: 0000000000000246 R12: 0000000000000058\n\tR13: 00007f0fbeb1c780 R14: ff1100000c480700 R15: ff1100000c480004\n\t \u003c/TASK\u003e\n\nWith this fix applied, rerunning the reproducer over fail-nth=1..256\nyields no KASAN reports.\n\n[ idryomov: rename err_out_device_del -\u003e err_out_device ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46079",
"url": "https://www.suse.com/security/cve/CVE-2026-46079"
},
{
"category": "external",
"summary": "SUSE Bug 1266452 for CVE-2026-46079",
"url": "https://bugzilla.suse.com/1266452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46079"
},
{
"cve": "CVE-2026-46083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix resource leaks on device setup failure\n\nMake sure to call controller cleanup() if spi_setup() fails while\nregistering a device to avoid leaking any resources allocated by\nsetup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46083",
"url": "https://www.suse.com/security/cve/CVE-2026-46083"
},
{
"category": "external",
"summary": "SUSE Bug 1266696 for CVE-2026-46083",
"url": "https://bugzilla.suse.com/1266696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46083"
},
{
"cve": "CVE-2026-46090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: aloop: Fix peer runtime UAF during format-change stop\n\nloopback_check_format() may stop the capture side when playback starts\nwith parameters that no longer match a running capture stream. Commit\n826af7fa62e3 (\"ALSA: aloop: Fix racy access at PCM trigger\") moved\nthe peer lookup under cable-\u003elock, but the actual snd_pcm_stop() still\nruns after dropping that lock.\n\nA concurrent close can clear the capture entry from cable-\u003estreams[] and\ndetach or free its runtime while the playback trigger path still holds a\nstale peer substream pointer.\n\nKeep a per-cable count of in-flight peer stops before dropping\ncable-\u003elock, and make free_cable() wait for those stops before\ndetaching the runtime. This preserves the existing behavior while\nmaking the peer runtime lifetime explicit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46090",
"url": "https://www.suse.com/security/cve/CVE-2026-46090"
},
{
"category": "external",
"summary": "SUSE Bug 1267531 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "external",
"summary": "SUSE Bug 1267895 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46090"
},
{
"cve": "CVE-2026-46094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bounds check in check_xattrs() to prevent out-of-bounds access\n\nThe bounds check for the next xattr entry in check_xattrs() uses\n(void *)next \u003e= end, which allows next to point within sizeof(u32)\nbytes of end. On the next loop iteration, IS_LAST_ENTRY() reads 4\nbytes via *(__u32 *)(entry), which can overrun the valid xattr region.\n\nFor example, if next lands at end - 1, the check passes since\nnext \u003c end, but IS_LAST_ENTRY() reads 4 bytes starting at end - 1,\naccessing 3 bytes beyond the valid region.\n\nFix this by changing the check to (void *)next + sizeof(u32) \u003e end,\nensuring there is always enough space for the IS_LAST_ENTRY() read\non the subsequent iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46094",
"url": "https://www.suse.com/security/cve/CVE-2026-46094"
},
{
"category": "external",
"summary": "SUSE Bug 1266927 for CVE-2026-46094",
"url": "https://bugzilla.suse.com/1266927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46094"
},
{
"cve": "CVE-2026-46101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: reject zero shift in nft_bitwise\n\nReject zero shift operands for nft_bitwise left and right shift\nexpressions during initialization.\n\nThe carry propagation logic computes the carry from the adjacent 32-bit\nword using BITS_PER_TYPE(u32) - shift. A zero shift operand turns this\ninto a 32-bit shift, which is undefined behaviour.\n\nReject zero shift operands in the control plane, alongside the existing\ncheck for values greater than or equal to 32, so malformed rules never\nreach the packet path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46101",
"url": "https://www.suse.com/security/cve/CVE-2026-46101"
},
{
"category": "external",
"summary": "SUSE Bug 1266878 for CVE-2026-46101",
"url": "https://bugzilla.suse.com/1266878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46101"
},
{
"cve": "CVE-2026-46110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Prevent NULL deref when RX memory exhausted\n\nThe CPU receives frames from the MAC through conventional DMA: the CPU\nallocates buffers for the MAC, then the MAC fills them and returns\nownership to the CPU. For each hardware RX queue, the CPU and MAC\ncoordinate through a shared ring array of DMA descriptors: one\ndescriptor per DMA buffer. Each descriptor includes the buffer\u0027s\nphysical address and a status flag (\"OWN\") indicating which side owns\nthe buffer: OWN=0 for CPU, OWN=1 for MAC. The CPU is only allowed to set\nthe flag and the MAC is only allowed to clear it, and both must move\nthrough the ring in sequence: thus the ring is used for both\n\"submissions\" and \"completions.\"\n\nIn the stmmac driver, stmmac_rx() bookmarks its position in the ring\nwith the `cur_rx` index. The main receive loop in that function checks\nfor rx_descs[cur_rx].own=0, gives the corresponding buffer to the\nnetwork stack (NULLing the pointer), and increments `cur_rx` modulo the\nring size. After the loop exits, stmmac_rx_refill(), which bookmarks its\nposition with `dirty_rx`, allocates fresh buffers and rearms the\ndescriptors (setting OWN=1). If it fails any allocation, it simply stops\nearly (leaving OWN=0) and will retry where it left off when next called.\n\nThis means descriptors have a three-stage lifecycle (terms my own):\n- `empty` (OWN=1, buffer valid)\n- `full` (OWN=0, buffer valid and populated)\n- `dirty` (OWN=0, buffer NULL)\n\nBut because stmmac_rx() only checks OWN, it confuses `full`/`dirty`. In\nthe past (see \u0027Fixes:\u0027), there was a bug where the loop could cycle\n`cur_rx` all the way back to the first descriptor it dirtied, resulting\nin a NULL dereference when mistaken for `full`. The aforementioned\ncommit resolved that *specific* failure by capping the loop\u0027s iteration\nlimit at `dma_rx_size - 1`, but this is only a partial fix: if the\nprevious stmmac_rx_refill() didn\u0027t complete, then there are leftover\n`dirty` descriptors that the loop might encounter without needing to\ncycle fully around. The current code therefore panics (see \u0027Closes:\u0027)\nwhen stmmac_rx_refill() is memory-starved long enough for `cur_rx` to\ncatch up to `dirty_rx`.\n\nFix this by explicitly checking, before advancing `cur_rx`, if the next\nentry is dirty; exit the loop if so. This prevents processing of the\nfinal, used descriptor until stmmac_rx_refill() succeeds, but\nfully prevents the `cur_rx == dirty_rx` ambiguity as the previous bugfix\nintended: so remove the clamp as well. Since stmmac_rx_zc() is a\ncopy-paste-and-tweak of stmmac_rx() and the code structure is identical,\nany fix to stmmac_rx() will also need a corresponding fix for\nstmmac_rx_zc(). Therefore, apply the same check there.\n\nIn stmmac_rx() (not stmmac_rx_zc()), a related bug remains: after the\nMAC sets OWN=0 on the final descriptor, it will be unable to send any\nfurther DMA-complete IRQs until it\u0027s given more `empty` descriptors.\nCurrently, the driver simply *hopes* that the next stmmac_rx_refill()\nsucceeds, risking an indefinite stall of the receive process if not. But\nthis is not a regression, so it can be addressed in a future change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46110",
"url": "https://www.suse.com/security/cve/CVE-2026-46110"
},
{
"category": "external",
"summary": "SUSE Bug 1266759 for CVE-2026-46110",
"url": "https://bugzilla.suse.com/1266759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46110"
},
{
"cve": "CVE-2026-46111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: fix potential UAF in create_big_sync\n\nAdd hci_conn_valid() check in create_big_sync() to detect stale\nconnections before proceeding with BIG creation. Handle the\nresulting -ECANCELED in create_big_complete() and re-validate the\nconnection under hci_dev_lock() before dereferencing, matching the\npattern used by create_le_conn_complete() and create_pa_complete().\n\nKeep the hci_conn object alive across the async boundary by taking\na reference via hci_conn_get() when queueing create_big_sync(), and\ndropping it in the completion callback. The refcount and the lock\nare complementary: the refcount keeps the object allocated, while\nhci_dev_lock() serializes hci_conn_hash_del()\u0027s list_del_rcu() on\nhdev-\u003econn_hash, as required by hci_conn_del().\n\nhci_conn_put() is called outside hci_dev_unlock() so the final put\n(which resolves to kfree() via bt_link_release) does not run under\nhdev-\u003elock, though the release path would be safe either way.\n\nWithout this, create_big_complete() would unconditionally\ndereference the conn pointer on error, causing a use-after-free\nvia hci_connect_cfm() and hci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46111",
"url": "https://www.suse.com/security/cve/CVE-2026-46111"
},
{
"category": "external",
"summary": "SUSE Bug 1267626 for CVE-2026-46111",
"url": "https://bugzilla.suse.com/1267626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46111"
},
{
"cve": "CVE-2026-46113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Fix shadow paging use-after-free due to unexpected GFN\n\nThe shadow MMU computes GFNs for direct shadow pages using sp-\u003egfn plus\nthe SPTE index. This assumption breaks for shadow paging if the guest\npage tables are modified between VM entries (similar to commit\naad885e77496, \"KVM: x86/mmu: Drop/zap existing present SPTE even\nwhen creating an MMIO SPTE\", 2026-03-27). The flow is as follows:\n\n- a PDE is installed for a 2MB mapping, and a page in that area is\n accessed. KVM creates a kvm_mmu_page consisting of 512 4KB pages;\n the kvm_mmu_page is marked by FNAME(fetch) as direct-mapped because\n the guest\u0027s mapping is a huge page (and thus contiguous).\n\n- the PDE mapping is changed from outside the guest.\n\n- the guest accesses another page in the same 2MB area. KVM installs\n a new leaf SPTE and rmap entry; the SPTE uses the \"correct\" GFN\n (i.e. based on the new mapping, as changed in the previous step) but\n that GFN is outside of the [sp-\u003egfn, sp-\u003egfn + 511] range; therefore\n the rmap entry cannot be found and removed when the kvm_mmu_page\n is zapped.\n\n- the memslot that covers the first 2MB mapping is deleted, and the\n kvm_mmu_page for the now-invalid GPA is zapped. However, rmap_remove()\n only looks at the [sp-\u003egfn, sp-\u003egfn + 511] range established in step 1,\n and fails to find the rmap entry that was recorded by step 3.\n\n- any operation that causes an rmap walk for the same page accessed\n by step 3 then walks a stale rmap and dereferences a freed kvm_mmu_page.\n This includes dirty logging or MMU notifier invalidations (e.g., from\n MADV_DONTNEED).\n\nThe underlying issue is that KVM\u0027s walking of shadow PTEs assumes that\nif a SPTE is present when KVM wants to install a non-leaf SPTE, then the\nexisting kvm_mmu_page must be for the correct gfn. Because the only way\nfor the gfn to be wrong is if KVM messed up and failed to zap a SPTE...\nwhich shouldn\u0027t happen, but *actually* only happens in response to a\nguest write.\n\nThat bug dates back literally forever, as even the first version of KVM\nassumes that the GFN matches and walks into the \"wrong\" shadow page.\nHowever, that was only an imprecision until 2032a93d66fa (\"KVM: MMU:\nDon\u0027t allocate gfns page for direct mmu pages\") came along.\n\nFix it by checking for a target gfn mismatch and zapping the existing\nSPTE. That way the old SP and rmap entries are gone, KVM installs\nthe rmap in the right location, and everyone is happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46113",
"url": "https://www.suse.com/security/cve/CVE-2026-46113"
},
{
"category": "external",
"summary": "SUSE Bug 1266969 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "external",
"summary": "SUSE Bug 1266970 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46113"
},
{
"cve": "CVE-2026-46114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads\n\natomic_write_reply() at drivers/infiniband/sw/rxe/rxe_resp.c\nunconditionally dereferences 8 bytes at payload_addr(pkt):\n\n value = *(u64 *)payload_addr(pkt);\n\ncheck_rkey() previously accepted an ATOMIC_WRITE request with pktlen ==\nresid == 0 because the length validation only compared pktlen against\nresid. A remote initiator that sets the RETH length to 0 therefore reaches\natomic_write_reply() with a zero-byte logical payload, and the responder\nreads sizeof(u64) bytes from past the logical end of the packet into\nskb-\u003ehead tailroom, then writes those 8 bytes into the attacker\u0027s MR via\nrxe_mr_do_atomic_write(). That is a remote disclosure of 4 bytes of kernel\ntailroom per probe (the other 4 bytes are the packet\u0027s own trailing ICRC).\n\nIBA oA19-28 defines ATOMIC_WRITE as exactly 8 bytes. Anything else is\nprotocol-invalid. Hoist a strict length check into check_rkey() so the\nresponder never reaches the unchecked dereference, and keep the existing\nWRITE-family length logic for the normal RDMA WRITE path.\n\nReproduced on mainline with an unmodified rxe driver: a sustained\nzero-length ATOMIC_WRITE probe repeatedly leaks adjacent skb head-buffer\nbytes into the attacker\u0027s MR, including recognisable kernel strings and\npartial kernel-direct-map pointer words. With this patch applied the\nresponder rejects the PDU and the MR stays all-zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46114",
"url": "https://www.suse.com/security/cve/CVE-2026-46114"
},
{
"category": "external",
"summary": "SUSE Bug 1266972 for CVE-2026-46114",
"url": "https://bugzilla.suse.com/1266972"
},
{
"category": "external",
"summary": "SUSE Bug 1266973 for CVE-2026-46114",
"url": "https://bugzilla.suse.com/1266973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46114"
},
{
"cve": "CVE-2026-46119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix slab-out-of-bounds access in auth message processing\n\nIf a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY\ncontains a positive value in its result field, it is treated as an\nerror code by ceph_handle_auth_reply() and returned to\nhandle_auth_reply(). Thereafter, an attempt is made to send the\npreallocated message of type CEPH_MSG_AUTH, where the returned value is\ninterpreted as the size of the front segment to send. If the result\nvalue in the message is greater than the size of the memory buffer\nallocated for the front segment, an out-of-bounds access occurs, and\nthe content of the memory region beyond this buffer is sent out.\n\nThis patch fixes the issue by treating only negative values in the\nresult field as errors. Positive values are therefore treated as success\nin the same way as a zero value. Additionally, a BUG_ON is added to\n__send_prepared_auth_request() comparing the len parameter to\nfront_alloc_len to prevent sending the message if it exceeds the bounds\nof the allocation and to make it easier to catch any logic flaws leading\nto this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46119",
"url": "https://www.suse.com/security/cve/CVE-2026-46119"
},
{
"category": "external",
"summary": "SUSE Bug 1267628 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "external",
"summary": "SUSE Bug 1267894 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46119"
},
{
"cve": "CVE-2026-46120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: Use cached t-\u003enet in ip6erspan_changelink().\n\nAfter commit 5e72ce3e3980 (\"net: ipv6: Use link netns in newlink() of\nrtnl_link_ops\"), ip6erspan_newlink() correctly resolves the per-netns\nip6gre hash via link_net. ip6erspan_changelink() was not converted in\nthat series and still uses dev_net(dev), which diverges from the\ndevice\u0027s creation netns after IFLA_NET_NS_FD migration.\n\nThis re-inserts the tunnel into the wrong per-netns hash. The\noriginal netns keeps a stale entry. When that netns is later\ndestroyed, ip6gre_exit_rtnl_net() walks the stale entry, producing a\nslab-use-after-free reported by KASAN, followed by a kernel BUG at\nnet/core/dev.c (LIST_POISON1) in unregister_netdevice_many_notify().\n\nReachable from an unprivileged user namespace (unshare --user\n--map-root-user --net).\n\nip6gre_changelink() earlier in the same file already uses the cached\nt-\u003enet; only ip6erspan_changelink() has the wrong shape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46120",
"url": "https://www.suse.com/security/cve/CVE-2026-46120"
},
{
"category": "external",
"summary": "SUSE Bug 1267640 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "external",
"summary": "SUSE Bug 1267893 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46120"
},
{
"cve": "CVE-2026-46123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: virtio_bt: clamp rx length before skb_put\n\nvirtbt_rx_work() calls skb_put(skb, len) where len comes directly\nfrom virtqueue_get_buf() with no validation against the buffer we\nposted to the device. The RX skb is allocated in virtbt_add_inbuf()\nand exposed to virtio as exactly 1000 bytes via sg_init_one().\n\nChecking len against skb_tailroom(skb) is not sufficient because\nalloc_skb() can leave more tailroom than the 1000 bytes actually\nhanded to the device. A malicious or buggy backend can therefore\nreport used.len between 1001 and skb_tailroom(skb), causing skb_put()\nto include uninitialized kernel heap bytes that were never written by\nthe device.\n\nThe same path also accepts len == 0, in which case skb_put(skb, 0)\nleaves the skb empty but virtbt_rx_handle() still reads the pkt_type\nbyte from skb-\u003edata, consuming uninitialized memory.\n\nDefine VIRTBT_RX_BUF_SIZE once and reuse it in alloc_skb() and\nsg_init_one(), and gate virtbt_rx_work() on that same constant so\nthe bound checked matches the buffer actually exposed to the device.\nReject used.len == 0 in the same gate so an empty completion can\nno longer reach virtbt_rx_handle().\n\nUse bt_dev_err_ratelimited() because the length value comes from an\nuntrusted backend that can otherwise flood the kernel log.\n\nSame class of bug as commit c04db81cd028 (\"net/9p: Fix buffer\noverflow in USB transport layer\"), which hardened the USB 9p\ntransport against unchecked device-reported length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46123",
"url": "https://www.suse.com/security/cve/CVE-2026-46123"
},
{
"category": "external",
"summary": "SUSE Bug 1267621 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "external",
"summary": "SUSE Bug 1267622 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46123"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger\n\nCurrently the runtime.oss.trigger field may be accessed concurrently\nwithout protection, which may lead to the data race. And, in this\ncase, it may lead to more severe problem because it\u0027s a bit field; as\nwriting the data, it may overwrite other bit fields as well, which\nconfuses the operation completely, as spotted by fuzzing.\n\nFix it by covering runtime.oss.trigger bit fled also with the existing\nparams_lock mutex in both snd_pcm_oss_get_trigger() and\nsnd_pcm_oss_poll().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46157",
"url": "https://www.suse.com/security/cve/CVE-2026-46157"
},
{
"category": "external",
"summary": "SUSE Bug 1267726 for CVE-2026-46157",
"url": "https://bugzilla.suse.com/1267726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46157"
},
{
"cve": "CVE-2026-46159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak\n\nbtrfs_ioctl_space_info() has a TOCTOU race between two passes over the\nblock group RAID type lists. The first pass counts entries to determine\nthe allocation size, then the second pass fills the buffer. The\ngroups_sem rwlock is released between passes, allowing concurrent block\ngroup removal to reduce the entry count.\n\nWhen the second pass fills fewer entries than the first pass counted,\ncopy_to_user() copies the full alloc_size bytes including trailing\nuninitialized kmalloc bytes to userspace.\n\nFix by copying only total_spaces entries (the actually-filled count from\nthe second pass) instead of alloc_size bytes, and switch to kzalloc so\nany future copy size mismatch cannot leak heap data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46159",
"url": "https://www.suse.com/security/cve/CVE-2026-46159"
},
{
"category": "external",
"summary": "SUSE Bug 1267652 for CVE-2026-46159",
"url": "https://bugzilla.suse.com/1267652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46159"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: xfrm6: release dst on error in xfrm6_rcv_encap()\n\nxfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not\nalready have a dst attached. ip6_route_input_lookup() returns a\nreferenced dst entry even when the lookup resolves to an error route.\n\nIf dst-\u003eerror is set, xfrm6_rcv_encap() drops the skb without attaching\nthe dst to the skb and without releasing the reference returned by the\nlookup. Repeated packets hitting this path therefore leak dst entries.\n\nRelease the dst before jumping to the drop path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46172",
"url": "https://www.suse.com/security/cve/CVE-2026-46172"
},
{
"category": "external",
"summary": "SUSE Bug 1266903 for CVE-2026-46172",
"url": "https://bugzilla.suse.com/1266903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46172"
},
{
"cve": "CVE-2026-46176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()\n\nmlx5_ib_dev_res_srq_init() allocates two SRQs, s0 and s1. When\nib_create_srq() fails for s1, the error branch destroys s0 but falls\nthrough and unconditionally assigns the freed s0 and the ERR_PTR s1 to\ndevr-\u003es0 and devr-\u003es1.\n\nThis leads to several problems: the lock-free fast path checks\n\"if (devr-\u003es1) return 0;\" and treats the ERR_PTR as already initialised;\nusers in mlx5_ib_create_qp() dereference the freed SRQ or ERR_PTR via\nto_msrq(devr-\u003es0)-\u003emsrq.srqn; and mlx5_ib_dev_res_cleanup() dereferences\nthe ERR_PTR and double-frees s0 on teardown.\n\nFix by adding the same `goto unlock` in the s1 failure path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46176",
"url": "https://www.suse.com/security/cve/CVE-2026-46176"
},
{
"category": "external",
"summary": "SUSE Bug 1266816 for CVE-2026-46176",
"url": "https://bugzilla.suse.com/1266816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46176"
},
{
"cve": "CVE-2026-46181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()\n\nSashiko points out the radix_tree itself is RCU safe, but nothing ever\nfrees the mlx4_srq struct with RCU, and it isn\u0027t even accessed within the\nRCU critical section. It also will crash if an event is delivered before\nthe srq object is finished initializing.\n\nUse the spinlock since it isn\u0027t easy to make RCU work, use\nrefcount_inc_not_zero() to protect against partially initialized objects,\nand order the refcount_set() to be after the srq is fully initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46181",
"url": "https://www.suse.com/security/cve/CVE-2026-46181"
},
{
"category": "external",
"summary": "SUSE Bug 1266826 for CVE-2026-46181",
"url": "https://bugzilla.suse.com/1266826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46181"
},
{
"cve": "CVE-2026-46197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: validate SVM ioctl nattr against buffer size\n\nValidate nattr field against the buffer size, preventing\nout-of-bounds buffer access via user-controlled attribute count.\n\n(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46197",
"url": "https://www.suse.com/security/cve/CVE-2026-46197"
},
{
"category": "external",
"summary": "SUSE Bug 1267381 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "external",
"summary": "SUSE Bug 1267382 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46197"
},
{
"cve": "CVE-2026-46209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()\n\ndrm_gem_fb_init_with_funcs() computes sub-sampled plane dimensions\nusing plain integer division:\n\n unsigned int width = mode_cmd-\u003ewidth / (i ? info-\u003ehsub : 1);\n unsigned int height = mode_cmd-\u003eheight / (i ? info-\u003evsub : 1);\n\nHowever, the ioctl-level framebuffer_check() in drm_framebuffer.c uses\ndrm_format_info_plane_width/height() which round up dimensions via\nDIV_ROUND_UP(). This inconsistency corrupts the subsequent GEM object\nsize check for certain pixel format and dimension combinations.\n\nFor example, with NV12 (vsub=2) and a 1-pixel-tall framebuffer the\nGEM size validation path sees height=0 instead of height=1. The\nexpression (height - 1) then wraps to UINT_MAX as an unsigned int,\ncausing min_size to overflow and wrap back to a small value. A tiny\nGEM object therefore passes the size guard, yet when the GPU accesses\nthe chroma plane it will read or write memory beyond the object\u0027s\nbounds.\n\nFix by replacing the open-coded divisions with drm_format_info_plane_width()\nand drm_format_info_plane_height(), which use DIV_ROUND_UP() and match\nthe calculation already used in framebuffer_check().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46209",
"url": "https://www.suse.com/security/cve/CVE-2026-46209"
},
{
"category": "external",
"summary": "SUSE Bug 1267663 for CVE-2026-46209",
"url": "https://bugzilla.suse.com/1267663"
},
{
"category": "external",
"summary": "SUSE Bug 1267891 for CVE-2026-46209",
"url": "https://bugzilla.suse.com/1267891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46209"
},
{
"cve": "CVE-2026-46227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep-\u003easocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs. The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep-\u003easocs), and optionally close the new socket which frees the\nassociation via kfree_rcu(). The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc-\u003ebase.sk\" and \"asoc-\u003ebase.dead\" checks, but nothing\nrevalidates @tmp. After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint\u0027s list head (type\nconfusion of \u0026newep-\u003easocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched-\u003einit_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns. @asoc is known to still be on ep-\u003easocs at that point: the\nonly callers that list_del an association from ep-\u003easocs are\nsctp_association_free() (which sets asoc-\u003ebase.dead) and\nsctp_assoc_migrate() (which changes asoc-\u003ebase.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err \u003c 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits \u0027continue\u0027 before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46227",
"url": "https://www.suse.com/security/cve/CVE-2026-46227"
},
{
"category": "external",
"summary": "SUSE Bug 1267697 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "external",
"summary": "SUSE Bug 1267698 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "important"
}
],
"title": "CVE-2026-46227"
},
{
"cve": "CVE-2026-46244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong - points to extension header start) and l4proto\n(correct - e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()\u0027s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()\u0027s calculated transport header offset is\npreserved, thereby fixing the desynchronization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46244",
"url": "https://www.suse.com/security/cve/CVE-2026-46244"
},
{
"category": "external",
"summary": "SUSE Bug 1267654 for CVE-2026-46244",
"url": "https://bugzilla.suse.com/1267654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:07:10Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
}
]
}
SUSE-SU-2026:22460-1
Vulnerability from csaf_suse - Published: 2026-06-30 16:55 - Updated: 2026-06-30 16:55| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2026-31414: netfilter: nf_conntrack_expect: use expect-\u003ehelper (bsc#1262085).\n- CVE-2026-31429: net: skb: fix cross-cache free of KFENCE-allocated skb head (bsc#1262392).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n- CVE-2026-31492: RDMA/irdma: Initialize free_qp completion before using it (bsc#1262748).\n- CVE-2026-31495: netfilter: ctnetlink: use netlink policy range checks (bsc#1262798).\n- CVE-2026-31499: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() (bsc#1262674).\n- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).\n- CVE-2026-31555: futex: Clear stale exiting pointer in futex_lock_pi() retry path (bsc#1263178).\n- CVE-2026-31592: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock (bsc#1263123).\n- CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).\n- CVE-2026-31665: kABI: netfilter: nft_ct: fix use-after-free in timeout object destroy (bsc#1263137).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31680: net: ipv6: flowlabel: defer exclusive option free until RCU teardown (bsc#1263563).\n- CVE-2026-31693: cifs: some missing initializations on replay (bsc#1267744).\n- CVE-2026-31697: crypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed (bsc#1264116).\n- CVE-2026-31698: crypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).\n- CVE-2026-31699: crypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed (bsc#1263879).\n- CVE-2026-31752: bridge: br_nd_send: validate ND option lengths (bsc#1264045).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).\n- CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43035: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak (bsc#1263996).\n- CVE-2026-43036: net: use skb_header_pointer() for TCPv4 GSO frag_off check (bsc#1263993).\n- CVE-2026-43049: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (bsc#1264080).\n- CVE-2026-43053: xfs: close crash window in attr dabtree inactivation (bsc#1264084).\n- CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43083: net: ioam6: fix OOB and missing lock (bsc#1264266).\n- CVE-2026-43101: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (bsc#1264239).\n- CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437).\n- CVE-2026-43119: Bluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status (bsc#1264561).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43171: EFI/CPER: do not dump the entire memory region (bsc#1264549).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43239: smb: client: prevent races in -\u003equery_interfaces() (bsc#1264444).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43345: net: ipa: fix event ring index not programmed for IPA v5.0+ (bsc#1265103).\n- CVE-2026-43405: libceph: Use u32 for non-negative values in ceph_monmap_decode() (bsc#1264741).\n- CVE-2026-43469: xprtrdma: Decrement re_receiving on the early exit paths (bsc#1265143).\n- CVE-2026-43491: net: qrtr: ns: Limit the maximum server registration per node (bsc#1265628).\n- CVE-2026-45840: openvswitch: cap upcall PID array size and pre-size vport replies (bsc#1266397).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45862: iommu/vt-d: Flush cache for PASID table before using it (bsc#1266705).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45894: iommu/vt-d: Clear Present bit before tearing down PASID entry (bsc#1266895).\n- CVE-2026-45940: net: stmmac: fix oops when split header is enabled (bsc#1266916).\n- CVE-2026-45961: gfs2: fix memory leaks in gfs2_fill_super error path (bsc#1266933).\n- CVE-2026-45964: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path (bsc#1266698).\n- CVE-2026-45965: apparmor: fix invalid deref of rawdata when export_binary is unset (bsc#1267208).\n- CVE-2026-45974: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found (bsc#1266922).\n- CVE-2026-46005: xfs: fix a resource leak in xfs_alloc_buftarg() (bsc#1267431).\n- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).\n- CVE-2026-46101: netfilter: reject zero shift in nft_bitwise (bsc#1266878).\n- CVE-2026-46119: libceph: Fix slab-out-of-bounds access in auth message processing (bsc#1267628).\n- CVE-2026-46120: ip6_gre: Use cached t-\u003enet in ip6erspan_changelink() (bsc#1267640).\n- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).\n- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46172: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (bsc#1266903).\n- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).\n- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).\n- CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync (bsc#1267654).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Suppress UBSAN warning caused by field misuse (git-fixes).\n- ACPI: IPMI: Fix message kref handling on dead device (git-fixes).\n- ACPI: NFIT: core: Fix possible NULL pointer dereference (git-fixes).\n- ALSA: aloop: Drop superfluous break (git-fixes).\n- ALSA: cmipci: check snd_ctl_new1() return value (git-fixes).\n- ALSA: core: Fix unintuitive behavior of snd_power_ref_and_wait() (git-fixes).\n- ALSA: es1938: check snd_ctl_new1() return value (git-fixes).\n- ALSA: gus: check snd_ctl_new1() return value (git-fixes).\n- ALSA: ice1712: check snd_ctl_new1() return value (git-fixes).\n- ALSA: seq: Clear variable event pointer on read (git-fixes).\n- ALSA: seq: Fix partial userptr event expansion (git-fixes).\n- ALSA: seq: midi: Serialize output teardown with event_input (git-fixes).\n- ALSA: usb-audio: Propagate US-16x08 write errors in route/mix EQ-switch put callbacks (git-fixes).\n- ALSA: usb-audio: Propagate errors in scarlett_ctl_enum_put() (git-fixes).\n- ALSA: usb-audio: Roll back quirk control caches on write errors (git-fixes).\n- ALSA: usb-audio: Update Babyface Pro control caches only after successful writes (git-fixes).\n- ALSA: usb-audio: Update US-16x08 EQ/comp shadow state after successful writes (git-fixes).\n- ALSA: virtio: Add missing 384 kHz PCM rate mapping (git-fixes).\n- ALSA: ymfpci: check snd_ctl_new1() return value (git-fixes).\n- ASoC: SOF: ipc3-control: Fix TOCTOU in bytes_put and bytes_get (git-fixes).\n- ASoC: SOF: ipc3-control: Fix heap overflow in bytes_ext put/get (git-fixes).\n- ASoC: SOF: ipc3-control: Use overflow checks in control_update size calc (git-fixes).\n- ASoC: SOF: ipc3-control: Validate size in snd_sof_update_control (git-fixes).\n- ASoC: SOF: ipc4-control: Fix TOCTOU in sof_ipc4_bytes_put (git-fixes).\n- ASoC: SOF: topology: validate vendor array size before parsing (git-fixes).\n- ASoC: adau1372: Clear PLL_EN on failed PLL lock without reset GPIO (git-fixes).\n- ASoC: codecs: hdac_hdmi: Validate written enum value (git-fixes).\n- ASoC: cs35l56: Cleanup if component_probe fails (git-fixes).\n- ASoC: cs35l56: Do not leave parent IRQ disabled if system_suspend fails (git-fixes).\n- ASoC: cs35l56: Fix missing calls to wm_adsp2_remove() (git-fixes).\n- ASoC: fsl: fsl_audmix: Validate written enum values (git-fixes).\n- ASoC: meson: aiu: Validate written enum values (git-fixes).\n- ASoC: tegra: tegra210_ahub: Validate written enum value (git-fixes).\n- ASoC: topology: Check PCM and DAI name strings before use (git-fixes).\n- ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (git-fixes).\n- Bluetooth: btmtksdio: fix infinite loop in btmtksdio_txrx_work() (git-fixes).\n- Bluetooth: btusb: fix use-after-free on marvell probe failure (git-fixes).\n- Bluetooth: btusb: fix use-after-free on registration failure (git-fixes).\n- Bluetooth: btusb: fix wakeup irq devres lifetime (git-fixes).\n- Bluetooth: btusb: fix wakeup source leak on probe failure (git-fixes).\n- Bluetooth: eir: Fix stack OOB write when prepending the Flags AD (git-fixes).\n- Bluetooth: hci: validate codec capability element length (git-fixes).\n- Bluetooth: vhci: validate devcoredump state before side effects (git-fixes).\n- Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-fixes).\n- KVM: SEV: Ignore MMIO requests of length \u00270\u0027 (git-fixes).\n- KVM: SEV: Ignore Port I/O requests of length \u00270\u0027 (git-fixes).\n- KVM: SVM: Allow KVM_SET_NESTED_STATE to clear GIF when SVME==0 (git-fixes).\n- KVM: SVM: Do not set GIF when clearing EFER.SVME (git-fixes).\n- KVM: SVM: Flush the current TLB when transitioning from xAVIC =\u003e x2AVIC (git-fixes).\n- KVM: SVM: check validity of VMCB controls when returning from SMM (git-fixes).\n- KVM: arm64: Discard PC update state on vcpu reset (git-fixes).\n- KVM: arm64: Guard against NULL vcpu on VHE hyp panic path (git-fixes).\n- KVM: arm64: PMU: Preserve AArch32 counter low bits (git-fixes).\n- KVM: arm64: Treat vCPU with pending SError as runnable (git-fixes).\n- KVM: arm64: Wake-up from WFI when iqrchip is in userspace (git-fixes).\n- KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits (git-fixes).\n- KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes).\n- KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation (git-fixes).\n- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode (git-fixes).\n- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state (git-fixes).\n- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes).\n- KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes).\n- PM: sleep: Use complete() in device_pm_sleep_init() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in get_manuf_info() (git-fixes).\n- USB: serial: kl5kusb105: fix bulk-out buffer overflow (git-fixes).\n- X.509: Fix validation of ASN.1 certificate header (git-fixes).\n- add bugnumber to existing mana_ib change (bsc#1267682)\n- agp/amd64: Fix broken error propagation in agp_amd64_probe() (git-fixes).\n- batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (git-fixes).\n- batman-adv: tp_meter: add only finished tp_vars to lists (git-fixes).\n- batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (git-fixes).\n- batman-adv: tp_meter: avoid window underflow (git-fixes).\n- batman-adv: tp_meter: fix fast recovery precondition (git-fixes).\n- batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (git-fixes).\n- batman-adv: tp_meter: initialize dec_cwnd explicitly (git-fixes).\n- batman-adv: tp_meter: initialize dup_acks explicitly (git-fixes).\n- batman-adv: tp_meter: keep unacked list in ascending ordered (git-fixes).\n- bnxt_en: Fix NULL pointer dereference (bsc#1268307).\n- crypto: af_alg - Cap AEAD AD length to 0x80000000 (git-fixes).\n- crypto: amlogic - avoid double cleanup in meson_crypto_probe() (git-fixes).\n- crypto: asymmetric_keys - fix OOB read in pefile_digest_pe_contents (git-fixes).\n- crypto: atmel-sha204a - fix blocking and non-blocking rng logic (git-fixes).\n- crypto: cavium/cpt - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: ccp - Fix snp_filter_reserved_mem_regions() off-by-one (git-fixes).\n- crypto: ccp - Treat zero-length cert chain as query for blob lengths (git-fixes).\n- crypto: drbg - Fix drbg_max_addtl() on 64-bit kernels (git-fixes).\n- crypto: drbg - Fix returning success on failure in CTR_DRBG (git-fixes).\n- crypto: drbg - Fix the fips_enabled priority boost (git-fixes).\n- crypto: ecc - Fix carry overflow in vli multiplication (git-fixes).\n- crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve (git-fixes).\n- crypto: hisilicon/qm - disable error report before flr (git-fixes).\n- crypto: marvell/octeontx - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: pcrypt - restore callback for non-parallel fallback (git-fixes).\n- crypto: qat - protect service table iterations with service_lock (git-fixes).\n- crypto: qat - validate RSA CRT component lengths (git-fixes).\n- crypto: rng - Free default RNG on module exit (git-fixes).\n- driver core: reject devices with unregistered buses (git-fixes).\n- driver core: use READ_ONCE() for dev-\u003edriver in dev_has_sync_state() (git-fixes).\n- drm/amd/display: Add missing kdoc for ALLM parameters (git-fixes).\n- drm/amdgpu: fix integer overflow in amdgpu_gem_align_pitch() (git-fixes).\n- drm/amdgpu: set sub_block_index for mca ras sub-blocks (git-fixes).\n- drm/amdkfd: Validate CRIU-restored IDs before idr_alloc (git-fixes).\n- drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS() (git-fixes).\n- drm/dp/mst: fix OOB reads in remote DPCD/I2C sideband reply parsers (git-fixes).\n- drm/dp/mst: fix OOB reads on 2-byte fields in sideband reply parsers (git-fixes).\n- drm/dp/mst: fix buffer overflows in sideband chunk accumulation (git-fixes).\n- drm/hisilicon/hibmc: move display contrl config to hibmc_probe() (git-fixes).\n- drm/hisilicon/hibmc: use clock to look up the PLL value (git-fixes).\n- drm/hyperv: use VMBUS_RING_SIZE() (git-fixes).\n- drm/i915/gem: Fix phys BO pread/pwrite with offset (git-fixes).\n- drm/msm/dp: Fix the ISR_* enum values (git-fixes).\n- drm/msm/dp: fix HPD state status bit shift value (git-fixes).\n- drm/nouveau/bios: specify correct display fuse register for Ampere and Ada (git-fixes).\n- drm/radeon: fix integer overflow in radeon_align_pitch() (git-fixes).\n- drm/radeon: fix memory leak in radeon_ring_restore() on lock failure (git-fixes).\n- drm/rockchip: cdn-dp: add missing check in cdn_dp_config_video() (git-fixes).\n- drm/tegra: Fix iommu_map_sgtable() return value check (git-fixes).\n- drm/tegra: dc: Fix device node reference leak in tegra_dc_has_output() (git-fixes).\n- drm/tidss: Drop extra drm_mode_config_reset() call (git-fixes).\n- drm/tidss: Fix missing drm_bridge_add() call (git-fixes).\n- drm/vc4: fix krealloc() memory leak (git-fixes).\n- drm/virtio: Fix driver removal with disabled KMS (git-fixes).\n- drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() (git-fixes).\n- ethtool: provide customized dim profile management (bsc#1261256).\n- fbdev: broadsheetfb: fix potential memory leak in broadsheetfb_probe() (git-fixes).\n- fbdev: hecubafb: fix potential memory leak in hecubafb_probe() (git-fixes).\n- fbdev: i740fb: fix potential memory leak in i740fb_probe() (git-fixes).\n- fbdev: metronomefb: fix potential memory leak in metronomefb_probe() (git-fixes).\n- fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode (git-fixes).\n- fbdev: nvidia: fix potential memory leak in nvidiafb_probe() (git-fixes).\n- fbdev: radeon: fix potential memory leak in radeonfb_pci_register() (git-fixes).\n- fbdev: s3fb: fix potential memory leak in s3_pci_probe() (git-fixes).\n- fbdev: sm501fb: Fix buffer errors in OF binding code (git-fixes).\n- fbdev: sm712: Fix operator precedence in big_swap macro (git-fixes).\n- fbdev: tdfxfb: fix potential memory leak in tdfxfb_probe() (git-fixes).\n- fbdev: tridentfb: fix potential memory leak in trident_pci_probe() (git-fixes).\n- fbdev: uvesafb: fix potential memory leak in uvesafb_probe() (git-fixes).\n- fbdev: vesafb: fix memory leak in vesafb_probe() (git-fixes).\n- firmware: arm_scmi: Fix OOB in scmi_power_name_get() (git-fixes).\n- firmware: arm_scmi: Read sensor config as 32-bit value (git-fixes).\n- firmware_loader: Fix recursive lock in device_cache_fw_images() (git-fixes).\n- firmware_loader: fix device reference leak in firmware_upload_register() (git-fixes).\n- gpio: mvebu: fix NULL pointer dereference in suspend/resume (git-fixes).\n- gpu: host1x: Allow entries in BO caches to be freed (git-fixes).\n- gpu: host1x: Fix iommu_map_sgtable() return value check (git-fixes).\n- hv: utils: handle and propagate errors in kvp_register (git-fixes).\n- hwmon: (it87) Clamp negative values to zero in set_fan() (git-fixes).\n- hwrng: jh7110 - fix refcount leak in starfive_trng_read() (git-fixes).\n- hwrng: virtio: clamp device-reported used.len at copy_data() (git-fixes).\n- hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).\n- i2c: core: fix irq domain leak on adapter registration failure (git-fixes).\n- i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (git-fixes).\n- i2c: stm32f7: fix timing computation ignoring i2c-analog-filter (git-fixes).\n- i2c: tegra: Fix NOIRQ suspend/resume (git-fixes).\n- linux/dim: move useful macros to .h file (bsc#1261256).\n- misc: fastrpc: Fix NULL pointer dereference in rpmsg callback (git-fixes).\n- misc: fastrpc: fix DMA address corruption due to find_vma misuse (git-fixes).\n- misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (git-fixes).\n- misc: fastrpc: fix use-after-free race in fastrpc_map_create (git-fixes).\n- net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).\n- net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).\n- net: mana: Add support for RX CQE Coalescing (bsc#1261256).\n- of: cpu: add check in __of_find_n_match_cpu_property() (git-fixes).\n- slimbus: qcom-ngd-ctrl: fix OF node refcount (git-fixes).\n- soc: fsl: qe: panic on ioremap() failure in qe_reset() (git-fixes).\n- soc: ti: k3-ringacc: Fix access mode for k3_ringacc_ring_pop_tail_io/proxy (git-fixes).\n- spi: at91-usart: drop dead runtime pm support (git-fixes).\n- spi: ep93xx: fix double-free of zeropage on DMA setup failure (git-fixes).\n- spi: fsl-lpspi: replace dmaengine_terminate_all() with dmaengine_terminate_sync() (git-fixes).\n- spi: fsl-lpspi: terminate the RX channel on TX prepare failure path (git-fixes).\n- spi: meson-spifc: fix runtime PM leak on remove (git-fixes).\n- spi: xilinx: use FIFO occupancy register to determine buffer size (git-fixes).\n- thermal: hwmon: Fix critical temperature attribute removal (git-fixes).\n- thunderbolt: Bound root directory content to block size (git-fixes).\n- thunderbolt: Clamp XDomain response data copy to allocation size (git-fixes).\n- thunderbolt: Limit XDomain response copy to actual frame size (git-fixes).\n- thunderbolt: Reject zero-length property entries in validator (git-fixes).\n- thunderbolt: Validate XDomain request packet size before type cast (git-fixes).\n- watchdog: apple: Add \"apple,t8103-wdt\" compatible (git-fixes).\n- watchdog: sp5100_tco: Use EFCH MMIO for newer Hygon FCH (git-fixes).\n- watchdog: sprd_wdt: Remove redundant sprd_wdt_disable() on register failure (git-fixes).\n- watchdog: unregister PM notifier on watchdog unregister (git-fixes).\n- wifi: ath11k: fix warning when unbinding (git-fixes).\n- wifi: ath9k: fix OOB access from firmware tx status queue ID (git-fixes).\n- wifi: cfg80211: fix grammar in MLO group key error message (git-fixes).\n- wifi: mac80211: fix monitor mode frame capture for real chanctx drivers (git-fixes).\n- wifi: mt76: fix argument to ieee80211_is_first_frag() (git-fixes).\n- wifi: mt76: mt7915: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7921: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7925: clean up DMA on probe failure (git-fixes).\n- wifi: mt76: mt7925: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7996: fix potential tx_retries underflow (git-fixes).\n- wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor (git-fixes).\n- wifi: rtw88: fix OOB read from firmware RX descriptor exceeding DMA buffer (git-fixes).\n- wifi: rtw88: increase TX report timeout to fix race condition (git-fixes).\n- wifi: rtw88: usb: fix memory leaks on USB write failures (git-fixes).\n- wifi: rtw89: Correct data type for scan index to avoid infinite loop (git-fixes).\n- wifi: wcn36xx: fix OOB read from firmware count in PRINT_REG_INFO indication (git-fixes).\n- wifi: wcn36xx: fix OOB read from short trigger BA firmware response (git-fixes).\n- wifi: wcn36xx: fix heap overflow from oversized firmware HAL response (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-496",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22460-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22460-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622460-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22460-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-July/027249.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1261256",
"url": "https://bugzilla.suse.com/1261256"
},
{
"category": "self",
"summary": "SUSE Bug 1262085",
"url": "https://bugzilla.suse.com/1262085"
},
{
"category": "self",
"summary": "SUSE Bug 1262392",
"url": "https://bugzilla.suse.com/1262392"
},
{
"category": "self",
"summary": "SUSE Bug 1262617",
"url": "https://bugzilla.suse.com/1262617"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262674",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "self",
"summary": "SUSE Bug 1262748",
"url": "https://bugzilla.suse.com/1262748"
},
{
"category": "self",
"summary": "SUSE Bug 1262798",
"url": "https://bugzilla.suse.com/1262798"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263123",
"url": "https://bugzilla.suse.com/1263123"
},
{
"category": "self",
"summary": "SUSE Bug 1263137",
"url": "https://bugzilla.suse.com/1263137"
},
{
"category": "self",
"summary": "SUSE Bug 1263178",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "self",
"summary": "SUSE Bug 1263563",
"url": "https://bugzilla.suse.com/1263563"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263879",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "self",
"summary": "SUSE Bug 1263880",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263993",
"url": "https://bugzilla.suse.com/1263993"
},
{
"category": "self",
"summary": "SUSE Bug 1263996",
"url": "https://bugzilla.suse.com/1263996"
},
{
"category": "self",
"summary": "SUSE Bug 1264045",
"url": "https://bugzilla.suse.com/1264045"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264080",
"url": "https://bugzilla.suse.com/1264080"
},
{
"category": "self",
"summary": "SUSE Bug 1264084",
"url": "https://bugzilla.suse.com/1264084"
},
{
"category": "self",
"summary": "SUSE Bug 1264116",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "self",
"summary": "SUSE Bug 1264137",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "self",
"summary": "SUSE Bug 1264145",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "self",
"summary": "SUSE Bug 1264239",
"url": "https://bugzilla.suse.com/1264239"
},
{
"category": "self",
"summary": "SUSE Bug 1264263",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "self",
"summary": "SUSE Bug 1264266",
"url": "https://bugzilla.suse.com/1264266"
},
{
"category": "self",
"summary": "SUSE Bug 1264437",
"url": "https://bugzilla.suse.com/1264437"
},
{
"category": "self",
"summary": "SUSE Bug 1264444",
"url": "https://bugzilla.suse.com/1264444"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264549",
"url": "https://bugzilla.suse.com/1264549"
},
{
"category": "self",
"summary": "SUSE Bug 1264561",
"url": "https://bugzilla.suse.com/1264561"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264741",
"url": "https://bugzilla.suse.com/1264741"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1265103",
"url": "https://bugzilla.suse.com/1265103"
},
{
"category": "self",
"summary": "SUSE Bug 1265143",
"url": "https://bugzilla.suse.com/1265143"
},
{
"category": "self",
"summary": "SUSE Bug 1265628",
"url": "https://bugzilla.suse.com/1265628"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266397",
"url": "https://bugzilla.suse.com/1266397"
},
{
"category": "self",
"summary": "SUSE Bug 1266698",
"url": "https://bugzilla.suse.com/1266698"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266705",
"url": "https://bugzilla.suse.com/1266705"
},
{
"category": "self",
"summary": "SUSE Bug 1266878",
"url": "https://bugzilla.suse.com/1266878"
},
{
"category": "self",
"summary": "SUSE Bug 1266895",
"url": "https://bugzilla.suse.com/1266895"
},
{
"category": "self",
"summary": "SUSE Bug 1266903",
"url": "https://bugzilla.suse.com/1266903"
},
{
"category": "self",
"summary": "SUSE Bug 1266916",
"url": "https://bugzilla.suse.com/1266916"
},
{
"category": "self",
"summary": "SUSE Bug 1266922",
"url": "https://bugzilla.suse.com/1266922"
},
{
"category": "self",
"summary": "SUSE Bug 1266933",
"url": "https://bugzilla.suse.com/1266933"
},
{
"category": "self",
"summary": "SUSE Bug 1267208",
"url": "https://bugzilla.suse.com/1267208"
},
{
"category": "self",
"summary": "SUSE Bug 1267361",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "self",
"summary": "SUSE Bug 1267381",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267431",
"url": "https://bugzilla.suse.com/1267431"
},
{
"category": "self",
"summary": "SUSE Bug 1267621",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267628",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "self",
"summary": "SUSE Bug 1267640",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267654",
"url": "https://bugzilla.suse.com/1267654"
},
{
"category": "self",
"summary": "SUSE Bug 1267682",
"url": "https://bugzilla.suse.com/1267682"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267697",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "self",
"summary": "SUSE Bug 1267744",
"url": "https://bugzilla.suse.com/1267744"
},
{
"category": "self",
"summary": "SUSE Bug 1268307",
"url": "https://bugzilla.suse.com/1268307"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31429 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31453 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31495 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31592 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31665 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31697 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31698 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31699 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31752 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31771 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43023 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43035 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43049 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43074 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43171 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43345 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43491 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45840 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45862 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45894 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45940 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45961 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45964 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45974 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46123 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46197 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46227 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-06-30T16:55:30Z",
"generator": {
"date": "2026-06-30T16:55:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22460-1",
"initial_release_date": "2026-06-30T16:55:30Z",
"revision_history": [
{
"date": "2026-06-30T16:55:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-48.1.aarch64",
"product_id": "kernel-default-6.4.0-48.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"product_id": "kernel-default-base-6.4.0-48.1.21.25.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-48.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-48.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-48.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-48.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-48.1.noarch",
"product_id": "kernel-devel-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-48.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-48.1.noarch",
"product_id": "kernel-macros-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-48.1.noarch",
"product": {
"name": "kernel-source-6.4.0-48.1.noarch",
"product_id": "kernel-source-6.4.0-48.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-48.1.ppc64le",
"product_id": "kernel-default-6.4.0-48.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"product_id": "kernel-default-base-6.4.0-48.1.21.25.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-48.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-48.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-48.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.s390x",
"product": {
"name": "kernel-default-6.4.0-48.1.s390x",
"product_id": "kernel-default-6.4.0-48.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-48.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-48.1.s390x",
"product_id": "kernel-default-devel-6.4.0-48.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-48.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-48.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-48.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-48.1.x86_64",
"product_id": "kernel-default-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"product_id": "kernel-default-base-6.4.0-48.1.21.25.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-48.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x"
},
"product_reference": "kernel-default-6.4.0-48.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-48.1.21.25.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-48.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-48.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-48.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-48.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-48.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-48.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-48.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
},
"product_reference": "kernel-source-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
},
{
"category": "external",
"summary": "SUSE Bug 1270230 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1270230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2026-31414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31414",
"url": "https://www.suse.com/security/cve/CVE-2026-31414"
},
{
"category": "external",
"summary": "SUSE Bug 1262085 for CVE-2026-31414",
"url": "https://bugzilla.suse.com/1262085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31429",
"url": "https://www.suse.com/security/cve/CVE-2026-31429"
},
{
"category": "external",
"summary": "SUSE Bug 1262392 for CVE-2026-31429",
"url": "https://bugzilla.suse.com/1262392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: avoid dereferencing log items after push callbacks\n\nAfter xfsaild_push_item() calls iop_push(), the log item may have been\nfreed if the AIL lock was dropped during the push. Background inode\nreclaim or the dquot shrinker can free the log item while the AIL lock\nis not held, and the tracepoints in the switch statement dereference\nthe log item after iop_push() returns.\n\nFix this by capturing the log item type, flags, and LSN before calling\nxfsaild_push_item(), and introducing a new xfs_ail_push_class trace\nevent class that takes these pre-captured values and the ailp pointer\ninstead of the log item pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31453",
"url": "https://www.suse.com/security/cve/CVE-2026-31453"
},
{
"category": "external",
"summary": "SUSE Bug 1262617 for CVE-2026-31453",
"url": "https://bugzilla.suse.com/1262617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31453"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Initialize free_qp completion before using it\n\nIn irdma_create_qp, if ib_copy_to_udata fails, it will call\nirdma_destroy_qp to clean up which will attempt to wait on\nthe free_qp completion, which is not initialized yet. Fix this\nby initializing the completion before the ib_copy_to_udata call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31492",
"url": "https://www.suse.com/security/cve/CVE-2026-31492"
},
{
"category": "external",
"summary": "SUSE Bug 1262748 for CVE-2026-31492",
"url": "https://bugzilla.suse.com/1262748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31492"
},
{
"cve": "CVE-2026-31495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31495",
"url": "https://www.suse.com/security/cve/CVE-2026-31495"
},
{
"category": "external",
"summary": "SUSE Bug 1262798 for CVE-2026-31495",
"url": "https://bugzilla.suse.com/1262798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix deadlock in l2cap_conn_del()\n\nl2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer\nand id_addr_timer while holding conn-\u003elock. However, the work functions\nl2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire\nconn-\u003elock, creating a potential AB-BA deadlock if the work is already\nexecuting when l2cap_conn_del() takes the lock.\n\nMove the work cancellations before acquiring conn-\u003elock and use\ndisable_delayed_work_sync() to additionally prevent the works from\nbeing rearmed after cancellation, consistent with the pattern used in\nhci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31499",
"url": "https://www.suse.com/security/cve/CVE-2026-31499"
},
{
"category": "external",
"summary": "SUSE Bug 1262674 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1262674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31499"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31555",
"url": "https://www.suse.com/security/cve/CVE-2026-31555"
},
{
"category": "external",
"summary": "SUSE Bug 1263178 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "external",
"summary": "SUSE Bug 1263179 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock\n\nTake and hold kvm-\u003elock for before checking sev_guest() in\nsev_mem_enc_register_region(), as sev_guest() isn\u0027t stable unless kvm-\u003elock\nis held (or KVM can guarantee KVM_SEV_INIT{2} has completed and can\u0027t\nrollack state). If KVM_SEV_INIT{2} fails, KVM can end up trying to add to\na not-yet-initialized sev-\u003eregions_list, e.g. triggering a #GP\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n CPU: 110 UID: 0 PID: 72717 Comm: syz.15.11462 Tainted: G U W O 6.16.0-smp-DEV #1 NONE\n Tainted: [U]=USER, [W]=WARN, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:sev_mem_enc_register_region+0x3f0/0x4f0 ../include/linux/list.h:83\n Code: \u003c41\u003e 80 3c 04 00 74 08 4c 89 ff e8 f1 c7 a2 00 49 39 ed 0f 84 c6 00\n RSP: 0018:ffff88838647fbb8 EFLAGS: 00010256\n RAX: dffffc0000000000 RBX: 1ffff92015cf1e0b RCX: dffffc0000000000\n RDX: 0000000000000000 RSI: 0000000000001000 RDI: ffff888367870000\n RBP: ffffc900ae78f050 R08: ffffea000d9e0007 R09: 1ffffd4001b3c000\n R10: dffffc0000000000 R11: fffff94001b3c001 R12: 0000000000000000\n R13: ffff8982ab0bde00 R14: ffffc900ae78f058 R15: 0000000000000000\n FS: 00007f34e9dc66c0(0000) GS:ffff89ee64d33000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fe180adef98 CR3: 000000047210e000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vm_ioctl+0xa72/0x1240 ../arch/x86/kvm/x86.c:7371\n kvm_vm_ioctl+0x649/0x990 ../virt/kvm/kvm_main.c:5363\n __se_sys_ioctl+0x101/0x170 ../fs/ioctl.c:51\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x6f/0x1f0 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f34e9f7e9a9\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f34e9dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007f34ea1a6080 RCX: 00007f34e9f7e9a9\n RDX: 0000200000000280 RSI: 000000008010aebb RDI: 0000000000000007\n RBP: 00007f34ea000d69 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f34ea1a6080 R15: 00007ffce77197a8\n \u003c/TASK\u003e\n\nwith a syzlang reproducer that looks like:\n\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000040)={0x0, \u0026(0x7f0000000180)=ANY=[], 0x70}) (async)\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000080)={0x0, \u0026(0x7f0000000180)=ANY=[@ANYBLOB=\"...\"], 0x4f}) (async)\n r0 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000200), 0x0, 0x0)\n r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)\n r2 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000240), 0x0, 0x0)\n r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)\n ioctl$KVM_SET_CLOCK(r3, 0xc008aeba, \u0026(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) (async)\n ioctl$KVM_SET_PIT2(r3, 0x8010aebb, \u0026(0x7f0000000280)={[...], 0x5}) (async)\n ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) (async)\n r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)\n openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)\n ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, \u0026(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, \u0026(0x7f0000001000/0x2000)=nil}) (async)\n r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)\n close(r0) (async)\n openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000000), 0x8000, 0x0) (async)\n ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, \u0026(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x46, 0x0, 0x0, 0x0, 0x0, 0x1000]}) (async)\n ioctl$KVM_RUN(r5, 0xae80, 0x0)\n\nOpportunistically use guard() to avoid having to define a new error label\nand goto usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31592",
"url": "https://www.suse.com/security/cve/CVE-2026-31592"
},
{
"category": "external",
"summary": "SUSE Bug 1263123 for CVE-2026-31592",
"url": "https://bugzilla.suse.com/1263123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31665",
"url": "https://www.suse.com/security/cve/CVE-2026-31665"
},
{
"category": "external",
"summary": "SUSE Bug 1263137 for CVE-2026-31665",
"url": "https://bugzilla.suse.com/1263137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31680",
"url": "https://www.suse.com/security/cve/CVE-2026-31680"
},
{
"category": "external",
"summary": "SUSE Bug 1263563 for CVE-2026-31680",
"url": "https://bugzilla.suse.com/1263563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31693",
"url": "https://www.suse.com/security/cve/CVE-2026-31693"
},
{
"category": "external",
"summary": "SUSE Bug 1267744 for CVE-2026-31693",
"url": "https://bugzilla.suse.com/1267744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31693"
},
{
"cve": "CVE-2026-31697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don\u0027t attempt to copy the ID blob to\nuserspace if the firmware command failed. If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31697",
"url": "https://www.suse.com/security/cve/CVE-2026-31697"
},
{
"category": "external",
"summary": "SUSE Bug 1264116 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "external",
"summary": "SUSE Bug 1264144 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31697"
},
{
"cve": "CVE-2026-31698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed\n\nWhen retrieving the PDH cert, don\u0027t attempt to copy the blobs to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff8885c4ab8aa0 by task syz.0.186/21033\n\n CPU: 51 UID: 0 PID: 21033 Comm: syz.0.186 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.84.12-0 11/17/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pdh_export+0x3d3/0x7c0 ../drivers/crypto/ccp/sev-dev.c:2347\n sev_ioctl+0x2a2/0x490 ../drivers/crypto/ccp/sev-dev.c:2568\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31698",
"url": "https://www.suse.com/security/cve/CVE-2026-31698"
},
{
"category": "external",
"summary": "SUSE Bug 1263880 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "external",
"summary": "SUSE Bug 1263929 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31698"
},
{
"cve": "CVE-2026-31699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed\n\nWhen retrieving the PEK CSR, don\u0027t attempt to copy the blob to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff898144612e20 by task syz.9.219/21405\n\n CPU: 14 UID: 0 PID: 21405 Comm: syz.9.219 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pek_csr+0x31f/0x590 ../drivers/crypto/ccp/sev-dev.c:1872\n sev_ioctl+0x3a4/0x490 ../drivers/crypto/ccp/sev-dev.c:2562\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31699",
"url": "https://www.suse.com/security/cve/CVE-2026-31699"
},
{
"category": "external",
"summary": "SUSE Bug 1263879 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "external",
"summary": "SUSE Bug 1263928 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31699"
},
{
"cve": "CVE-2026-31752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31752",
"url": "https://www.suse.com/security/cve/CVE-2026-31752"
},
{
"category": "external",
"summary": "SUSE Bug 1264045 for CVE-2026-31752",
"url": "https://bugzilla.suse.com/1264045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: move wake reason storage into validated event handlers\n\nhci_store_wake_reason() is called from hci_event_packet() immediately\nafter stripping the HCI event header but before hci_event_func()\nenforces the per-event minimum payload length from hci_ev_table.\nThis means a short HCI event frame can reach bacpy() before any bounds\ncheck runs.\n\nRather than duplicating skb parsing and per-event length checks inside\nhci_store_wake_reason(), move wake-address storage into the individual\nevent handlers after their existing event-length validation has\nsucceeded. Convert hci_store_wake_reason() into a small helper that only\nstores an already-validated bdaddr while the caller holds hci_dev_lock().\nUse the same helper after hci_event_func() with a NULL address to\npreserve the existing unexpected-wake fallback semantics when no\nvalidated event handler records a wake address.\n\nAnnotate the helper with __must_hold(\u0026hdev-\u003elock) and add\nlockdep_assert_held(\u0026hdev-\u003elock) so future call paths keep the lock\ncontract explicit.\n\nCall the helper from hci_conn_request_evt(), hci_conn_complete_evt(),\nhci_sync_conn_complete_evt(), le_conn_complete_evt(),\nhci_le_adv_report_evt(), hci_le_ext_adv_report_evt(),\nhci_le_direct_adv_report_evt(), hci_le_pa_sync_established_evt(), and\nhci_le_past_received_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31771",
"url": "https://www.suse.com/security/cve/CVE-2026-31771"
},
{
"category": "external",
"summary": "SUSE Bug 1264145 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "external",
"summary": "SUSE Bug 1264146 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-31771"
},
{
"cve": "CVE-2026-43023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: fix race conditions in sco_sock_connect()\n\nsco_sock_connect() checks sk_state and sk_type without holding\nthe socket lock. Two concurrent connect() syscalls on the same\nsocket can both pass the check and enter sco_connect(), leading\nto use-after-free.\n\nThe buggy scenario involves three participants and was confirmed\nwith additional logging instrumentation:\n\n Thread A (connect): HCI disconnect: Thread B (connect):\n\n sco_sock_connect(sk) sco_sock_connect(sk)\n sk_state==BT_OPEN sk_state==BT_OPEN\n (pass, no lock) (pass, no lock)\n sco_connect(sk): sco_connect(sk):\n hci_dev_lock hci_dev_lock\n hci_connect_sco \u003c- blocked\n -\u003e hcon1\n sco_conn_add-\u003econn1\n lock_sock(sk)\n sco_chan_add:\n conn1-\u003esk = sk\n sk-\u003econn = conn1\n sk_state=BT_CONNECT\n release_sock\n hci_dev_unlock\n hci_dev_lock\n sco_conn_del:\n lock_sock(sk)\n sco_chan_del:\n sk-\u003econn=NULL\n conn1-\u003esk=NULL\n sk_state=\n BT_CLOSED\n SOCK_ZAPPED\n release_sock\n hci_dev_unlock\n (unblocked)\n hci_connect_sco\n -\u003e hcon2\n sco_conn_add\n -\u003e conn2\n lock_sock(sk)\n sco_chan_add:\n sk-\u003econn=conn2\n sk_state=\n BT_CONNECT\n // zombie sk!\n release_sock\n hci_dev_unlock\n\nThread B revives a BT_CLOSED + SOCK_ZAPPED socket back to\nBT_CONNECT. Subsequent cleanup triggers double sock_put() and\nuse-after-free. Meanwhile conn1 is leaked as it was orphaned\nwhen sco_conn_del() cleared the association.\n\nFix this by:\n- Moving lock_sock() before the sk_state/sk_type checks in\n sco_sock_connect() to serialize concurrent connect attempts\n- Fixing the sk_type != SOCK_SEQPACKET check to actually\n return the error instead of just assigning it\n- Adding a state re-check in sco_connect() after lock_sock()\n to catch state changes during the window between the locks\n- Adding sco_pi(sk)-\u003econn check in sco_chan_add() to prevent\n double-attach of a socket to multiple connections\n- Adding hci_conn_drop() on sco_chan_add failure to prevent\n HCI connection leaks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43023",
"url": "https://www.suse.com/security/cve/CVE-2026-43023"
},
{
"category": "external",
"summary": "SUSE Bug 1264137 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "external",
"summary": "SUSE Bug 1264138 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-43023"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43035",
"url": "https://www.suse.com/security/cve/CVE-2026-43035"
},
{
"category": "external",
"summary": "SUSE Bug 1263996 for CVE-2026-43035",
"url": "https://bugzilla.suse.com/1263996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use skb_header_pointer() for TCPv4 GSO frag_off check\n\nSyzbot reported a KMSAN uninit-value warning in gso_features_check()\ncalled from netif_skb_features() [1].\n\ngso_features_check() reads iph-\u003efrag_off to decide whether to clear\nmangleid_features. Accessing the IPv4 header via ip_hdr()/inner_ip_hdr()\ncan rely on skb header offsets that are not always safe for direct\ndereference on packets injected from PF_PACKET paths.\n\nUse skb_header_pointer() for the TCPv4 frag_off check so the header read\nis robust whether data is already linear or needs copying.\n\n[1] https://syzkaller.appspot.com/bug?extid=1543a7d954d9c6d00407",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43036",
"url": "https://www.suse.com/security/cve/CVE-2026-43036"
},
{
"category": "external",
"summary": "SUSE Bug 1263993 for CVE-2026-43036",
"url": "https://bugzilla.suse.com/1263993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43036"
},
{
"cve": "CVE-2026-43049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure\n\nPresently, if the force feedback initialisation fails when probing the\nLogitech G920 Driving Force Racing Wheel for Xbox One, an error number\nwill be returned and propagated before the userspace infrastructure\n(sysfs and /dev/input) has been torn down. If userspace ignores the\nerrors and continues to use its references to these dangling entities, a\nUAF will promptly follow.\n\nWe have 2 options; continue to return the error, but ensure that all of\nthe infrastructure is torn down accordingly or continue to treat this\ncondition as a warning by emitting the message but returning success.\nIt is thought that the original author\u0027s intention was to emit the\nwarning but keep the device functional, less the force feedback feature,\nso let\u0027s go with that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43049",
"url": "https://www.suse.com/security/cve/CVE-2026-43049"
},
{
"category": "external",
"summary": "SUSE Bug 1264080 for CVE-2026-43049",
"url": "https://bugzilla.suse.com/1264080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43049"
},
{
"cve": "CVE-2026-43053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: close crash window in attr dabtree inactivation\n\nWhen inactivating an inode with node-format extended attributes,\nxfs_attr3_node_inactive() invalidates all child leaf/node blocks via\nxfs_trans_binval(), but intentionally does not remove the corresponding\nentries from their parent node blocks. The implicit assumption is that\nxfs_attr_inactive() will truncate the entire attr fork to zero extents\nafterwards, so log recovery will never reach the root node and follow\nthose stale pointers.\n\nHowever, if a log shutdown occurs after the leaf/node block cancellations\ncommit but before the attr bmap truncation commits, this assumption\nbreaks. Recovery replays the attr bmap intact (the inode still has\nattr fork extents), but suppresses replay of all cancelled leaf/node\nblocks, maybe leaving them as stale data on disk. On the next mount,\nxlog_recover_process_iunlinks() retries inactivation and attempts to\nread the root node via the attr bmap. If the root node was not replayed,\nreading the unreplayed root block triggers a metadata verification\nfailure immediately; if it was replayed, following its child pointers\nto unreplayed child blocks triggers the same failure:\n\n XFS (pmem0): Metadata corruption detected at\n xfs_da3_node_read_verify+0x53/0x220, xfs_da3_node block 0x78\n XFS (pmem0): Unmount and run xfs_repair\n XFS (pmem0): First 128 bytes of corrupted metadata buffer:\n 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n XFS (pmem0): metadata I/O error in \"xfs_da_read_buf+0x104/0x190\" at daddr 0x78 len 8 error 117\n\nFix this in two places:\n\nIn xfs_attr3_node_inactive(), after calling xfs_trans_binval() on a\nchild block, immediately remove the entry that references it from the\nparent node in the same transaction. This eliminates the window where\nthe parent holds a pointer to a cancelled block. Once all children are\nremoved, the now-empty root node is converted to a leaf block within the\nsame transaction. This node-to-leaf conversion is necessary for crash\nsafety. If the system shutdown after the empty node is written to the\nlog but before the second-phase bmap truncation commits, log recovery\nwill attempt to verify the root block on disk. xfs_da3_node_verify()\ndoes not permit a node block with count == 0; such a block will fail\nverification and trigger a metadata corruption shutdown. on the other\nhand, leaf blocks are allowed to have this transient state.\n\nIn xfs_attr_inactive(), split the attr fork truncation into two explicit\nphases. First, truncate all extents beyond the root block (the child\nextents whose parent references have already been removed above).\nSecond, invalidate the root block and truncate the attr bmap to zero in\na single transaction. The two operations in the second phase must be\natomic: as long as the attr bmap has any non-zero length, recovery can\nfollow it to the root block, so the root block invalidation must commit\ntogether with the bmap-to-zero truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43053",
"url": "https://www.suse.com/security/cve/CVE-2026-43053"
},
{
"category": "external",
"summary": "SUSE Bug 1264084 for CVE-2026-43053",
"url": "https://bugzilla.suse.com/1264084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43053"
},
{
"cve": "CVE-2026-43074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: defer struct eventpoll free to RCU grace period\n\nIn certain situations, ep_free() in eventpoll.c will kfree the epi-\u003eep\neventpoll struct while it still being used by another concurrent thread.\nDefer the kfree() to an RCU callback to prevent UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43074",
"url": "https://www.suse.com/security/cve/CVE-2026-43074"
},
{
"category": "external",
"summary": "SUSE Bug 1264263 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "external",
"summary": "SUSE Bug 1265307 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1265307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-43074"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ioam6: fix OOB and missing lock\n\nWhen trace-\u003etype.bit6 is set:\n\n if (trace-\u003etype.bit6) {\n ...\n queue = skb_get_tx_queue(dev, skb);\n qdisc = rcu_dereference(queue-\u003eqdisc);\n\nThis code can lead to an out-of-bounds access of the dev-\u003e_tx[] array\nwhen is_input is true. In such a case, the packet is on the RX path and\nskb-\u003equeue_mapping contains the RX queue index of the ingress device. If\nthe ingress device has more RX queues than the egress device (dev) has\nTX queues, skb_get_queue_mapping(skb) will exceed dev-\u003enum_tx_queues.\nAdd a check to avoid this situation since skb_get_tx_queue() does not\nclamp the index. This issue has also revealed that per queue visibility\ncannot be accurate and will be replaced later as a new feature.\n\nWhile at it, add missing lock around qdisc_qstats_qlen_backlog(). The\nfunction __ioam6_fill_trace_data() is called from both softirq and\nprocess contexts, hence the use of spin_lock_bh() here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43083",
"url": "https://www.suse.com/security/cve/CVE-2026-43083"
},
{
"category": "external",
"summary": "SUSE Bug 1264266 for CVE-2026-43083",
"url": "https://bugzilla.suse.com/1264266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43083"
},
{
"cve": "CVE-2026-43101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()\n\nWe need to check __in6_dev_get() for possible NULL value, as\nsuggested by Yiming Qian.\n\nAlso add skb_dst_dev_rcu() instead of skb_dst_dev(),\nand two missing READ_ONCE().\n\nNote that @dev can\u0027t be NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43101",
"url": "https://www.suse.com/security/cve/CVE-2026-43101"
},
{
"category": "external",
"summary": "SUSE Bug 1264239 for CVE-2026-43101",
"url": "https://bugzilla.suse.com/1264239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43101"
},
{
"cve": "CVE-2026-43112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43112",
"url": "https://www.suse.com/security/cve/CVE-2026-43112"
},
{
"category": "external",
"summary": "SUSE Bug 1264437 for CVE-2026-43112",
"url": "https://bugzilla.suse.com/1264437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43112"
},
{
"cve": "CVE-2026-43119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status\n\n__hci_cmd_sync_sk() sets hdev-\u003ereq_status under hdev-\u003ereq_lock:\n\n hdev-\u003ereq_status = HCI_REQ_PEND;\n\nHowever, several other functions read or write hdev-\u003ereq_status without\nholding any lock:\n\n - hci_send_cmd_sync() reads req_status in hci_cmd_work (workqueue)\n - hci_cmd_sync_complete() reads/writes from HCI event completion\n - hci_cmd_sync_cancel() / hci_cmd_sync_cancel_sync() read/write\n - hci_abort_conn() reads in connection abort path\n\nSince __hci_cmd_sync_sk() runs on hdev-\u003ereq_workqueue while\nhci_send_cmd_sync() runs on hdev-\u003eworkqueue, these are different\nworkqueues that can execute concurrently on different CPUs. The plain\nC accesses constitute a data race.\n\nAdd READ_ONCE()/WRITE_ONCE() annotations on all concurrent accesses\nto hdev-\u003ereq_status to prevent potential compiler optimizations that\ncould affect correctness (e.g., load fusing in the wait_event\ncondition or store reordering).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43119",
"url": "https://www.suse.com/security/cve/CVE-2026-43119"
},
{
"category": "external",
"summary": "SUSE Bug 1264561 for CVE-2026-43119",
"url": "https://bugzilla.suse.com/1264561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43119"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nEFI/CPER: don\u0027t dump the entire memory region\n\nThe current logic at cper_print_fw_err() doesn\u0027t check if the\nerror record length is big enough to handle offset. On a bad firmware,\nif the ofset is above the actual record, length -= offset will\nunderflow, making it dump the entire memory.\n\nThe end result can be:\n\n - the logic taking a lot of time dumping large regions of memory;\n - data disclosure due to the memory dumps;\n - an OOPS, if it tries to dump an unmapped memory region.\n\nFix it by checking if the section length is too small before doing\na hex dump.\n\n[ rjw: Subject tweaks ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43171",
"url": "https://www.suse.com/security/cve/CVE-2026-43171"
},
{
"category": "external",
"summary": "SUSE Bug 1264549 for CVE-2026-43171",
"url": "https://bugzilla.suse.com/1264549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43171"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: prevent races in -\u003equery_interfaces()\n\nIt was possible for two query interface works to be concurrently trying\nto update the interfaces.\n\nPrevent this by checking and updating iface_last_update under\niface_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43239",
"url": "https://www.suse.com/security/cve/CVE-2026-43239"
},
{
"category": "external",
"summary": "SUSE Bug 1264444 for CVE-2026-43239",
"url": "https://bugzilla.suse.com/1264444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43239"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix event ring index not programmed for IPA v5.0+\n\nFor IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to\nCH_C_CNTXT_1. The v5.0 register definition intended to define this\nfield in the CH_C_CNTXT_1 fmask array but used the old identifier of\nERINDEX instead of CH_ERINDEX.\n\nWithout a valid event ring, GSI channels could never signal transfer\ncompletions. This caused gsi_channel_trans_quiesce() to block\nforever in wait_for_completion().\n\nAt least for IPA v5.2 this resolves an issue seen where runtime\nsuspend, system suspend, and remoteproc stop all hanged forever. It\nalso meant the IPA data path was completely non functional.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43345",
"url": "https://www.suse.com/security/cve/CVE-2026-43345"
},
{
"category": "external",
"summary": "SUSE Bug 1265103 for CVE-2026-43345",
"url": "https://bugzilla.suse.com/1265103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43345"
},
{
"cve": "CVE-2026-43405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Use u32 for non-negative values in ceph_monmap_decode()\n\nThis patch fixes unnecessary implicit conversions that change signedness\nof blob_len and num_mon in ceph_monmap_decode().\nCurrently blob_len and num_mon are (signed) int variables. They are used\nto hold values that are always non-negative and get assigned in\nceph_decode_32_safe(), which is meant to assign u32 values. Both\nvariables are subsequently used as unsigned values, and the value of\nnum_mon is further assigned to monmap-\u003enum_mon, which is of type u32.\nTherefore, both variables should be of type u32. This is especially\nrelevant for num_mon. If the value read from the incoming message is\nvery large, it is interpreted as a negative value, and the check for\nnum_mon \u003e CEPH_MAX_MON does not catch it. This leads to the attempt to\nallocate a very large chunk of memory for monmap, which will most likely\nfail. In this case, an unnecessary attempt to allocate memory is\nperformed, and -ENOMEM is returned instead of -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43405",
"url": "https://www.suse.com/security/cve/CVE-2026-43405"
},
{
"category": "external",
"summary": "SUSE Bug 1264741 for CVE-2026-43405",
"url": "https://bugzilla.suse.com/1264741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43405"
},
{
"cve": "CVE-2026-43469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: Decrement re_receiving on the early exit paths\n\nIn the event that rpcrdma_post_recvs() fails to create a work request\n(due to memory allocation failure, say) or otherwise exits early, we\nshould decrement ep-\u003ere_receiving before returning. Otherwise we will\nhang in rpcrdma_xprt_drain() as re_receiving will never reach zero and\nthe completion will never be triggered.\n\nOn a system with high memory pressure, this can appear as the following\nhung task:\n\n INFO: task kworker/u385:17:8393 blocked for more than 122 seconds.\n Tainted: G S E 6.19.0 #3\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u385:17 state:D stack:0 pid:8393 tgid:8393 ppid:2 task_flags:0x4248060 flags:0x00080000\n Workqueue: xprtiod xprt_autoclose [sunrpc]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x48b/0x18b0\n ? ib_post_send_mad+0x247/0xae0 [ib_core]\n schedule+0x27/0xf0\n schedule_timeout+0x104/0x110\n __wait_for_common+0x98/0x180\n ? __pfx_schedule_timeout+0x10/0x10\n wait_for_completion+0x24/0x40\n rpcrdma_xprt_disconnect+0x444/0x460 [rpcrdma]\n xprt_rdma_close+0x12/0x40 [rpcrdma]\n xprt_autoclose+0x5f/0x120 [sunrpc]\n process_one_work+0x191/0x3e0\n worker_thread+0x2e3/0x420\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x230\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x273/0x2b0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43469",
"url": "https://www.suse.com/security/cve/CVE-2026-43469"
},
{
"category": "external",
"summary": "SUSE Bug 1265143 for CVE-2026-43469",
"url": "https://bugzilla.suse.com/1265143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43469"
},
{
"cve": "CVE-2026-43491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit the maximum server registration per node\n\nCurrent code does no bound checking on the number of servers added per\nnode. A malicious client can flood NEW_SERVER messages and exhaust memory.\n\nFix this issue by limiting the maximum number of server registrations to\n256 per node. If the NEW_SERVER message is received for an old port, then\ndon\u0027t restrict it as it will get replaced. While at it, also rate limit\nthe error messages in the failure path of qrtr_ns_worker().\n\nNote that the limit of 256 is chosen based on the current platform\nrequirements. If requirement changes in the future, this limit can be\nincreased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43491",
"url": "https://www.suse.com/security/cve/CVE-2026-43491"
},
{
"category": "external",
"summary": "SUSE Bug 1265628 for CVE-2026-43491",
"url": "https://bugzilla.suse.com/1265628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-43491"
},
{
"cve": "CVE-2026-45840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: cap upcall PID array size and pre-size vport replies\n\nThe vport netlink reply helpers allocate a fixed-size skb with\nnlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\narray via ovs_vport_get_upcall_portids(). Since\novs_vport_set_upcall_portids() accepts any non-zero multiple of\nsizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\narray large enough to overflow the reply buffer, causing nla_put() to\nfail with -EMSGSIZE and hitting BUG_ON(err \u003c 0). On systems with\nunprivileged user namespaces enabled (e.g., Ubuntu default), this is\nreachable via unshare -Urn since OVS vport mutation operations use\nGENL_UNS_ADMIN_PERM.\n\n kernel BUG at net/openvswitch/datapath.c:2414!\n Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n genl_rcv_msg (net/netlink/genetlink.c:1194)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sys_sendto (net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nReject attempts to set more PIDs than nr_cpu_ids in\novs_vport_set_upcall_portids(), and pre-compute the worst-case reply\nsize in ovs_vport_cmd_msg_size() based on that bound, similar to the\nexisting ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\nused by the per-CPU dispatch configuration on the datapath side\n(ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\ntwo sides stay consistent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45840",
"url": "https://www.suse.com/security/cve/CVE-2026-45840"
},
{
"category": "external",
"summary": "SUSE Bug 1266397 for CVE-2026-45840",
"url": "https://bugzilla.suse.com/1266397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45840"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Flush cache for PASID table before using it\n\nWhen writing the address of a freshly allocated zero-initialized PASID\ntable to a PASID directory entry, do that after the CPU cache flush for\nthis PASID table, not before it, to avoid the time window when this\nPASID table may be already used by non-coherent IOMMU hardware while\nits contents in RAM is still some random old data, not zero-initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45862",
"url": "https://www.suse.com/security/cve/CVE-2026-45862"
},
{
"category": "external",
"summary": "SUSE Bug 1266705 for CVE-2026-45862",
"url": "https://bugzilla.suse.com/1266705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45862"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clear Present bit before tearing down PASID entry\n\nThe Intel VT-d Scalable Mode PASID table entry consists of 512 bits (64\nbytes). When tearing down an entry, the current implementation zeros the\nentire 64-byte structure immediately using multiple 64-bit writes.\n\nSince the IOMMU hardware may fetch these 64 bytes using multiple\ninternal transactions (e.g., four 128-bit bursts), updating or zeroing\nthe entire entry while it is active (P=1) risks a \"torn\" read. If a\nhardware fetch occurs simultaneously with the CPU zeroing the entry, the\nhardware could observe an inconsistent state, leading to unpredictable\nbehavior or spurious faults.\n\nFollow the \"Guidance to Software for Invalidations\" in the VT-d spec\n(Section 6.5.3.3) by implementing the recommended ownership handshake:\n\n1. Clear only the \u0027Present\u0027 (P) bit of the PASID entry.\n2. Use a dma_wmb() to ensure the cleared bit is visible to hardware\n before proceeding.\n3. Execute the required invalidation sequence (PASID cache, IOTLB, and\n Device-TLB flush) to ensure the hardware has released all cached\n references.\n4. Only after the flushes are complete, zero out the remaining fields\n of the PASID entry.\n\nAlso, add a dma_wmb() in pasid_set_present() to ensure that all other\nfields of the PASID entry are visible to the hardware before the Present\nbit is set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45894",
"url": "https://www.suse.com/security/cve/CVE-2026-45894"
},
{
"category": "external",
"summary": "SUSE Bug 1266895 for CVE-2026-45894",
"url": "https://bugzilla.suse.com/1266895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45894"
},
{
"cve": "CVE-2026-45940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix oops when split header is enabled\n\nFor GMAC4, when split header is enabled, in some rare cases, the\nhardware does not fill buf2 of the first descriptor with payload.\nThus we cannot assume buf2 is always fully filled if it is not\nthe last descriptor. Otherwise, the length of buf2 of the second\ndescriptor will be calculated wrong and cause an oops:\n\nUnable to handle kernel paging request at virtual address ffff00019246bfc0\n...\nx2 : 0000000000000040 x1 : ffff00019246bfc0 x0 : ffff00009246c000\nCall trace:\n dcache_inval_poc+0x28/0x58 (P)\n dma_direct_sync_single_for_cpu+0x38/0x6c\n __dma_sync_single_for_cpu+0x34/0x6c\n stmmac_napi_poll_rx+0x8f0/0xb60\n __napi_poll.constprop.0+0x30/0x144\n net_rx_action+0x160/0x274\n handle_softirqs+0x1b8/0x1fc\n...\n\nTo fix this, the PL bit-field in RDES3 register is used for all\ndescriptors, whether it is the last descriptor or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45940",
"url": "https://www.suse.com/security/cve/CVE-2026-45940"
},
{
"category": "external",
"summary": "SUSE Bug 1266916 for CVE-2026-45940",
"url": "https://bugzilla.suse.com/1266916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45940"
},
{
"cve": "CVE-2026-45961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix memory leaks in gfs2_fill_super error path\n\nFix two memory leaks in the gfs2_fill_super() error handling path when\ntransitioning a filesystem to read-write mode fails.\n\nFirst leak: kthread objects (thread_struct, task_struct, etc.)\nWhen gfs2_freeze_lock_shared() fails after init_threads() succeeds, the\ncreated kernel threads (logd and quotad) are never destroyed. This\noccurs because the fail_per_node label doesn\u0027t call\ngfs2_destroy_threads().\n\nSecond leak: quota bitmap buffer (8192 bytes)\nWhen gfs2_make_fs_rw() fails after gfs2_quota_init() succeeds but\nbefore other operations complete, the allocated quota bitmap is never\nfreed.\n\nThe fix moves thread cleanup to the fail_per_node label to handle all\nerror paths uniformly. gfs2_destroy_threads() is safe to call\nunconditionally as it checks for NULL pointers. Quota cleanup is added\nin gfs2_make_fs_rw() to properly handle the withdrawal case where\nquota initialization succeeds but the filesystem is then withdrawn.\n\nThread leak backtrace (gfs2_freeze_lock_shared failure):\n unreferenced object 0xffff88801d7bca80 (size 4480):\n copy_process+0x3a1/0x4670 kernel/fork.c:2422\n kernel_clone+0xf3/0x6e0 kernel/fork.c:2779\n kthread_create_on_node+0x100/0x150 kernel/kthread.c:478\n init_threads+0xab/0x350 fs/gfs2/ops_fstype.c:611\n gfs2_fill_super+0xe5c/0x1240 fs/gfs2/ops_fstype.c:1265\n\nQuota leak backtrace (gfs2_make_fs_rw failure):\n unreferenced object 0xffff88812de7c000 (size 8192):\n gfs2_quota_init+0xe5/0x820 fs/gfs2/quota.c:1409\n gfs2_make_fs_rw+0x7a/0xe0 fs/gfs2/super.c:149\n gfs2_fill_super+0xfbb/0x1240 fs/gfs2/ops_fstype.c:1275",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45961",
"url": "https://www.suse.com/security/cve/CVE-2026-45961"
},
{
"category": "external",
"summary": "SUSE Bug 1266933 for CVE-2026-45961",
"url": "https://bugzilla.suse.com/1266933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "low"
}
],
"title": "CVE-2026-45961"
},
{
"cve": "CVE-2026-45964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix gss_auth kref leak in gss_alloc_msg error path\n\nCommit 5940d1cf9f42 (\"SUNRPC: Rebalance a kref in auth_gss.c\") added\na kref_get(\u0026gss_auth-\u003ekref) call to balance the gss_put_auth() done\nin gss_release_msg(), but forgot to add a corresponding kref_put()\non the error path when kstrdup_const() fails.\n\nIf service_name is non-NULL and kstrdup_const() fails, the function\njumps to err_put_pipe_version which calls put_pipe_version() and\nkfree(gss_msg), but never releases the gss_auth reference. This leads\nto a kref leak where the gss_auth structure is never freed.\n\nAdd a forward declaration for gss_free_callback() and call kref_put()\nin the err_put_pipe_version error path to properly release the\nreference taken earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45964",
"url": "https://www.suse.com/security/cve/CVE-2026-45964"
},
{
"category": "external",
"summary": "SUSE Bug 1266698 for CVE-2026-45964",
"url": "https://bugzilla.suse.com/1266698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45964"
},
{
"cve": "CVE-2026-45965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix invalid deref of rawdata when export_binary is unset\n\nIf the export_binary parameter is disabled on runtime, profiles that\nwere loaded before that will still have their rawdata stored in\napparmorfs, with a symbolic link to the rawdata on the policy\ndirectory. When one of those profiles are replaced, the rawdata is set\nto NULL, but when trying to resolve the symbolic links to rawdata for\nthat profile, it will try to dereference profile-\u003erawdata-\u003ename when\nprofile-\u003erawdata is now NULL causing an oops. Fix it by checking if\nrawdata is set.\n\n[ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088\n[ 168.657420] #PF: supervisor read access in kernel mode\n[ 168.660619] #PF: error_code(0x0000) - not-present page\n[ 168.663613] PGD 0 P4D 0\n[ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary)\n[ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330\n[ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 \u003c48\u003e 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8\n[ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282\n[ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158\n[ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80\n[ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000\n[ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80\n[ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0\n[ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000\n[ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0\n[ 168.701696] Call Trace:\n[ 168.702325] \u003cTASK\u003e\n[ 168.702995] rawdata_get_link_data+0x1c/0x30\n[ 168.704145] vfs_readlink+0xd4/0x160\n[ 168.705152] do_readlinkat+0x114/0x180\n[ 168.706214] __x64_sys_readlink+0x1e/0x30\n[ 168.708653] x64_sys_call+0x1d77/0x26b0\n[ 168.709525] do_syscall_64+0x81/0x500\n[ 168.710348] ? do_statx+0x72/0xb0\n[ 168.711109] ? putname+0x3e/0x80\n[ 168.711845] ? __x64_sys_statx+0xb7/0x100\n[ 168.712711] ? x64_sys_call+0x10fc/0x26b0\n[ 168.713577] ? do_syscall_64+0xbf/0x500\n[ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0\n[ 168.715404] ? irqentry_exit+0xb2/0x740\n[ 168.716359] ? exc_page_fault+0x90/0x1b0\n[ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45965",
"url": "https://www.suse.com/security/cve/CVE-2026-45965"
},
{
"category": "external",
"summary": "SUSE Bug 1267208 for CVE-2026-45965",
"url": "https://bugzilla.suse.com/1267208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45965"
},
{
"cve": "CVE-2026-45974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45974",
"url": "https://www.suse.com/security/cve/CVE-2026-45974"
},
{
"category": "external",
"summary": "SUSE Bug 1266922 for CVE-2026-45974",
"url": "https://bugzilla.suse.com/1266922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-45974"
},
{
"cve": "CVE-2026-46005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix a resource leak in xfs_alloc_buftarg()\n\nIn the error path, call fs_put_dax() to drop the DAX\ndevice reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46005",
"url": "https://www.suse.com/security/cve/CVE-2026-46005"
},
{
"category": "external",
"summary": "SUSE Bug 1267431 for CVE-2026-46005",
"url": "https://bugzilla.suse.com/1267431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46005"
},
{
"cve": "CVE-2026-46037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: icmp: validate reply type before using icmp_pointers\n\nExtended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type.\nThat value is outside the range covered by icmp_pointers[], which only\ndescribes the traditional ICMP types up to NR_ICMP_TYPES.\n\nAvoid consulting icmp_pointers[] for reply types outside that range, and\nuse array_index_nospec() for the remaining in-range lookup. Normal ICMP\nreplies keep their existing behavior unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46037",
"url": "https://www.suse.com/security/cve/CVE-2026-46037"
},
{
"category": "external",
"summary": "SUSE Bug 1267361 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "external",
"summary": "SUSE Bug 1267362 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-46037"
},
{
"cve": "CVE-2026-46101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: reject zero shift in nft_bitwise\n\nReject zero shift operands for nft_bitwise left and right shift\nexpressions during initialization.\n\nThe carry propagation logic computes the carry from the adjacent 32-bit\nword using BITS_PER_TYPE(u32) - shift. A zero shift operand turns this\ninto a 32-bit shift, which is undefined behaviour.\n\nReject zero shift operands in the control plane, alongside the existing\ncheck for values greater than or equal to 32, so malformed rules never\nreach the packet path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46101",
"url": "https://www.suse.com/security/cve/CVE-2026-46101"
},
{
"category": "external",
"summary": "SUSE Bug 1266878 for CVE-2026-46101",
"url": "https://bugzilla.suse.com/1266878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46101"
},
{
"cve": "CVE-2026-46119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix slab-out-of-bounds access in auth message processing\n\nIf a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY\ncontains a positive value in its result field, it is treated as an\nerror code by ceph_handle_auth_reply() and returned to\nhandle_auth_reply(). Thereafter, an attempt is made to send the\npreallocated message of type CEPH_MSG_AUTH, where the returned value is\ninterpreted as the size of the front segment to send. If the result\nvalue in the message is greater than the size of the memory buffer\nallocated for the front segment, an out-of-bounds access occurs, and\nthe content of the memory region beyond this buffer is sent out.\n\nThis patch fixes the issue by treating only negative values in the\nresult field as errors. Positive values are therefore treated as success\nin the same way as a zero value. Additionally, a BUG_ON is added to\n__send_prepared_auth_request() comparing the len parameter to\nfront_alloc_len to prevent sending the message if it exceeds the bounds\nof the allocation and to make it easier to catch any logic flaws leading\nto this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46119",
"url": "https://www.suse.com/security/cve/CVE-2026-46119"
},
{
"category": "external",
"summary": "SUSE Bug 1267628 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "external",
"summary": "SUSE Bug 1267894 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46119"
},
{
"cve": "CVE-2026-46120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: Use cached t-\u003enet in ip6erspan_changelink().\n\nAfter commit 5e72ce3e3980 (\"net: ipv6: Use link netns in newlink() of\nrtnl_link_ops\"), ip6erspan_newlink() correctly resolves the per-netns\nip6gre hash via link_net. ip6erspan_changelink() was not converted in\nthat series and still uses dev_net(dev), which diverges from the\ndevice\u0027s creation netns after IFLA_NET_NS_FD migration.\n\nThis re-inserts the tunnel into the wrong per-netns hash. The\noriginal netns keeps a stale entry. When that netns is later\ndestroyed, ip6gre_exit_rtnl_net() walks the stale entry, producing a\nslab-use-after-free reported by KASAN, followed by a kernel BUG at\nnet/core/dev.c (LIST_POISON1) in unregister_netdevice_many_notify().\n\nReachable from an unprivileged user namespace (unshare --user\n--map-root-user --net).\n\nip6gre_changelink() earlier in the same file already uses the cached\nt-\u003enet; only ip6erspan_changelink() has the wrong shape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46120",
"url": "https://www.suse.com/security/cve/CVE-2026-46120"
},
{
"category": "external",
"summary": "SUSE Bug 1267640 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "external",
"summary": "SUSE Bug 1267893 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-46120"
},
{
"cve": "CVE-2026-46123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: virtio_bt: clamp rx length before skb_put\n\nvirtbt_rx_work() calls skb_put(skb, len) where len comes directly\nfrom virtqueue_get_buf() with no validation against the buffer we\nposted to the device. The RX skb is allocated in virtbt_add_inbuf()\nand exposed to virtio as exactly 1000 bytes via sg_init_one().\n\nChecking len against skb_tailroom(skb) is not sufficient because\nalloc_skb() can leave more tailroom than the 1000 bytes actually\nhanded to the device. A malicious or buggy backend can therefore\nreport used.len between 1001 and skb_tailroom(skb), causing skb_put()\nto include uninitialized kernel heap bytes that were never written by\nthe device.\n\nThe same path also accepts len == 0, in which case skb_put(skb, 0)\nleaves the skb empty but virtbt_rx_handle() still reads the pkt_type\nbyte from skb-\u003edata, consuming uninitialized memory.\n\nDefine VIRTBT_RX_BUF_SIZE once and reuse it in alloc_skb() and\nsg_init_one(), and gate virtbt_rx_work() on that same constant so\nthe bound checked matches the buffer actually exposed to the device.\nReject used.len == 0 in the same gate so an empty completion can\nno longer reach virtbt_rx_handle().\n\nUse bt_dev_err_ratelimited() because the length value comes from an\nuntrusted backend that can otherwise flood the kernel log.\n\nSame class of bug as commit c04db81cd028 (\"net/9p: Fix buffer\noverflow in USB transport layer\"), which hardened the USB 9p\ntransport against unchecked device-reported length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46123",
"url": "https://www.suse.com/security/cve/CVE-2026-46123"
},
{
"category": "external",
"summary": "SUSE Bug 1267621 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "external",
"summary": "SUSE Bug 1267622 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-46123"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: xfrm6: release dst on error in xfrm6_rcv_encap()\n\nxfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not\nalready have a dst attached. ip6_route_input_lookup() returns a\nreferenced dst entry even when the lookup resolves to an error route.\n\nIf dst-\u003eerror is set, xfrm6_rcv_encap() drops the skb without attaching\nthe dst to the skb and without releasing the reference returned by the\nlookup. Repeated packets hitting this path therefore leak dst entries.\n\nRelease the dst before jumping to the drop path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46172",
"url": "https://www.suse.com/security/cve/CVE-2026-46172"
},
{
"category": "external",
"summary": "SUSE Bug 1266903 for CVE-2026-46172",
"url": "https://bugzilla.suse.com/1266903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46172"
},
{
"cve": "CVE-2026-46197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: validate SVM ioctl nattr against buffer size\n\nValidate nattr field against the buffer size, preventing\nout-of-bounds buffer access via user-controlled attribute count.\n\n(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46197",
"url": "https://www.suse.com/security/cve/CVE-2026-46197"
},
{
"category": "external",
"summary": "SUSE Bug 1267381 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "external",
"summary": "SUSE Bug 1267382 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-46197"
},
{
"cve": "CVE-2026-46227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep-\u003easocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs. The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep-\u003easocs), and optionally close the new socket which frees the\nassociation via kfree_rcu(). The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc-\u003ebase.sk\" and \"asoc-\u003ebase.dead\" checks, but nothing\nrevalidates @tmp. After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint\u0027s list head (type\nconfusion of \u0026newep-\u003easocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched-\u003einit_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns. @asoc is known to still be on ep-\u003easocs at that point: the\nonly callers that list_del an association from ep-\u003easocs are\nsctp_association_free() (which sets asoc-\u003ebase.dead) and\nsctp_assoc_migrate() (which changes asoc-\u003ebase.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err \u003c 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits \u0027continue\u0027 before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46227",
"url": "https://www.suse.com/security/cve/CVE-2026-46227"
},
{
"category": "external",
"summary": "SUSE Bug 1267697 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "external",
"summary": "SUSE Bug 1267698 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "important"
}
],
"title": "CVE-2026-46227"
},
{
"cve": "CVE-2026-46244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong - points to extension header start) and l4proto\n(correct - e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()\u0027s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()\u0027s calculated transport header offset is\npreserved, thereby fixing the desynchronization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46244",
"url": "https://www.suse.com/security/cve/CVE-2026-46244"
},
{
"category": "external",
"summary": "SUSE Bug 1267654 for CVE-2026-46244",
"url": "https://bugzilla.suse.com/1267654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T16:55:30Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
}
]
}
SUSE-SU-2026:2450-1
Vulnerability from csaf_suse - Published: 2026-06-18 13:36 - Updated: 2026-06-18 13:36| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-10263: arm64: Add workaround for Cortex-A76 erratum 1286807 (bsc#1266290).\n- CVE-2025-40253: s390/ctcm: Fix double-kfree (bsc#1255084).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2026-3150: bcache: fix cached_dev.sb_bio use-after-free and crash (bsc#1263169).\n- CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race (bsc#1260018).\n- CVE-2026-23279: wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (bsc#1260468).\n- CVE-2026-23303: smb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds (bsc#1260502).\n- CVE-2026-23367: wifi: radiotap: reject radiotap with unknown bits (bsc#1260731).\n- CVE-2026-23396: wifi: mac80211: fix NULL deref in mesh_matches_local() (bsc#1260729).\n- CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307).\n- CVE-2026-23448: net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check (bsc#1261750).\n- CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables (bsc#1261700).\n- CVE-2026-31415: ipv6: avoid overflows in ip6_datagram_send_ctl() (bsc#1262099).\n- CVE-2026-31421: net/sched: cls_fw: fix NULL pointer dereference on shared blocks (bsc#1262061).\n- CVE-2026-31447: ext4: reject mount if bigalloc with s_first_data_block != 0 (bsc#1262614).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n (bsc#1267816).\n- CVE-2026-31498: Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop (bsc#1262751).\n- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).\n- CVE-2026-31515: af_key: validate families in pfkey_send_migrate() (bsc#1262752).\n- CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755).\n- CVE-2026-31532: can: af_can: export can_sock_destruct() (bsc#1262757).\n- CVE-2026-31540: drm/i915/gt: Check set_default_submission() before deferencing (bsc#1263011).\n- CVE-2026-31546: net: bonding: fix NULL deref in bond_debug_rlb_hash_show (bsc#1263006).\n- CVE-2026-31588: KVM: x86: Use scratch field in MMIO fragment to hold small write values (bsc#1263165).\n- CVE-2026-31590: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (bsc#1263152).\n- CVE-2026-31596: ocfs2: handle invalid dinode in ocfs2_group_extend (bsc#1263319).\n- CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790).\n- CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).\n- CVE-2026-31668: seg6: separate dst_cache for input and output paths in seg6 lwtunnel (bsc#1263140).\n- CVE-2026-31671: xfrm_user: fix info leak in build_report() (bsc#1263115).\n- CVE-2026-31673: af_unix: read UNIX_DIAG_VFS data under unix_state_lock (bsc#1263143).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31778: ALSA: caiaq: fix stack out-of-bounds read in init_card (bsc#1263923).\n- CVE-2026-43020: Bluetooth: MGMT: validate LTK enc_size on load (bsc#1264006).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43026: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (bsc#1263932).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43037: ip6_tunnel: clear skb2-\u003ecb in ip4ip6_err() (bsc#1263995).\n- CVE-2026-43038: ipv6: icmp: clear skb2-\u003ecb in ip6_err_gen_icmpv6_unreach() (bsc#1264097).\n- CVE-2026-43040: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-\n leak (bsc#1264091).\n- CVE-2026-43052: wifi: mac80211: check tdls flag in ieee80211_tdls_oper (bsc#1263945).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43140: HID: magicmouse: Do not crash on missing msc-\u003einput (bsc#1264630).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551).\n- CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409).\n- CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719).\n- CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722).\n- CVE-2026-43407: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() (bsc#1265020).\n- CVE-2026-43413: scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1264671).\n- CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669).\n- CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001).\n- CVE-2026-43503: net: skbuff: propagate shared-frag marker through frag-transfer helpers (bsc#1265960).\n- CVE-2026-45835: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() (bsc#1266411).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45842: slip: reject VJ receive packets on instances with no rstate array (bsc#1266400).\n- CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395).\n- CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205).\n- CVE-2026-45983: nfsd: never defer requests during idmap lookup (bsc#1266697).\n- CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220).\n- CVE-2026-46024: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (bsc#1267218).\n- CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901).\n- CVE-2026-46090: ALSA: aloop: Fix peer runtime UAF during format-change stop (bsc#1267531).\n- CVE-2026-46113: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (bsc#1266969).\n- CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369).\n- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).\n- CVE-2026-46157: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (bsc#1267726).\n- CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652).\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46169: hfsplus: fix uninit-value by validating catalog record size (bsc#1267713).\n- CVE-2026-46181: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (bsc#1266826).\n- CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions (bsc#1266238).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).\n\nThe following non security issues were fixed:\n\n- arm64: tlb: Allow XZR argument to TLBI ops (git-fixes).\n- arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes).\n- bcache: fix uninitialized closure object (git-fixes).\n- check-for-config-changes: Exclude CC_MS_EXTENSIONS.\n- check-for-config-changes: Exclude HAVE_CFI_ICALL_NORMALIZE_INTEGERS{,_RUSTC}.\n- kvm/svm: PKU not currently supported (bsc#1263887).\n- KVM: x86: Handle PKU CPUID adjustment in VMX code (bsc#1263887).\n- mkspec: Add signature to source list only when it exists.\n- net/sched: cls_fw: fix NULL dereference of \u0027old\u0027 filters before change() (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2450,SUSE-SLE-Live-Patching-12-SP5-2026-2450,SUSE-SLE-SERVER-12-SP5-LTSS-2026-2450,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2450",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2450-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2450-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262450-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2450-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026829.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255084",
"url": "https://bugzilla.suse.com/1255084"
},
{
"category": "self",
"summary": "SUSE Bug 1255416",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1258538",
"url": "https://bugzilla.suse.com/1258538"
},
{
"category": "self",
"summary": "SUSE Bug 1260018",
"url": "https://bugzilla.suse.com/1260018"
},
{
"category": "self",
"summary": "SUSE Bug 1260468",
"url": "https://bugzilla.suse.com/1260468"
},
{
"category": "self",
"summary": "SUSE Bug 1260502",
"url": "https://bugzilla.suse.com/1260502"
},
{
"category": "self",
"summary": "SUSE Bug 1260729",
"url": "https://bugzilla.suse.com/1260729"
},
{
"category": "self",
"summary": "SUSE Bug 1260731",
"url": "https://bugzilla.suse.com/1260731"
},
{
"category": "self",
"summary": "SUSE Bug 1261700",
"url": "https://bugzilla.suse.com/1261700"
},
{
"category": "self",
"summary": "SUSE Bug 1261750",
"url": "https://bugzilla.suse.com/1261750"
},
{
"category": "self",
"summary": "SUSE Bug 1262061",
"url": "https://bugzilla.suse.com/1262061"
},
{
"category": "self",
"summary": "SUSE Bug 1262099",
"url": "https://bugzilla.suse.com/1262099"
},
{
"category": "self",
"summary": "SUSE Bug 1262614",
"url": "https://bugzilla.suse.com/1262614"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262656",
"url": "https://bugzilla.suse.com/1262656"
},
{
"category": "self",
"summary": "SUSE Bug 1262751",
"url": "https://bugzilla.suse.com/1262751"
},
{
"category": "self",
"summary": "SUSE Bug 1262752",
"url": "https://bugzilla.suse.com/1262752"
},
{
"category": "self",
"summary": "SUSE Bug 1262755",
"url": "https://bugzilla.suse.com/1262755"
},
{
"category": "self",
"summary": "SUSE Bug 1262757",
"url": "https://bugzilla.suse.com/1262757"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263006",
"url": "https://bugzilla.suse.com/1263006"
},
{
"category": "self",
"summary": "SUSE Bug 1263011",
"url": "https://bugzilla.suse.com/1263011"
},
{
"category": "self",
"summary": "SUSE Bug 1263012",
"url": "https://bugzilla.suse.com/1263012"
},
{
"category": "self",
"summary": "SUSE Bug 1263115",
"url": "https://bugzilla.suse.com/1263115"
},
{
"category": "self",
"summary": "SUSE Bug 1263140",
"url": "https://bugzilla.suse.com/1263140"
},
{
"category": "self",
"summary": "SUSE Bug 1263143",
"url": "https://bugzilla.suse.com/1263143"
},
{
"category": "self",
"summary": "SUSE Bug 1263152",
"url": "https://bugzilla.suse.com/1263152"
},
{
"category": "self",
"summary": "SUSE Bug 1263165",
"url": "https://bugzilla.suse.com/1263165"
},
{
"category": "self",
"summary": "SUSE Bug 1263169",
"url": "https://bugzilla.suse.com/1263169"
},
{
"category": "self",
"summary": "SUSE Bug 1263319",
"url": "https://bugzilla.suse.com/1263319"
},
{
"category": "self",
"summary": "SUSE Bug 1263562",
"url": "https://bugzilla.suse.com/1263562"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263790",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "self",
"summary": "SUSE Bug 1263887",
"url": "https://bugzilla.suse.com/1263887"
},
{
"category": "self",
"summary": "SUSE Bug 1263923",
"url": "https://bugzilla.suse.com/1263923"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263932",
"url": "https://bugzilla.suse.com/1263932"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263945",
"url": "https://bugzilla.suse.com/1263945"
},
{
"category": "self",
"summary": "SUSE Bug 1263995",
"url": "https://bugzilla.suse.com/1263995"
},
{
"category": "self",
"summary": "SUSE Bug 1264006",
"url": "https://bugzilla.suse.com/1264006"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264091",
"url": "https://bugzilla.suse.com/1264091"
},
{
"category": "self",
"summary": "SUSE Bug 1264097",
"url": "https://bugzilla.suse.com/1264097"
},
{
"category": "self",
"summary": "SUSE Bug 1264409",
"url": "https://bugzilla.suse.com/1264409"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264551",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264630",
"url": "https://bugzilla.suse.com/1264630"
},
{
"category": "self",
"summary": "SUSE Bug 1264669",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "self",
"summary": "SUSE Bug 1264671",
"url": "https://bugzilla.suse.com/1264671"
},
{
"category": "self",
"summary": "SUSE Bug 1264716",
"url": "https://bugzilla.suse.com/1264716"
},
{
"category": "self",
"summary": "SUSE Bug 1264719",
"url": "https://bugzilla.suse.com/1264719"
},
{
"category": "self",
"summary": "SUSE Bug 1264722",
"url": "https://bugzilla.suse.com/1264722"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1265020",
"url": "https://bugzilla.suse.com/1265020"
},
{
"category": "self",
"summary": "SUSE Bug 1265456",
"url": "https://bugzilla.suse.com/1265456"
},
{
"category": "self",
"summary": "SUSE Bug 1265960",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "self",
"summary": "SUSE Bug 1266001",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "self",
"summary": "SUSE Bug 1266214",
"url": "https://bugzilla.suse.com/1266214"
},
{
"category": "self",
"summary": "SUSE Bug 1266238",
"url": "https://bugzilla.suse.com/1266238"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266307",
"url": "https://bugzilla.suse.com/1266307"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266395",
"url": "https://bugzilla.suse.com/1266395"
},
{
"category": "self",
"summary": "SUSE Bug 1266400",
"url": "https://bugzilla.suse.com/1266400"
},
{
"category": "self",
"summary": "SUSE Bug 1266411",
"url": "https://bugzilla.suse.com/1266411"
},
{
"category": "self",
"summary": "SUSE Bug 1266697",
"url": "https://bugzilla.suse.com/1266697"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266711",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "self",
"summary": "SUSE Bug 1266826",
"url": "https://bugzilla.suse.com/1266826"
},
{
"category": "self",
"summary": "SUSE Bug 1266901",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "self",
"summary": "SUSE Bug 1266969",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "self",
"summary": "SUSE Bug 1267205",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "self",
"summary": "SUSE Bug 1267218",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "self",
"summary": "SUSE Bug 1267220",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "self",
"summary": "SUSE Bug 1267369",
"url": "https://bugzilla.suse.com/1267369"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267531",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267652",
"url": "https://bugzilla.suse.com/1267652"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267713",
"url": "https://bugzilla.suse.com/1267713"
},
{
"category": "self",
"summary": "SUSE Bug 1267726",
"url": "https://bugzilla.suse.com/1267726"
},
{
"category": "self",
"summary": "SUSE Bug 1267732",
"url": "https://bugzilla.suse.com/1267732"
},
{
"category": "self",
"summary": "SUSE Bug 1267816",
"url": "https://bugzilla.suse.com/1267816"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40253 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68324 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23271 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23271/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23279 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23279/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23303 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23367 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23367/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23396 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23444 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23448 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31415 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31421 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31421/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31447 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31447/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31464 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31498 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-3150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-3150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31515 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31515/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31516 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31532 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31532/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31540 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31546 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31588 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31590 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31596 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31629 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31668 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31671 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31673 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31678 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31778 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43020 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43026 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43038 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43040 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43052 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43140 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43206 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43234 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43338 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43361 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43407 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43413 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43503 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45842 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45843 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45852 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45970 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45983 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46021 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46043 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46090 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46113 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46116 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46157 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46159 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46169 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46181 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-06-18T13:36:00Z",
"generator": {
"date": "2026-06-18T13:36:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2450-1",
"initial_release_date": "2026-06-18T13:36:00Z",
"revision_history": [
{
"date": "2026-06-18T13:36:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.317.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.317.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.317.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.317.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.317.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.317.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.317.1.aarch64",
"product_id": "kernel-default-4.12.14-122.317.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.317.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.317.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.317.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.317.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.317.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.317.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.317.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.317.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.317.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.317.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.317.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.317.1.noarch",
"product_id": "kernel-devel-4.12.14-122.317.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.317.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.317.1.noarch",
"product_id": "kernel-macros-4.12.14-122.317.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.317.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.317.1.noarch",
"product_id": "kernel-source-4.12.14-122.317.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.317.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.317.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.317.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.317.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.317.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.317.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.317.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.317.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.317.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.317.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.317.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.317.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.317.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.317.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.317.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.317.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.317.1.s390x",
"product_id": "kernel-default-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.317.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.317.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.317.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.317.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.317.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.317.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.317.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.317.1.s390x",
"product_id": "kernel-syms-4.12.14-122.317.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.317.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.317.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.317.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.317.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.317.1.x86_64",
"product_id": "kernel-default-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.317.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.317.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.317.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.317.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.317.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.317.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.317.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.317.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.317.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-40253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40253"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ctcm: Fix double-kfree\n\nThe function \u0027mpc_rcvd_sweep_req(mpcginfo)\u0027 is called conditionally\nfrom function \u0027ctcmpc_unpack_skb\u0027. It frees passed mpcginfo.\nAfter that a call to function \u0027kfree\u0027 in function \u0027ctcmpc_unpack_skb\u0027\nfrees it again.\n\nRemove \u0027kfree\u0027 call in function \u0027mpc_rcvd_sweep_req(mpcginfo)\u0027.\n\nBug detected by the clang static analyzer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40253",
"url": "https://www.suse.com/security/cve/CVE-2025-40253"
},
{
"category": "external",
"summary": "SUSE Bug 1255084 for CVE-2025-40253",
"url": "https://bugzilla.suse.com/1255084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-40253"
},
{
"cve": "CVE-2025-68324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: imm: Fix use-after-free bug caused by unfinished delayed work\n\nThe delayed work item \u0027imm_tq\u0027 is initialized in imm_attach() and\nscheduled via imm_queuecommand() for processing SCSI commands. When the\nIMM parallel port SCSI host adapter is detached through imm_detach(),\nthe imm_struct device instance is deallocated.\n\nHowever, the delayed work might still be pending or executing\nwhen imm_detach() is called, leading to use-after-free bugs\nwhen the work function imm_interrupt() accesses the already\nfreed imm_struct memory.\n\nThe race condition can occur as follows:\n\nCPU 0(detach thread) | CPU 1\n | imm_queuecommand()\n | imm_queuecommand_lck()\nimm_detach() | schedule_delayed_work()\n kfree(dev) //FREE | imm_interrupt()\n | dev = container_of(...) //USE\n dev-\u003e //USE\n\nAdd disable_delayed_work_sync() in imm_detach() to guarantee proper\ncancellation of the delayed work item before imm_struct is deallocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68324",
"url": "https://www.suse.com/security/cve/CVE-2025-68324"
},
{
"category": "external",
"summary": "SUSE Bug 1255416 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "external",
"summary": "SUSE Bug 1257117 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1257117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-68324"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2026-23271",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23271"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix __perf_event_overflow() vs perf_remove_from_context() race\n\nMake sure that __perf_event_overflow() runs with IRQs disabled for all\npossible callchains. Specifically the software events can end up running\nit with only preemption disabled.\n\nThis opens up a race vs perf_event_exit_event() and friends that will go\nand free various things the overflow path expects to be present, like\nthe BPF program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23271",
"url": "https://www.suse.com/security/cve/CVE-2026-23271"
},
{
"category": "external",
"summary": "SUSE Bug 1260018 for CVE-2026-23271",
"url": "https://bugzilla.suse.com/1260018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-23271"
},
{
"cve": "CVE-2026-23279",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23279"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()\n\nIn mesh_rx_csa_frame(), elems-\u003emesh_chansw_params_ie is dereferenced\nat lines 1638 and 1642 without a prior NULL check:\n\n ifmsh-\u003echsw_ttl = elems-\u003emesh_chansw_params_ie-\u003emesh_ttl;\n ...\n pre_value = le16_to_cpu(elems-\u003emesh_chansw_params_ie-\u003emesh_pre_value);\n\nThe mesh_matches_local() check above only validates the Mesh ID,\nMesh Configuration, and Supported Rates IEs. It does not verify the\npresence of the Mesh Channel Switch Parameters IE (element ID 118).\nWhen a received CSA action frame omits that IE, ieee802_11_parse_elems()\nleaves elems-\u003emesh_chansw_params_ie as NULL, and the unconditional\ndereference causes a kernel NULL pointer dereference.\n\nA remote mesh peer with an established peer link (PLINK_ESTAB) can\ntrigger this by sending a crafted SPECTRUM_MGMT/CHL_SWITCH action frame\nthat includes a matching Mesh ID and Mesh Configuration IE but omits the\nMesh Channel Switch Parameters IE. No authentication beyond the default\nopen mesh peering is required.\n\nCrash confirmed on kernel 6.17.0-5-generic via mac80211_hwsim:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n Oops: Oops: 0000 [#1] SMP NOPTI\n RIP: 0010:ieee80211_mesh_rx_queued_mgmt+0x143/0x2a0 [mac80211]\n CR2: 0000000000000000\n\nFix by adding a NULL check for mesh_chansw_params_ie after\nmesh_matches_local() returns, consistent with how other optional IEs\nare guarded throughout the mesh code.\n\nThe bug has been present since v3.13 (released 2014-01-19).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23279",
"url": "https://www.suse.com/security/cve/CVE-2026-23279"
},
{
"category": "external",
"summary": "SUSE Bug 1260468 for CVE-2026-23279",
"url": "https://bugzilla.suse.com/1260468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-23279"
},
{
"cve": "CVE-2026-23303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds\n\nWhen debug logging is enabled, cifs_set_cifscreds() logs the key\npayload and exposes the plaintext username and password. Remove the\ndebug log to avoid exposing credentials.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23303",
"url": "https://www.suse.com/security/cve/CVE-2026-23303"
},
{
"category": "external",
"summary": "SUSE Bug 1260502 for CVE-2026-23303",
"url": "https://bugzilla.suse.com/1260502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-23303"
},
{
"cve": "CVE-2026-23367",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23367"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: radiotap: reject radiotap with unknown bits\n\nThe radiotap parser is currently only used with the radiotap\nnamespace (not with vendor namespaces), but if the undefined\nfield 18 is used, the alignment/size is unknown as well. In\nthis case, iterator-\u003e_next_ns_data isn\u0027t initialized (it\u0027s\nonly set for skipping vendor namespaces), and syzbot points\nout that we later compare against this uninitialized value.\n\nFix this by moving the rejection of unknown radiotap fields\ndown to after the in-namespace lookup, so it will really use\niterator-\u003e_next_ns_data only for vendor namespaces, even in\ncase undefined fields are present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23367",
"url": "https://www.suse.com/security/cve/CVE-2026-23367"
},
{
"category": "external",
"summary": "SUSE Bug 1260731 for CVE-2026-23367",
"url": "https://bugzilla.suse.com/1260731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-23367"
},
{
"cve": "CVE-2026-23396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix NULL deref in mesh_matches_local()\n\nmesh_matches_local() unconditionally dereferences ie-\u003emesh_config to\ncompare mesh configuration parameters. When called from\nmesh_rx_csa_frame(), the parsed action-frame elements may not contain a\nMesh Configuration IE, leaving ie-\u003emesh_config NULL and triggering a\nkernel NULL pointer dereference.\n\nThe other two callers are already safe:\n - ieee80211_mesh_rx_bcn_presp() checks !elems-\u003emesh_config before\n calling mesh_matches_local()\n - mesh_plink_get_event() is only reached through\n mesh_process_plink_frame(), which checks !elems-\u003emesh_config, too\n\nmesh_rx_csa_frame() is the only caller that passes raw parsed elements\nto mesh_matches_local() without guarding mesh_config. An adjacent\nattacker can exploit this by sending a crafted CSA action frame that\nincludes a valid Mesh ID IE but omits the Mesh Configuration IE,\ncrashing the kernel.\n\nThe captured crash log:\n\nOops: general protection fault, probably for non-canonical address ...\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nWorkqueue: events_unbound cfg80211_wiphy_work\n[...]\nCall Trace:\n \u003cTASK\u003e\n ? __pfx_mesh_matches_local (net/mac80211/mesh.c:65)\n ieee80211_mesh_rx_queued_mgmt (net/mac80211/mesh.c:1686)\n [...]\n ieee80211_iface_work (net/mac80211/iface.c:1754 net/mac80211/iface.c:1802)\n [...]\n cfg80211_wiphy_work (net/wireless/core.c:426)\n process_one_work (net/kernel/workqueue.c:3280)\n ? assign_work (net/kernel/workqueue.c:1219)\n worker_thread (net/kernel/workqueue.c:3352)\n ? __pfx_worker_thread (net/kernel/workqueue.c:3385)\n kthread (net/kernel/kthread.c:436)\n [...]\n ret_from_fork_asm (net/arch/x86/entry/entry_64.S:255)\n \u003c/TASK\u003e\n\nThis patch adds a NULL check for ie-\u003emesh_config at the top of\nmesh_matches_local() to return false early when the Mesh Configuration\nIE is absent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23396",
"url": "https://www.suse.com/security/cve/CVE-2026-23396"
},
{
"category": "external",
"summary": "SUSE Bug 1260729 for CVE-2026-23396",
"url": "https://bugzilla.suse.com/1260729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-23396"
},
{
"cve": "CVE-2026-23444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure\n\nieee80211_tx_prepare_skb() has three error paths, but only two of them\nfree the skb. The first error path (ieee80211_tx_prepare() returning\nTX_DROP) does not free it, while invoke_tx_handlers() failure and the\nfragmentation check both do.\n\nAdd kfree_skb() to the first error path so all three are consistent,\nand remove the now-redundant frees in callers (ath9k, mt76,\nmac80211_hwsim) to avoid double-free.\n\nDocument the skb ownership guarantee in the function\u0027s kdoc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23444",
"url": "https://www.suse.com/security/cve/CVE-2026-23444"
},
{
"category": "external",
"summary": "SUSE Bug 1266307 for CVE-2026-23444",
"url": "https://bugzilla.suse.com/1266307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-23444"
},
{
"cve": "CVE-2026-23448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check\n\ncdc_ncm_rx_verify_ndp16() validates that the NDP header and its DPE\nentries fit within the skb. The first check correctly accounts for\nndpoffset:\n\n if ((ndpoffset + sizeof(struct usb_cdc_ncm_ndp16)) \u003e skb_in-\u003elen)\n\nbut the second check omits it:\n\n if ((sizeof(struct usb_cdc_ncm_ndp16) +\n ret * (sizeof(struct usb_cdc_ncm_dpe16))) \u003e skb_in-\u003elen)\n\nThis validates the DPE array size against the total skb length as if\nthe NDP were at offset 0, rather than at ndpoffset. When the NDP is\nplaced near the end of the NTB (large wNdpIndex), the DPE entries can\nextend past the skb data buffer even though the check passes.\ncdc_ncm_rx_fixup() then reads out-of-bounds memory when iterating\nthe DPE array.\n\nAdd ndpoffset to the nframes bounds check and use struct_size_t() to\nexpress the NDP-plus-DPE-array size more clearly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23448",
"url": "https://www.suse.com/security/cve/CVE-2026-23448"
},
{
"category": "external",
"summary": "SUSE Bug 1261750 for CVE-2026-23448",
"url": "https://bugzilla.suse.com/1261750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-23448"
},
{
"cve": "CVE-2026-31405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-net: fix OOB access in ULE extension header tables\n\nThe ule_mandatory_ext_handlers[] and ule_optional_ext_handlers[] tables\nin handle_one_ule_extension() are declared with 255 elements (valid\nindices 0-254), but the index htype is derived from network-controlled\ndata as (ule_sndu_type \u0026 0x00FF), giving a range of 0-255. When\nhtype equals 255, an out-of-bounds read occurs on the function pointer\ntable, and the OOB value may be called as a function pointer.\n\nAdd a bounds check on htype against the array size before either table\nis accessed. Out-of-range values now cause the SNDU to be discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31405",
"url": "https://www.suse.com/security/cve/CVE-2026-31405"
},
{
"category": "external",
"summary": "SUSE Bug 1261700 for CVE-2026-31405",
"url": "https://bugzilla.suse.com/1261700"
},
{
"category": "external",
"summary": "SUSE Bug 1261701 for CVE-2026-31405",
"url": "https://bugzilla.suse.com/1261701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31405"
},
{
"cve": "CVE-2026-31415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: avoid overflows in ip6_datagram_send_ctl()\n\nYiming Qian reported :\n\u003cquote\u003e\n I believe I found a locally triggerable kernel bug in the IPv6 sendmsg\n ancillary-data path that can panic the kernel via `skb_under_panic()`\n (local DoS).\n\n The core issue is a mismatch between:\n\n - a 16-bit length accumulator (`struct ipv6_txoptions::opt_flen`, type\n `__u16`) and\n - a pointer to the *last* provided destination-options header (`opt-\u003edst1opt`)\n\n when multiple `IPV6_DSTOPTS` control messages (cmsgs) are provided.\n\n - `include/net/ipv6.h`:\n - `struct ipv6_txoptions::opt_flen` is `__u16` (wrap possible).\n (lines 291-307, especially 298)\n - `net/ipv6/datagram.c:ip6_datagram_send_ctl()`:\n - Accepts repeated `IPV6_DSTOPTS` and accumulates into `opt_flen`\n without rejecting duplicates. (lines 909-933)\n - `net/ipv6/ip6_output.c:__ip6_append_data()`:\n - Uses `opt-\u003eopt_flen + opt-\u003eopt_nflen` to compute header\n sizes/headroom decisions. (lines 1448-1466, especially 1463-1465)\n - `net/ipv6/ip6_output.c:__ip6_make_skb()`:\n - Calls `ipv6_push_frag_opts()` if `opt-\u003eopt_flen` is non-zero.\n (lines 1930-1934)\n - `net/ipv6/exthdrs.c:ipv6_push_frag_opts()` / `ipv6_push_exthdr()`:\n - Push size comes from `ipv6_optlen(opt-\u003edst1opt)` (based on the\n pointed-to header). (lines 1179-1185 and 1206-1211)\n\n 1. `opt_flen` is a 16-bit accumulator:\n\n - `include/net/ipv6.h:298` defines `__u16 opt_flen; /* after fragment hdr */`.\n\n 2. `ip6_datagram_send_ctl()` accepts *repeated* `IPV6_DSTOPTS` cmsgs\n and increments `opt_flen` each time:\n\n - In `net/ipv6/datagram.c:909-933`, for `IPV6_DSTOPTS`:\n - It computes `len = ((hdr-\u003ehdrlen + 1) \u003c\u003c 3);`\n - It checks `CAP_NET_RAW` using `ns_capable(net-\u003euser_ns,\n CAP_NET_RAW)`. (line 922)\n - Then it does:\n - `opt-\u003eopt_flen += len;` (line 927)\n - `opt-\u003edst1opt = hdr;` (line 928)\n\n There is no duplicate rejection here (unlike the legacy\n `IPV6_2292DSTOPTS` path which rejects duplicates at\n `net/ipv6/datagram.c:901-904`).\n\n If enough large `IPV6_DSTOPTS` cmsgs are provided, `opt_flen` wraps\n while `dst1opt` still points to a large (2048-byte)\n destination-options header.\n\n In the attached PoC (`poc.c`):\n\n - 32 cmsgs with `hdrlen=255` =\u003e `len = (255+1)*8 = 2048`\n - 1 cmsg with `hdrlen=0` =\u003e `len = 8`\n - Total increment: `32*2048 + 8 = 65544`, so `(__u16)opt_flen == 8`\n - The last cmsg is 2048 bytes, so `dst1opt` points to a 2048-byte header.\n\n 3. The transmit path sizes headers using the wrapped `opt_flen`:\n\n- In `net/ipv6/ip6_output.c:1463-1465`:\n - `headersize = sizeof(struct ipv6hdr) + (opt ? opt-\u003eopt_flen +\n opt-\u003eopt_nflen : 0) + ...;`\n\n With wrapped `opt_flen`, `headersize`/headroom decisions underestimate\n what will be pushed later.\n\n 4. When building the final skb, the actual push length comes from\n `dst1opt` and is not limited by wrapped `opt_flen`:\n\n - In `net/ipv6/ip6_output.c:1930-1934`:\n - `if (opt-\u003eopt_flen) proto = ipv6_push_frag_opts(skb, opt, proto);`\n - In `net/ipv6/exthdrs.c:1206-1211`, `ipv6_push_frag_opts()` pushes\n `dst1opt` via `ipv6_push_exthdr()`.\n - In `net/ipv6/exthdrs.c:1179-1184`, `ipv6_push_exthdr()` does:\n - `skb_push(skb, ipv6_optlen(opt));`\n - `memcpy(h, opt, ipv6_optlen(opt));`\n\n With insufficient headroom, `skb_push()` underflows and triggers\n `skb_under_panic()` -\u003e `BUG()`:\n\n - `net/core/skbuff.c:2669-2675` (`skb_push()` calls `skb_under_panic()`)\n - `net/core/skbuff.c:207-214` (`skb_panic()` ends in `BUG()`)\n\n - The `IPV6_DSTOPTS` cmsg path requires `CAP_NET_RAW` in the target\n netns user namespace (`ns_capable(net-\u003euser_ns, CAP_NET_RAW)`).\n - Root (or any task with `CAP_NET_RAW`) can trigger this without user\n namespaces.\n - An unprivileged `uid=1000` user can trigger this if unprivileged\n user namespaces are enabled and it can create a userns+netns to obtain\n namespaced `CAP_NET_RAW` (the attached PoC does this).\n\n - Local denial of service: kernel BUG/panic (system crash).\n -\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31415",
"url": "https://www.suse.com/security/cve/CVE-2026-31415"
},
{
"category": "external",
"summary": "SUSE Bug 1262099 for CVE-2026-31415",
"url": "https://bugzilla.suse.com/1262099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31415"
},
{
"cve": "CVE-2026-31421",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31421"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_fw: fix NULL pointer dereference on shared blocks\n\nThe old-method path in fw_classify() calls tcf_block_q() and\ndereferences q-\u003ehandle. Shared blocks leave block-\u003eq NULL, causing a\nNULL deref when an empty cls_fw filter is attached to a shared block\nand a packet with a nonzero major skb mark is classified.\n\nReject the configuration in fw_change() when the old method (no\nTCA_OPTIONS) is used on a shared block, since fw_classify()\u0027s\nold-method path needs block-\u003eq which is NULL for shared blocks.\n\nThe fixed null-ptr-deref calling stack:\n KASAN: null-ptr-deref in range [0x0000000000000038-0x000000000000003f]\n RIP: 0010:fw_classify (net/sched/cls_fw.c:81)\n Call Trace:\n tcf_classify (./include/net/tc_wrapper.h:197 net/sched/cls_api.c:1764 net/sched/cls_api.c:1860)\n tc_run (net/core/dev.c:4401)\n __dev_queue_xmit (net/core/dev.c:4535 net/core/dev.c:4790)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31421",
"url": "https://www.suse.com/security/cve/CVE-2026-31421"
},
{
"category": "external",
"summary": "SUSE Bug 1262061 for CVE-2026-31421",
"url": "https://bugzilla.suse.com/1262061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31421"
},
{
"cve": "CVE-2026-31447",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31447"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: reject mount if bigalloc with s_first_data_block != 0\n\nbigalloc with s_first_data_block != 0 is not supported, reject mounting\nit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31447",
"url": "https://www.suse.com/security/cve/CVE-2026-31447"
},
{
"category": "external",
"summary": "SUSE Bug 1262614 for CVE-2026-31447",
"url": "https://bugzilla.suse.com/1262614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31447"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()\n\nA malicious or compromised VIO server can return a num_written value in the\ndiscover targets MAD response that exceeds max_targets. This value is\nstored directly in vhost-\u003enum_targets without validation, and is then used\nas the loop bound in ibmvfc_alloc_targets() to index into disc_buf[], which\nis only allocated for max_targets entries. Indices at or beyond max_targets\naccess kernel memory outside the DMA-coherent allocation. The\nout-of-bounds data is subsequently embedded in Implicit Logout and PLOGI\nMADs that are sent back to the VIO server, leaking kernel memory.\n\nFix by clamping num_written to max_targets before storing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31464",
"url": "https://www.suse.com/security/cve/CVE-2026-31464"
},
{
"category": "external",
"summary": "SUSE Bug 1262656 for CVE-2026-31464",
"url": "https://bugzilla.suse.com/1262656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31464"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop\n\nl2cap_config_req() processes CONFIG_REQ for channels in BT_CONNECTED\nstate to support L2CAP reconfiguration (e.g. MTU changes). However,\nsince both CONF_INPUT_DONE and CONF_OUTPUT_DONE are already set from\nthe initial configuration, the reconfiguration path falls through to\nl2cap_ertm_init(), which re-initializes tx_q, srej_q, srej_list, and\nretrans_list without freeing the previous allocations and sets\nchan-\u003esdu to NULL without freeing the existing skb. This leaks all\npreviously allocated ERTM resources.\n\nAdditionally, l2cap_parse_conf_req() does not validate the minimum\nvalue of remote_mps derived from the RFC max_pdu_size option. A zero\nvalue propagates to l2cap_segment_sdu() where pdu_len becomes zero,\ncausing the while loop to never terminate since len is never\ndecremented, exhausting all available memory.\n\nFix the double-init by skipping l2cap_ertm_init() and\nl2cap_chan_ready() when the channel is already in BT_CONNECTED state,\nwhile still allowing the reconfiguration parameters to be updated\nthrough l2cap_parse_conf_req(). Also add a pdu_len zero check in\nl2cap_segment_sdu() as a safeguard.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31498",
"url": "https://www.suse.com/security/cve/CVE-2026-31498"
},
{
"category": "external",
"summary": "SUSE Bug 1262751 for CVE-2026-31498",
"url": "https://bugzilla.suse.com/1262751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31498"
},
{
"cve": "CVE-2026-3150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-3150"
}
],
"notes": [
{
"category": "general",
"text": "A security vulnerability has been detected in itsourcecode College Management System 1.0. This affects an unknown part of the file /admin/display-teacher.php. The manipulation of the argument teacher_id leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and may be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-3150",
"url": "https://www.suse.com/security/cve/CVE-2026-3150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-3150"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31515",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31515"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_key: validate families in pfkey_send_migrate()\n\nsyzbot was able to trigger a crash in skb_put() [1]\n\nIssue is that pfkey_send_migrate() does not check old/new families,\nand that set_ipsecrequest() @family argument was truncated,\nthus possibly overfilling the skb.\n\nValidate families early, do not wait set_ipsecrequest().\n\n[1]\n\nskbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:\u003cNULL\u003e\n kernel BUG at net/core/skbuff.c:214 !\nCall Trace:\n \u003cTASK\u003e\n skb_over_panic net/core/skbuff.c:219 [inline]\n skb_put+0x159/0x210 net/core/skbuff.c:2655\n skb_put_zero include/linux/skbuff.h:2788 [inline]\n set_ipsecrequest net/key/af_key.c:3532 [inline]\n pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636\n km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848\n xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705\n xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31515",
"url": "https://www.suse.com/security/cve/CVE-2026-31515"
},
{
"category": "external",
"summary": "SUSE Bug 1262752 for CVE-2026-31515",
"url": "https://bugzilla.suse.com/1262752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31515"
},
{
"cve": "CVE-2026-31516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: prevent policy_hthresh.work from racing with netns teardown\n\nA XFRM_MSG_NEWSPDINFO request can queue the per-net work item\npolicy_hthresh.work onto the system workqueue.\n\nThe queued callback, xfrm_hash_rebuild(), retrieves the enclosing\nstruct net via container_of(). If the net namespace is torn down\nbefore that work runs, the associated struct net may already have\nbeen freed, and xfrm_hash_rebuild() may then dereference stale memory.\n\nxfrm_policy_fini() already flushes policy_hash_work during teardown,\nbut it does not synchronize policy_hthresh.work.\n\nSynchronize policy_hthresh.work in xfrm_policy_fini() as well, so the\nqueued work cannot outlive the net namespace teardown and access a\nfreed struct net.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31516",
"url": "https://www.suse.com/security/cve/CVE-2026-31516"
},
{
"category": "external",
"summary": "SUSE Bug 1262755 for CVE-2026-31516",
"url": "https://bugzilla.suse.com/1262755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31516"
},
{
"cve": "CVE-2026-31532",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31532"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: raw: fix ro-\u003euniq use-after-free in raw_rcv()\n\nraw_release() unregisters raw CAN receive filters via can_rx_unregister(),\nbut receiver deletion is deferred with call_rcu(). This leaves a window\nwhere raw_rcv() may still be running in an RCU read-side critical section\nafter raw_release() frees ro-\u003euniq, leading to a use-after-free of the\npercpu uniq storage.\n\nMove free_percpu(ro-\u003euniq) out of raw_release() and into a raw-specific\nsocket destructor. can_rx_unregister() takes an extra reference to the\nsocket and only drops it from the RCU callback, so freeing uniq from\nsk_destruct ensures the percpu area is not released until the relevant\ncallbacks have drained.\n\n[mkl: applied manually]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31532",
"url": "https://www.suse.com/security/cve/CVE-2026-31532"
},
{
"category": "external",
"summary": "SUSE Bug 1262757 for CVE-2026-31532",
"url": "https://bugzilla.suse.com/1262757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31532"
},
{
"cve": "CVE-2026-31540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Check set_default_submission() before deferencing\n\nWhen the i915 driver firmware binaries are not present, the\nset_default_submission pointer is not set. This pointer is\ndereferenced during suspend anyways.\n\nAdd a check to make sure it is set before dereferencing.\n\n[ 23.289926] PM: suspend entry (deep)\n[ 23.293558] Filesystems sync: 0.000 seconds\n[ 23.298010] Freezing user space processes\n[ 23.302771] Freezing user space processes completed (elapsed 0.000 seconds)\n[ 23.309766] OOM killer disabled.\n[ 23.313027] Freezing remaining freezable tasks\n[ 23.318540] Freezing remaining freezable tasks completed (elapsed 0.001 seconds)\n[ 23.342038] serial 00:05: disabled\n[ 23.345719] serial 00:02: disabled\n[ 23.349342] serial 00:01: disabled\n[ 23.353782] sd 0:0:0:0: [sda] Synchronizing SCSI cache\n[ 23.358993] sd 1:0:0:0: [sdb] Synchronizing SCSI cache\n[ 23.361635] ata1.00: Entering standby power mode\n[ 23.368863] ata2.00: Entering standby power mode\n[ 23.445187] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 23.452194] #PF: supervisor instruction fetch in kernel mode\n[ 23.457896] #PF: error_code(0x0010) - not-present page\n[ 23.463065] PGD 0 P4D 0\n[ 23.465640] Oops: Oops: 0010 [#1] SMP NOPTI\n[ 23.469869] CPU: 8 UID: 0 PID: 211 Comm: kworker/u48:18 Tainted: G S W 6.19.0-rc4-00020-gf0b9d8eb98df #10 PREEMPT(voluntary)\n[ 23.482512] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 23.496511] Workqueue: async async_run_entry_fn\n[ 23.501087] RIP: 0010:0x0\n[ 23.503755] Code: Unable to access opcode bytes at 0xffffffffffffffd6.\n[ 23.510324] RSP: 0018:ffffb4a60065fca8 EFLAGS: 00010246\n[ 23.515592] RAX: 0000000000000000 RBX: ffff9f428290e000 RCX: 000000000000000f\n[ 23.522765] RDX: 0000000000000000 RSI: 0000000000000282 RDI: ffff9f428290e000\n[ 23.529937] RBP: ffff9f4282907070 R08: ffff9f4281130428 R09: 00000000ffffffff\n[ 23.537111] R10: 0000000000000000 R11: 0000000000000001 R12: ffff9f42829070f8\n[ 23.544284] R13: ffff9f4282906028 R14: ffff9f4282900000 R15: ffff9f4282906b68\n[ 23.551457] FS: 0000000000000000(0000) GS:ffff9f466b2cf000(0000) knlGS:0000000000000000\n[ 23.559588] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 23.565365] CR2: ffffffffffffffd6 CR3: 000000031c230001 CR4: 0000000000f70ef0\n[ 23.572539] PKRU: 55555554\n[ 23.575281] Call Trace:\n[ 23.577770] \u003cTASK\u003e\n[ 23.579905] intel_engines_reset_default_submission+0x42/0x60\n[ 23.585695] __intel_gt_unset_wedged+0x191/0x200\n[ 23.590360] intel_gt_unset_wedged+0x20/0x40\n[ 23.594675] gt_sanitize+0x15e/0x170\n[ 23.598290] i915_gem_suspend_late+0x6b/0x180\n[ 23.602692] i915_drm_suspend_late+0x35/0xf0\n[ 23.607008] ? __pfx_pci_pm_suspend_late+0x10/0x10\n[ 23.611843] dpm_run_callback+0x78/0x1c0\n[ 23.615817] device_suspend_late+0xde/0x2e0\n[ 23.620037] async_suspend_late+0x18/0x30\n[ 23.624082] async_run_entry_fn+0x25/0xa0\n[ 23.628129] process_one_work+0x15b/0x380\n[ 23.632182] worker_thread+0x2a5/0x3c0\n[ 23.635973] ? __pfx_worker_thread+0x10/0x10\n[ 23.640279] kthread+0xf6/0x1f0\n[ 23.643464] ? __pfx_kthread+0x10/0x10\n[ 23.647263] ? __pfx_kthread+0x10/0x10\n[ 23.651045] ret_from_fork+0x131/0x190\n[ 23.654837] ? __pfx_kthread+0x10/0x10\n[ 23.658634] ret_from_fork_asm+0x1a/0x30\n[ 23.662597] \u003c/TASK\u003e\n[ 23.664826] Modules linked in:\n[ 23.667914] CR2: 0000000000000000\n[ 23.671271] ------------[ cut here ]------------\n\n(cherry picked from commit daa199abc3d3d1740c9e3a2c3e9216ae5b447cad)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31540",
"url": "https://www.suse.com/security/cve/CVE-2026-31540"
},
{
"category": "external",
"summary": "SUSE Bug 1263011 for CVE-2026-31540",
"url": "https://bugzilla.suse.com/1263011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31540"
},
{
"cve": "CVE-2026-31546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix NULL deref in bond_debug_rlb_hash_show\n\nrlb_clear_slave intentionally keeps RLB hash-table entries on\nthe rx_hashtbl_used_head list with slave set to NULL when no\nreplacement slave is available. However, bond_debug_rlb_hash_show\nvisites client_info-\u003eslave without checking if it\u0027s NULL.\n\nOther used-list iterators in bond_alb.c already handle this NULL-slave\nstate safely:\n\n- rlb_update_client returns early on !client_info-\u003eslave\n- rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance\ncompare slave values before visiting\n- lb_req_update_subnet_clients continues if slave is NULL\n\nThe following NULL deref crash can be trigger in\nbond_debug_rlb_hash_show:\n\n[ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41)\n[ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286\n[ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204\n[ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078\n[ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000\n[ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0\n[ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8\n[ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000\n[ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0\n[ 1.295897] Call Trace:\n[ 1.296134] seq_read_iter (fs/seq_file.c:231)\n[ 1.296341] seq_read (fs/seq_file.c:164)\n[ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1))\n[ 1.296658] vfs_read (fs/read_write.c:572)\n[ 1.296981] ksys_read (fs/read_write.c:717)\n[ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n[ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nAdd a NULL check and print \"(none)\" for entries with no assigned slave.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31546",
"url": "https://www.suse.com/security/cve/CVE-2026-31546"
},
{
"category": "external",
"summary": "SUSE Bug 1263006 for CVE-2026-31546",
"url": "https://bugzilla.suse.com/1263006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31546"
},
{
"cve": "CVE-2026-31588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Use scratch field in MMIO fragment to hold small write values\n\nWhen exiting to userspace to service an emulated MMIO write, copy the\nto-be-written value to a scratch field in the MMIO fragment if the size\nof the data payload is 8 bytes or less, i.e. can fit in a single chunk,\ninstead of pointing the fragment directly at the source value.\n\nThis fixes a class of use-after-free bugs that occur when the emulator\ninitiates a write using an on-stack, local variable as the source, the\nwrite splits a page boundary, *and* both pages are MMIO pages. Because\nKVM\u0027s ABI only allows for physically contiguous MMIO requests, accesses\nthat split MMIO pages are separated into two fragments, and are sent to\nuserspace one at a time. When KVM attempts to complete userspace MMIO in\nresponse to KVM_RUN after the first fragment, KVM will detect the second\nfragment and generate a second userspace exit, and reference the on-stack\nvariable.\n\nThe issue is most visible if the second KVM_RUN is performed by a separate\ntask, in which case the stack of the initiating task can show up as truly\nfreed data.\n\n ==================================================================\n BUG: KASAN: use-after-free in complete_emulated_mmio+0x305/0x420\n Read of size 1 at addr ffff888009c378d1 by task syz-executor417/984\n\n CPU: 1 PID: 984 Comm: syz-executor417 Not tainted 5.10.0-182.0.0.95.h2627.eulerosv2r13.x86_64 #3\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014 Call Trace:\n dump_stack+0xbe/0xfd\n print_address_description.constprop.0+0x19/0x170\n __kasan_report.cold+0x6c/0x84\n kasan_report+0x3a/0x50\n check_memory_region+0xfd/0x1f0\n memcpy+0x20/0x60\n complete_emulated_mmio+0x305/0x420\n kvm_arch_vcpu_ioctl_run+0x63f/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscall_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n RIP: 0033:0x42477d\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007faa8e6890e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00000000004d7338 RCX: 000000000042477d\n RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005\n RBP: 00000000004d7330 R08: 00007fff28d546df R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004d733c\n R13: 0000000000000000 R14: 000000000040a200 R15: 00007fff28d54720\n\n The buggy address belongs to the page:\n page:0000000029f6a428 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x9c37\n flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff)\n raw: 000fffffc0000000 0000000000000000 ffffea0000270dc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff888009c37780: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff888009c37800: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n \u003effff888009c37880: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ^\n ffff888009c37900: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff888009c37980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ==================================================================\n\nThe bug can also be reproduced with a targeted KVM-Unit-Test by hacking\nKVM to fill a large on-stack variable in complete_emulated_mmio(), i.e. by\noverwrite the data value with garbage.\n\nLimit the use of the scratch fields to 8-byte or smaller accesses, and to\njust writes, as larger accesses and reads are not affected thanks to\nimplementation details in the emulator, but add a sanity check to ensure\nthose details don\u0027t change in the future. Specifically, KVM never uses\non-stack variables for accesses larger that 8 bytes, e.g. uses an operand\nin the emulator context, and *al\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31588",
"url": "https://www.suse.com/security/cve/CVE-2026-31588"
},
{
"category": "external",
"summary": "SUSE Bug 1263165 for CVE-2026-31588",
"url": "https://bugzilla.suse.com/1263165"
},
{
"category": "external",
"summary": "SUSE Bug 1263166 for CVE-2026-31588",
"url": "https://bugzilla.suse.com/1263166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-31588"
},
{
"cve": "CVE-2026-31590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION\n\nDrop the WARN in sev_pin_memory() on npages overflowing an int, as the\nWARN is comically trivially to trigger from userspace, e.g. by doing:\n\n struct kvm_enc_region range = {\n .addr = 0,\n .size = -1ul,\n };\n\n __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_REG_REGION, \u0026range);\n\nNote, the checks in sev_mem_enc_register_region() that presumably exist to\nverify the incoming address+size are completely worthless, as both \"addr\"\nand \"size\" are u64s and SEV is 64-bit only, i.e. they _can\u0027t_ be greater\nthan ULONG_MAX. That wart will be cleaned up in the near future.\n\n\tif (range-\u003eaddr \u003e ULONG_MAX || range-\u003esize \u003e ULONG_MAX)\n\t\treturn -EINVAL;\n\nOpportunistically add a comment to explain why the code calculates the\nnumber of pages the \"hard\" way, e.g. instead of just shifting @ulen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31590",
"url": "https://www.suse.com/security/cve/CVE-2026-31590"
},
{
"category": "external",
"summary": "SUSE Bug 1263152 for CVE-2026-31590",
"url": "https://bugzilla.suse.com/1263152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31590"
},
{
"cve": "CVE-2026-31596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31596"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle invalid dinode in ocfs2_group_extend\n\n[BUG]\nkernel BUG at fs/ocfs2/resize.c:308!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nRIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308\nCode: 8b8520ff ffff83f8 860f8580 030000e8 5cc3c1fe\nCall Trace:\n ...\n ocfs2_ioctl+0x175/0x6e0 fs/ocfs2/ioctl.c:869\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x197/0x1e0 fs/ioctl.c:583\n x64_sys_call+0x1144/0x26a0 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x93/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\n[CAUSE]\nocfs2_group_extend() assumes that the global bitmap inode block\nreturned from ocfs2_inode_lock() has already been validated and\nBUG_ONs when the signature is not a dinode. That assumption is too\nstrong for crafted filesystems because the JBD2-managed buffer path\ncan bypass structural validation and return an invalid dinode to the\nresize ioctl.\n\n[FIX]\nValidate the dinode explicitly in ocfs2_group_extend(). If the global\nbitmap buffer does not contain a valid dinode, report filesystem\ncorruption with ocfs2_error() and fail the resize operation instead of\ncrashing the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31596",
"url": "https://www.suse.com/security/cve/CVE-2026-31596"
},
{
"category": "external",
"summary": "SUSE Bug 1263319 for CVE-2026-31596",
"url": "https://bugzilla.suse.com/1263319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31596"
},
{
"cve": "CVE-2026-31629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: add missing return after LLCP_CLOSED checks\n\nIn nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket\nstate is LLCP_CLOSED, the code correctly calls release_sock() and\nnfc_llcp_sock_put() but fails to return. Execution falls through to\nthe remainder of the function, which calls release_sock() and\nnfc_llcp_sock_put() again. This results in a double release_sock()\nand a refcount underflow via double nfc_llcp_sock_put(), leading to\na use-after-free.\n\nAdd the missing return statements after the LLCP_CLOSED branches\nin both functions to prevent the fall-through.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31629",
"url": "https://www.suse.com/security/cve/CVE-2026-31629"
},
{
"category": "external",
"summary": "SUSE Bug 1263790 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "external",
"summary": "SUSE Bug 1263791 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-31629"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nseg6: separate dst_cache for input and output paths in seg6 lwtunnel\n\nThe seg6 lwtunnel uses a single dst_cache per encap route, shared\nbetween seg6_input_core() and seg6_output_core(). These two paths\ncan perform the post-encap SID lookup in different routing contexts\n(e.g., ip rules matching on the ingress interface, or VRF table\nseparation). Whichever path runs first populates the cache, and the\nother reuses it blindly, bypassing its own lookup.\n\nFix this by splitting the cache into cache_input and cache_output,\nso each path maintains its own cached dst independently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31668",
"url": "https://www.suse.com/security/cve/CVE-2026-31668"
},
{
"category": "external",
"summary": "SUSE Bug 1263140 for CVE-2026-31668",
"url": "https://bugzilla.suse.com/1263140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31668"
},
{
"cve": "CVE-2026-31671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm_user: fix info leak in build_report()\n\nstruct xfrm_user_report is a __u8 proto field followed by a struct\nxfrm_selector which means there is three \"empty\" bytes of padding, but\nthe padding is never zeroed before copying to userspace. Fix that up by\nzeroing the structure before setting individual member variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31671",
"url": "https://www.suse.com/security/cve/CVE-2026-31671"
},
{
"category": "external",
"summary": "SUSE Bug 1263115 for CVE-2026-31671",
"url": "https://bugzilla.suse.com/1263115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "low"
}
],
"title": "CVE-2026-31671"
},
{
"cve": "CVE-2026-31673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: read UNIX_DIAG_VFS data under unix_state_lock\n\nExact UNIX diag lookups hold a reference to the socket, but not to\nu-\u003epath. Meanwhile, unix_release_sock() clears u-\u003epath under\nunix_state_lock() and drops the path reference after unlocking.\n\nRead the inode and device numbers for UNIX_DIAG_VFS while holding\nunix_state_lock(), then emit the netlink attribute after dropping the\nlock.\n\nThis keeps the VFS data stable while the reply is being built.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31673",
"url": "https://www.suse.com/security/cve/CVE-2026-31673"
},
{
"category": "external",
"summary": "SUSE Bug 1263143 for CVE-2026-31673",
"url": "https://bugzilla.suse.com/1263143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31673"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: defer tunnel netdev_put to RCU release\n\novs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already\ndetached the device. Dropping the netdev reference in destroy can race\nwith concurrent readers that still observe vport-\u003edev.\n\nDo not release vport-\u003edev in ovs_netdev_tunnel_destroy(). Instead, let\nvport_netdev_free() drop the reference from the RCU callback, matching\nthe non-tunnel destroy path and avoiding additional synchronization\nunder RTNL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31678",
"url": "https://www.suse.com/security/cve/CVE-2026-31678"
},
{
"category": "external",
"summary": "SUSE Bug 1263562 for CVE-2026-31678",
"url": "https://bugzilla.suse.com/1263562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31678"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31778"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: caiaq: fix stack out-of-bounds read in init_card\n\nThe loop creates a whitespace-stripped copy of the card shortname\nwhere `len \u003c sizeof(card-\u003eid)` is used for the bounds check. Since\nsizeof(card-\u003eid) is 16 and the local id buffer is also 16 bytes,\nwriting 16 non-space characters fills the entire buffer,\noverwriting the terminating nullbyte.\n\nWhen this non-null-terminated string is later passed to\nsnd_card_set_id() -\u003e copy_valid_id_string(), the function scans\nforward with `while (*nid \u0026\u0026 ...)` and reads past the end of the\nstack buffer, reading the contents of the stack.\n\nA USB device with a product name containing many non-ASCII, non-space\ncharacters (e.g. multibyte UTF-8) will reliably trigger this as follows:\n\n BUG: KASAN: stack-out-of-bounds in copy_valid_id_string\n sound/core/init.c:696 [inline]\n BUG: KASAN: stack-out-of-bounds in snd_card_set_id_no_lock+0x698/0x74c\n sound/core/init.c:718\n\nThe off-by-one has been present since commit bafeee5b1f8d (\"ALSA:\nsnd_usb_caiaq: give better shortname\") from June 2009 (v2.6.31-rc1),\nwhich first introduced this whitespace-stripping loop. The original\ncode never accounted for the null terminator when bounding the copy.\n\nFix this by changing the loop bound to `sizeof(card-\u003eid) - 1`,\nensuring at least one byte remains as the null terminator.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31778",
"url": "https://www.suse.com/security/cve/CVE-2026-31778"
},
{
"category": "external",
"summary": "SUSE Bug 1263923 for CVE-2026-31778",
"url": "https://bugzilla.suse.com/1263923"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-31778"
},
{
"cve": "CVE-2026-43020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: validate LTK enc_size on load\n\nLoad Long Term Keys stores the user-provided enc_size and later uses\nit to size fixed-size stack operations when replying to LE LTK\nrequests. An enc_size larger than the 16-byte key buffer can therefore\noverflow the reply stack buffer.\n\nReject oversized enc_size values while validating the management LTK\nrecord so invalid keys never reach the stored key state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43020",
"url": "https://www.suse.com/security/cve/CVE-2026-43020"
},
{
"category": "external",
"summary": "SUSE Bug 1264006 for CVE-2026-43020",
"url": "https://bugzilla.suse.com/1264006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43020"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent\n\nctnetlink_alloc_expect() allocates expectations from a non-zeroing\nslab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not\npresent in the netlink message, saved_addr and saved_proto are\nnever initialized. Stale data from a previous slab occupant can\nthen be dumped to userspace by ctnetlink_exp_dump_expect(), which\nchecks these fields to decide whether to emit CTA_EXPECT_NAT.\n\nThe safe sibling nf_ct_expect_init(), used by the packet path,\nexplicitly zeroes these fields.\n\nZero saved_addr, saved_proto and dir in the else branch, guarded\nby IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when\nNAT is enabled.\n\nConfirmed by priming the expect slab with NAT-bearing expectations,\nfreeing them, creating a new expectation without CTA_EXPECT_NAT,\nand observing that the ctnetlink dump emits a spurious\nCTA_EXPECT_NAT containing stale data from the prior allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43026",
"url": "https://www.suse.com/security/cve/CVE-2026-43026"
},
{
"category": "external",
"summary": "SUSE Bug 1263932 for CVE-2026-43026",
"url": "https://bugzilla.suse.com/1263932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43026"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: clear skb2-\u003ecb[] in ip4ip6_err()\n\nOskar Kjos reported the following problem.\n\nip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written\nby the IPv6 receive path as struct inet6_skb_parm. icmp_send() passes\nIPCB(skb2) to __ip_options_echo(), which interprets that cb[] region\nas struct inet_skb_parm (IPv4). The layouts differ: inet6_skb_parm.nhoff\nat offset 14 overlaps inet_skb_parm.opt.rr, producing a non-zero rr\nvalue. __ip_options_echo() then reads optlen from attacker-controlled\npacket data at sptr[rr+1] and copies that many bytes into dopt-\u003e__data,\na fixed 40-byte stack buffer (IP_OPTIONS_DATA_FIXED_SIZE).\n\nTo fix this we clear skb2-\u003ecb[], as suggested by Oskar Kjos.\n\nAlso add minimal IPv4 header validation (version == 4, ihl \u003e= 5).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43037",
"url": "https://www.suse.com/security/cve/CVE-2026-43037"
},
{
"category": "external",
"summary": "SUSE Bug 1263995 for CVE-2026-43037",
"url": "https://bugzilla.suse.com/1263995"
},
{
"category": "external",
"summary": "SUSE Bug 1265197 for CVE-2026-43037",
"url": "https://bugzilla.suse.com/1265197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-43037"
},
{
"cve": "CVE-2026-43038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: icmp: clear skb2-\u003ecb[] in ip6_err_gen_icmpv6_unreach()\n\nSashiko AI-review observed:\n\n In ip6_err_gen_icmpv6_unreach(), the skb is an outer IPv4 ICMP error packet\n where its cb contains an IPv4 inet_skb_parm. When skb is cloned into skb2\n and passed to icmp6_send(), it uses IP6CB(skb2).\n\n IP6CB interprets the IPv4 inet_skb_parm as an inet6_skb_parm. The cipso\n offset in inet_skb_parm.opt directly overlaps with dsthao in inet6_skb_parm\n at offset 18.\n\n If an attacker sends a forged ICMPv4 error with a CIPSO IP option, dsthao\n would be a non-zero offset. Inside icmp6_send(), mip6_addr_swap() is called\n and uses ipv6_find_tlv(skb, opt-\u003edsthao, IPV6_TLV_HAO).\n\n This would scan the inner, attacker-controlled IPv6 packet starting at that\n offset, potentially returning a fake TLV without checking if the remaining\n packet length can hold the full 18-byte struct ipv6_destopt_hao.\n\n Could mip6_addr_swap() then perform a 16-byte swap that extends past the end\n of the packet data into skb_shared_info?\n\n Should the cb array also be cleared in ip6_err_gen_icmpv6_unreach() and\n ip6ip6_err() to prevent this?\n\nThis patch implements the first suggestion.\n\nI am not sure if ip6ip6_err() needs to be changed.\nA separate patch would be better anyway.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43038",
"url": "https://www.suse.com/security/cve/CVE-2026-43038"
},
{
"category": "external",
"summary": "SUSE Bug 1264097 for CVE-2026-43038",
"url": "https://bugzilla.suse.com/1264097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43038"
},
{
"cve": "CVE-2026-43040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak\n\nWhen processing Router Advertisements with user options the kernel\nbuilds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct\nhas three padding fields that are never zeroed and can leak kernel data\n\nThe fix is simple, just zeroes the padding fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43040",
"url": "https://www.suse.com/security/cve/CVE-2026-43040"
},
{
"category": "external",
"summary": "SUSE Bug 1264091 for CVE-2026-43040",
"url": "https://bugzilla.suse.com/1264091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43040"
},
{
"cve": "CVE-2026-43052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check tdls flag in ieee80211_tdls_oper\n\nWhen NL80211_TDLS_ENABLE_LINK is called, the code only checks if the\nstation exists but not whether it is actually a TDLS station. This\nallows the operation to proceed for non-TDLS stations, causing\nunintended side effects like modifying channel context and HT\nprotection before failing.\n\nAdd a check for sta-\u003esta.tdls early in the ENABLE_LINK case, before\nany side effects occur, to ensure the operation is only allowed for\nactual TDLS peers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43052",
"url": "https://www.suse.com/security/cve/CVE-2026-43052"
},
{
"category": "external",
"summary": "SUSE Bug 1263945 for CVE-2026-43052",
"url": "https://bugzilla.suse.com/1263945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43052"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: magicmouse: Do not crash on missing msc-\u003einput\n\nFake USB devices can send their own report descriptors for which the\ninput_mapping() hook does not get called. In this case, msc-\u003einput stays NULL,\nleading to a crash at a later time.\n\nDetect this condition in the input_configured() hook and reject the device.\n\nThis is not supposed to happen with actual magic mouse devices, but can be\nprovoked by imposing as a magic mouse USB device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43140",
"url": "https://www.suse.com/security/cve/CVE-2026-43140"
},
{
"category": "external",
"summary": "SUSE Bug 1264630 for CVE-2026-43140",
"url": "https://bugzilla.suse.com/1264630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43140"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()\n\nThe kfd_event_page_set() function writes KFD_SIGNAL_EVENT_LIMIT * 8\nbytes via memset without checking the buffer size parameter. This allows\nunprivileged userspace to trigger an out-of bounds kernel memory write\nby passing a small buffer, leading to potential privilege\nescalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43206",
"url": "https://www.suse.com/security/cve/CVE-2026-43206"
},
{
"category": "external",
"summary": "SUSE Bug 1264551 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "external",
"summary": "SUSE Bug 1266668 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1266668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-43206"
},
{
"cve": "CVE-2026-43234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: avoid NETDEV_CHANGEMTU event when unregistering slave\n\nsyzbot is reporting\n\n unregister_netdevice: waiting for netdevsim0 to become free. Usage count = 3\n ref_tracker: netdev@ffff88807dcf8618 has 1/2 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4400 [inline]\n netdev_hold include/linux/netdevice.h:4429 [inline]\n inetdev_init+0x201/0x4e0 net/ipv4/devinet.c:286\n inetdev_event+0x251/0x1610 net/ipv4/devinet.c:1600\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_mtu net/core/dev.c:2318 [inline]\n netif_set_mtu_ext+0x5aa/0x800 net/core/dev.c:9886\n netif_set_mtu+0xd7/0x1b0 net/core/dev.c:9907\n dev_set_mtu+0x126/0x260 net/core/dev_api.c:248\n team_port_del+0xb07/0xcb0 drivers/net/team/team_core.c:1333\n team_del_slave drivers/net/team/team_core.c:1936 [inline]\n team_device_event+0x207/0x5b0 drivers/net/team/team_core.c:2929\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2281 [inline]\n call_netdevice_notifiers net/core/dev.c:2295 [inline]\n __dev_change_net_namespace+0xcb7/0x2050 net/core/dev.c:12592\n do_setlink+0x2ce/0x4590 net/core/rtnetlink.c:3060\n rtnl_changelink net/core/rtnetlink.c:3776 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3935 [inline]\n rtnl_newlink+0x15a9/0x1be0 net/core/rtnetlink.c:4072\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\n\nproblem. Ido Schimmel found steps to reproduce\n\n ip link add name team1 type team\n ip link add name dummy1 mtu 1499 master team1 type dummy\n ip netns add ns1\n ip link set dev dummy1 netns ns1\n ip -n ns1 link del dev dummy1\n\nand also found that the same issue was fixed in the bond driver in\ncommit f51048c3e07b (\"bonding: avoid NETDEV_CHANGEMTU event when\nunregistering slave\").\n\nLet\u0027s do similar thing for the team driver, with commit ad7c7b2172c3 (\"net:\nhold netdev instance lock during sysfs operations\") and commit 303a8487a657\n(\"net: s/__dev_set_mtu/__netif_set_mtu/\") also applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43234",
"url": "https://www.suse.com/security/cve/CVE-2026-43234"
},
{
"category": "external",
"summary": "SUSE Bug 1264409 for CVE-2026-43234",
"url": "https://bugzilla.suse.com/1264409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43234"
},
{
"cve": "CVE-2026-43338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43338"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reserve enough transaction items for qgroup ioctls\n\nCurrently our qgroup ioctls don\u0027t reserve any space, they just do a\ntransaction join, which does not reserve any space, neither for the quota\ntree updates nor for the delayed refs generated when updating the quota\ntree. The quota root uses the global block reserve, which is fine most of\nthe time since we don\u0027t expect a lot of updates to the quota root, or to\nbe too close to -ENOSPC such that other critical metadata updates need to\nresort to the global reserve.\n\nHowever this is not optimal, as not reserving proper space may result in a\ntransaction abort due to not reserving space for delayed refs and then\nabusing the use of the global block reserve.\n\nFor example, the following reproducer (which is unlikely to model any\nreal world use case, but just to illustrate the problem), triggers such a\ntransaction abort due to -ENOSPC when running delayed refs:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/nullb0\n MNT=/mnt/nullb0\n\n umount $DEV \u0026\u003e /dev/null\n # Limit device to 1G so that it\u0027s much faster to reproduce the issue.\n mkfs.btrfs -f -b 1G $DEV\n mount -o commit=600 $DEV $MNT\n\n fallocate -l 800M $MNT/filler\n btrfs quota enable $MNT\n\n for ((i = 1; i \u003c= 400000; i++)); do\n btrfs qgroup create 1/$i $MNT\n done\n\n umount $MNT\n\nWhen running this, we can see in dmesg/syslog that a transaction abort\nhappened:\n\n [436.490] BTRFS error (device nullb0): failed to run delayed ref for logical 30408704 num_bytes 16384 type 176 action 1 ref_mod 1: -28\n [436.493] ------------[ cut here ]------------\n [436.494] BTRFS: Transaction aborted (error -28)\n [436.495] WARNING: fs/btrfs/extent-tree.c:2247 at btrfs_run_delayed_refs+0xd9/0x110 [btrfs], CPU#4: umount/2495372\n [436.497] Modules linked in: btrfs loop (...)\n [436.508] CPU: 4 UID: 0 PID: 2495372 Comm: umount Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [436.510] Tainted: [W]=WARN\n [436.511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [436.513] RIP: 0010:btrfs_run_delayed_refs+0xdf/0x110 [btrfs]\n [436.514] Code: 0f 82 ea (...)\n [436.518] RSP: 0018:ffffd511850b7d78 EFLAGS: 00010292\n [436.519] RAX: 00000000ffffffe4 RBX: ffff8f120dad37e0 RCX: 0000000002040001\n [436.520] RDX: 0000000000000002 RSI: 00000000ffffffe4 RDI: ffffffffc090fd80\n [436.522] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffffc04d1867\n [436.523] R10: ffff8f18dc1fffa8 R11: 0000000000000003 R12: ffff8f173aa89400\n [436.524] R13: 0000000000000000 R14: ffff8f173aa89400 R15: 0000000000000000\n [436.526] FS: 00007fe59045d840(0000) GS:ffff8f192e22e000(0000) knlGS:0000000000000000\n [436.527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [436.528] CR2: 00007fe5905ff2b0 CR3: 000000060710a002 CR4: 0000000000370ef0\n [436.530] Call Trace:\n [436.530] \u003cTASK\u003e\n [436.530] btrfs_commit_transaction+0x73/0xc00 [btrfs]\n [436.531] ? btrfs_attach_transaction_barrier+0x1e/0x70 [btrfs]\n [436.532] sync_filesystem+0x7a/0x90\n [436.533] generic_shutdown_super+0x28/0x180\n [436.533] kill_anon_super+0x12/0x40\n [436.534] btrfs_kill_super+0x12/0x20 [btrfs]\n [436.534] deactivate_locked_super+0x2f/0xb0\n [436.534] cleanup_mnt+0xea/0x180\n [436.535] task_work_run+0x58/0xa0\n [436.535] exit_to_user_mode_loop+0xed/0x480\n [436.536] ? __x64_sys_umount+0x68/0x80\n [436.536] do_syscall_64+0x2a5/0xf20\n [436.537] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [436.537] RIP: 0033:0x7fe5906b6217\n [436.538] Code: 0d 00 f7 (...)\n [436.540] RSP: 002b:00007ffcd87a61f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n [436.541] RAX: 0000000000000000 RBX: 00005618b9ecadc8 RCX: 00007fe5906b6217\n [436.541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005618b9ecb100\n [436.542] RBP: 0000000000000000 R08: 00007ffcd87a4fe0 R09: 00000000ffffffff\n [436.544] R10: 0000000000000103 R11: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43338",
"url": "https://www.suse.com/security/cve/CVE-2026-43338"
},
{
"category": "external",
"summary": "SUSE Bug 1264716 for CVE-2026-43338",
"url": "https://bugzilla.suse.com/1264716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43338"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort on set received ioctl due to item overflow\n\nIf the set received ioctl fails due to an item overflow when attempting to\nadd the BTRFS_UUID_KEY_RECEIVED_SUBVOL we have to abort the transaction\nsince we did some metadata updates before.\n\nThis means that if a user calls this ioctl with the same received UUID\nfield for a lot of subvolumes, we will hit the overflow, trigger the\ntransaction abort and turn the filesystem into RO mode. A malicious user\ncould exploit this, and this ioctl does not even requires that a user\nhas admin privileges (CAP_SYS_ADMIN), only that he/she owns the subvolume.\n\nFix this by doing an early check for item overflow before starting a\ntransaction. This is also race safe because we are holding the subvol_sem\nsemaphore in exclusive (write) mode.\n\nA test case for fstests will follow soon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43359",
"url": "https://www.suse.com/security/cve/CVE-2026-43359"
},
{
"category": "external",
"summary": "SUSE Bug 1264719 for CVE-2026-43359",
"url": "https://bugzilla.suse.com/1264719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43359"
},
{
"cve": "CVE-2026-43361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort when snapshotting received subvolumes\n\nCurrently a user can trigger a transaction abort by snapshotting a\npreviously received snapshot a bunch of times until we reach a\nBTRFS_UUID_KEY_RECEIVED_SUBVOL item overflow (the maximum item size we\ncan store in a leaf). This is very likely not common in practice, but\nif it happens, it turns the filesystem into RO mode. The snapshot, send\nand set_received_subvol and subvol_setflags (used by receive) don\u0027t\nrequire CAP_SYS_ADMIN, just inode_owner_or_capable(). A malicious user\ncould use this to turn a filesystem into RO mode and disrupt a system.\n\nReproducer script:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/sdi\n MNT=/mnt/sdi\n\n # Use smallest node size to make the test faster.\n mkfs.btrfs -f --nodesize 4K $DEV\n mount $DEV $MNT\n\n # Create a subvolume and set it to RO so that it can be used for send.\n btrfs subvolume create $MNT/sv\n touch $MNT/sv/foo\n btrfs property set $MNT/sv ro true\n\n # Send and receive the subvolume into snaps/sv.\n mkdir $MNT/snaps\n btrfs send $MNT/sv | btrfs receive $MNT/snaps\n\n # Now snapshot the received subvolume, which has a received_uuid, a\n # lot of times to trigger the leaf overflow.\n total=500\n for ((i = 1; i \u003c= $total; i++)); do\n echo -ne \"\\rCreating snapshot $i/$total\"\n btrfs subvolume snapshot -r $MNT/snaps/sv $MNT/snaps/sv_$i \u003e /dev/null\n done\n echo\n\n umount $MNT\n\nWhen running the test:\n\n $ ./test.sh\n (...)\n Create subvolume \u0027/mnt/sdi/sv\u0027\n At subvol /mnt/sdi/sv\n At subvol sv\n Creating snapshot 496/500ERROR: Could not create subvolume: Value too large for defined data type\n Creating snapshot 497/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 498/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 499/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 500/500ERROR: Could not create subvolume: Read-only file system\n\nAnd in dmesg/syslog:\n\n $ dmesg\n (...)\n [251067.627338] BTRFS warning (device sdi): insert uuid item failed -75 (0x4628b21c4ac8d898, 0x2598bee2b1515c91) type 252!\n [251067.629212] ------------[ cut here ]------------\n [251067.630033] BTRFS: Transaction aborted (error -75)\n [251067.630871] WARNING: fs/btrfs/transaction.c:1907 at create_pending_snapshot.cold+0x52/0x465 [btrfs], CPU#10: btrfs/615235\n [251067.632851] Modules linked in: btrfs dm_zero (...)\n [251067.644071] CPU: 10 UID: 0 PID: 615235 Comm: btrfs Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [251067.646165] Tainted: [W]=WARN\n [251067.646733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [251067.648735] RIP: 0010:create_pending_snapshot.cold+0x55/0x465 [btrfs]\n [251067.649984] Code: f0 48 0f (...)\n [251067.653313] RSP: 0018:ffffce644908fae8 EFLAGS: 00010292\n [251067.653987] RAX: 00000000ffffff01 RBX: ffff8e5639e63a80 RCX: 00000000ffffffd3\n [251067.655042] RDX: ffff8e53faa76b00 RSI: 00000000ffffffb5 RDI: ffffffffc0919750\n [251067.656077] RBP: ffffce644908fbd8 R08: 0000000000000000 R09: ffffce644908f820\n [251067.657068] R10: ffff8e5adc1fffa8 R11: 0000000000000003 R12: ffff8e53c0431bd0\n [251067.658050] R13: ffff8e5414593600 R14: ffff8e55efafd000 R15: 00000000ffffffb5\n [251067.659019] FS: 00007f2a4944b3c0(0000) GS:ffff8e5b27dae000(0000) knlGS:0000000000000000\n [251067.660115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [251067.660943] CR2: 00007ffc5aa57898 CR3: 00000005813a2003 CR4: 0000000000370ef0\n [251067.661972] Call Trace:\n [251067.662292] \u003cTASK\u003e\n [251067.662653] create_pending_snapshots+0x97/0xc0 [btrfs]\n [251067.663413] btrfs_commit_transaction+0x26e/0xc00 [btrfs]\n [251067.664257] ? btrfs_qgroup_convert_reserved_meta+0x35/0x390 [btrfs]\n [251067.665238] ? _raw_spin_unlock+0x15/0x30\n [251067.665837] ? record_root_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43361",
"url": "https://www.suse.com/security/cve/CVE-2026-43361"
},
{
"category": "external",
"summary": "SUSE Bug 1264722 for CVE-2026-43361",
"url": "https://bugzilla.suse.com/1264722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43361"
},
{
"cve": "CVE-2026-43407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()\n\nThis patch fixes an out-of-bounds access in ceph_handle_auth_reply()\nthat can be triggered by a message of type CEPH_MSG_AUTH_REPLY. In\nceph_handle_auth_reply(), the value of the payload_len field of such a\nmessage is stored in a variable of type int. A value greater than\nINT_MAX leads to an integer overflow and is interpreted as a negative\nvalue. This leads to decrementing the pointer address by this value and\nsubsequently accessing it because ceph_decode_need() only checks that\nthe memory access does not exceed the end address of the allocation.\n\nThis patch fixes the issue by changing the data type of payload_len to\nu32. Additionally, the data type of result_msg_len is changed to u32,\nas it is also a variable holding a non-negative length.\n\nAlso, an additional layer of sanity checks is introduced, ensuring that\ndirectly after reading it from the message, payload_len and\nresult_msg_len are not greater than the overall segment length.\n\nBUG: KASAN: slab-out-of-bounds in ceph_handle_auth_reply+0x642/0x7a0 [libceph]\nRead of size 4 at addr ffff88811404df14 by task kworker/20:1/262\n\nCPU: 20 UID: 0 PID: 262 Comm: kworker/20:1 Not tainted 6.19.2 #5 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nWorkqueue: ceph-msgr ceph_con_workfn [libceph]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x76/0xa0\n print_report+0xd1/0x620\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? kasan_complete_mode_report_info+0x72/0x210\n kasan_report+0xe7/0x130\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n __asan_report_load_n_noabort+0xf/0x20\n ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n mon_dispatch+0x973/0x23d0 [libceph]\n ? apparmor_socket_recvmsg+0x6b/0xa0\n ? __pfx_mon_dispatch+0x10/0x10 [libceph]\n ? __kasan_check_write+0x14/0x30i\n ? mutex_unlock+0x7f/0xd0\n ? __pfx_mutex_unlock+0x10/0x10\n ? __pfx_do_recvmsg+0x10/0x10 [libceph]\n ceph_con_process_message+0x1f1/0x650 [libceph]\n process_message+0x1e/0x450 [libceph]\n ceph_con_v2_try_read+0x2e48/0x6c80 [libceph]\n ? __pfx_ceph_con_v2_try_read+0x10/0x10 [libceph]\n ? save_fpregs_to_fpstate+0xb0/0x230\n ? raw_spin_rq_unlock+0x17/0xa0\n ? finish_task_switch.isra.0+0x13b/0x760\n ? __switch_to+0x385/0xda0\n ? __kasan_check_write+0x14/0x30\n ? mutex_lock+0x8d/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n ceph_con_workfn+0x248/0x10c0 [libceph]\n process_one_work+0x629/0xf80\n ? __kasan_check_write+0x14/0x30\n worker_thread+0x87f/0x1570\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? __pfx_try_to_wake_up+0x10/0x10\n ? kasan_print_address_stack_frame+0x1f7/0x280\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x396/0x830\n ? __pfx__raw_spin_lock_irq+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ? __kasan_check_write+0x14/0x30\n ? recalc_sigpending+0x180/0x210\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x3f7/0x610\n ? __pfx_ret_from_fork+0x10/0x10\n ? __switch_to+0x385/0xda0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n[ idryomov: replace if statements with ceph_decode_need() for\n payload_len and result_msg_len ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43407",
"url": "https://www.suse.com/security/cve/CVE-2026-43407"
},
{
"category": "external",
"summary": "SUSE Bug 1265020 for CVE-2026-43407",
"url": "https://bugzilla.suse.com/1265020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43407"
},
{
"cve": "CVE-2026-43413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix NULL pointer exception during user_scan()\n\nuser_scan() invokes updated sas_user_scan() for channel 0, and if\nsuccessful, iteratively scans remaining channels (1 to shost-\u003emax_channel)\nvia scsi_scan_host_selected() in commit 37c4e72b0651 (\"scsi: Fix\nsas_user_scan() to handle wildcard and multi-channel scans\"). However,\nhisi_sas supports only one channel, and the current value of max_channel is\n1. sas_user_scan() for channel 1 will trigger the following NULL pointer\nexception:\n\n[ 441.554662] Unable to handle kernel NULL pointer dereference at virtual address 00000000000008b0\n[ 441.554699] Mem abort info:\n[ 441.554710] ESR = 0x0000000096000004\n[ 441.554718] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 441.554723] SET = 0, FnV = 0\n[ 441.554726] EA = 0, S1PTW = 0\n[ 441.554730] FSC = 0x04: level 0 translation fault\n[ 441.554735] Data abort info:\n[ 441.554737] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 441.554742] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 441.554747] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 441.554752] user pgtable: 4k pages, 48-bit VAs, pgdp=00000828377a6000\n[ 441.554757] [00000000000008b0] pgd=0000000000000000, p4d=0000000000000000\n[ 441.554769] Internal error: Oops: 0000000096000004 [#1] SMP\n[ 441.629589] Modules linked in: arm_spe_pmu arm_smmuv3_pmu tpm_tis_spi hisi_uncore_sllc_pmu hisi_uncore_pa_pmu hisi_uncore_l3c_pmu hisi_uncore_hha_pmu hisi_uncore_ddrc_pmu hisi_uncore_cpa_pmu hns3_pmu hisi_ptt hisi_pcie_pmu tpm_tis_core spidev spi_hisi_sfc_v3xx hisi_uncore_pmu spi_dw_mmio fuse hclge hclge_common hisi_sec2 hisi_hpre hisi_zip hisi_qm hns3 hisi_sas_v3_hw sm3_ce sbsa_gwdt hnae3 hisi_sas_main uacce hisi_dma i2c_hisi dm_mirror dm_region_hash dm_log dm_mod\n[ 441.670819] CPU: 46 UID: 0 PID: 6994 Comm: bash Kdump: loaded Not tainted 7.0.0-rc2+ #84 PREEMPT\n[ 441.691327] pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[ 441.698277] pc : sas_find_dev_by_rphy+0x44/0x118\n[ 441.702896] lr : sas_find_dev_by_rphy+0x3c/0x118\n[ 441.707502] sp : ffff80009abbba40\n[ 441.710805] x29: ffff80009abbba40 x28: ffff082819a40008 x27: ffff082810c37c08\n[ 441.717930] x26: ffff082810c37c28 x25: ffff082819a40290 x24: ffff082810c37c00\n[ 441.725054] x23: 0000000000000000 x22: 0000000000000001 x21: ffff082819a40000\n[ 441.732179] x20: ffff082819a40290 x19: 0000000000000000 x18: 0000000000000020\n[ 441.739304] x17: 0000000000000000 x16: ffffb5dad6bda690 x15: 00000000ffffffff\n[ 441.746428] x14: ffff082814c3b26c x13: 00000000ffffffff x12: ffff082814c3b26a\n[ 441.753553] x11: 00000000000000c0 x10: 000000000000003a x9 : ffffb5dad5ea94f4\n[ 441.760678] x8 : 000000000000003a x7 : ffff80009abbbab0 x6 : 0000000000000030\n[ 441.767802] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n[ 441.774926] x2 : ffff08280f35a300 x1 : ffffb5dad7127180 x0 : 0000000000000000\n[ 441.782053] Call trace:\n[ 441.784488] sas_find_dev_by_rphy+0x44/0x118 (P)\n[ 441.789095] sas_target_alloc+0x24/0xb0\n[ 441.792920] scsi_alloc_target+0x290/0x330\n[ 441.797010] __scsi_scan_target+0x88/0x258\n[ 441.801096] scsi_scan_channel+0x74/0xb8\n[ 441.805008] scsi_scan_host_selected+0x170/0x188\n[ 441.809615] sas_user_scan+0xfc/0x148\n[ 441.813267] store_scan+0x10c/0x180\n[ 441.816743] dev_attr_store+0x20/0x40\n[ 441.820398] sysfs_kf_write+0x84/0xa8\n[ 441.824054] kernfs_fop_write_iter+0x130/0x1c8\n[ 441.828487] vfs_write+0x2c0/0x370\n[ 441.831880] ksys_write+0x74/0x118\n[ 441.835271] __arm64_sys_write+0x24/0x38\n[ 441.839182] invoke_syscall+0x50/0x120\n[ 441.842919] el0_svc_common.constprop.0+0xc8/0xf0\n[ 441.847611] do_el0_svc+0x24/0x38\n[ 441.850913] el0_svc+0x38/0x158\n[ 441.854043] el0t_64_sync_handler+0xa0/0xe8\n[ 441.858214] el0t_64_sync+0x1ac/0x1b0\n[ 441.861865] Code: aa1303e0 97ff70a8 34ffff80 d10a4273 (f9445a75)\n[ 441.867946] ---[ end trace 0000000000000000 ]---\n\nTherefore\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43413",
"url": "https://www.suse.com/security/cve/CVE-2026-43413"
},
{
"category": "external",
"summary": "SUSE Bug 1264671 for CVE-2026-43413",
"url": "https://bugzilla.suse.com/1264671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43413"
},
{
"cve": "CVE-2026-43414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Completely fix fcport double free\n\nIn qla24xx_els_dcmd_iocb() sp-\u003efree is set to qla2x00_els_dcmd_sp_free().\nWhen an error happens, this function is called by qla2x00_sp_release(),\nwhen kref_put() releases the first and the last reference.\n\nqla2x00_els_dcmd_sp_free() frees fcport by calling qla2x00_free_fcport().\nDoing it one more time after kref_put() is a bad idea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43414",
"url": "https://www.suse.com/security/cve/CVE-2026-43414"
},
{
"category": "external",
"summary": "SUSE Bug 1264669 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "external",
"summary": "SUSE Bug 1264670 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-43414"
},
{
"cve": "CVE-2026-43499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtmutex: Use waiter::task instead of current in remove_waiter()\n\nremove_waiter() is used by the slowlock paths, but it is also used for\nproxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from\nfutex_requeue().\n\nIn the latter case waiter::task is not current, but remove_waiter()\noperates on current for the dequeue operation. That results in several\nproblems:\n\n 1) the rbtree dequeue happens without waiter::task::pi_lock being held\n\n 2) the waiter task\u0027s pi_blocked_on state is not cleared, which leaves a\n dangling pointer primed for UAF around.\n\n 3) rt_mutex_adjust_prio_chain() operates on the wrong top priority waiter\n task\n\nUse waiter::task instead of current in all related operations in\nremove_waiter() to cure those problems.\n\n[ tglx: Fixup rt_mutex_adjust_prio_chain(), add a comment and amend the\n \tchangelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43499",
"url": "https://www.suse.com/security/cve/CVE-2026-43499"
},
{
"category": "external",
"summary": "SUSE Bug 1266001 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "external",
"summary": "SUSE Bug 1266014 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-43499"
},
{
"cve": "CVE-2026-43503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: propagate shared-frag marker through frag-transfer helpers\n\nTwo frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail\nto propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()-\u003eflags when\nmoving frags from source to destination. __pskb_copy_fclone() defers\nthe rest of the shinfo metadata to skb_copy_header() after copying\nfrag descriptors, but that helper only carries over gso_{size,segs,\ntype} and never touches skb_shinfo()-\u003eflags; skb_shift() moves frag\ndescriptors directly and leaves flags untouched. As a result, the\ndestination skb keeps a reference to the same externally-owned or\npage-cache-backed pages while reporting skb_has_shared_frag() as\nfalse.\n\nThe mismatch is harmful in any in-place writer that uses\nskb_has_shared_frag() to decide whether shared pages must be detoured\nthrough skb_cow_data(). ESP input is one such writer (esp4.c,\nesp6.c), and a single nft \u0027dup to \u003clocal\u003e\u0027 rule -- or any other\nnf_dup_ipv4() / xt_TEE caller -- is enough to land a pskb_copy()\u0027d\nskb in esp_input() with the marker stripped, letting an unprivileged\nuser write into the page cache of a root-owned read-only file via\nauthencesn-ESN stray writes.\n\nSet SKBFL_SHARED_FRAG on the destination whenever frag descriptors\nwere actually moved from the source. skb_copy() and skb_copy_expand()\nshare skb_copy_header() too but linearize all paged data into freshly\nallocated head storage and emerge with nr_frags == 0, so\nskb_has_shared_frag() returns false on its own; they need no change.\n\nThe same omission exists in skb_gro_receive() and skb_gro_receive_list().\nThe former moves the incoming skb\u0027s frag descriptors into the\naccumulator\u0027s last sub-skb via two paths (a direct frag-move loop and\nthe head_frag + memcpy path); the latter chains the incoming skb whole\nonto p\u0027s frag_list. Downstream skb_segment() reads only\nskb_shinfo(p)-\u003eflags, and skb_segment_list() reuses each sub-skb\u0027s\nshinfo as the nskb -- both p and lp must carry the marker.\n\nThe same omission also exists in tcp_clone_payload(), which builds an\nMTU probe skb by moving frag descriptors from skbs on sk_write_queue\ninto a freshly allocated nskb. The helper falls into the same family\nand warrants the same fix for consistency; no TCP TX-side in-place\nwriter is currently known to reach a user page through this gap, but\na future consumer depending on the marker would regress silently.\n\nThe same omission exists in skb_segment(): the per-iteration flag\nmerge takes only head_skb\u0027s flag, and the inner switch that rebinds\nfrag_skb to list_skb on head_skb-frags exhaustion does not fold the\nnew frag_skb\u0027s flag into nskb. Fold frag_skb\u0027s flag at both sites\nso segments drawing frags from frag_list members carry the marker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43503",
"url": "https://www.suse.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "SUSE Bug 1265209 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265209"
},
{
"category": "external",
"summary": "SUSE Bug 1265960 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "external",
"summary": "SUSE Bug 1266229 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1266229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-43503"
},
{
"cve": "CVE-2026-45835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()\n\nAdd the same NULL guard already present in\nl2cap_sock_resume_cb() and l2cap_sock_ready_cb().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45835",
"url": "https://www.suse.com/security/cve/CVE-2026-45835"
},
{
"category": "external",
"summary": "SUSE Bug 1266411 for CVE-2026-45835",
"url": "https://bugzilla.suse.com/1266411"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45835"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: reject VJ receive packets on instances with no rstate array\n\nslhc_init() accepts rslots == 0 as a valid configuration, with the\ndocumented meaning of \u0027no receive compression\u0027. In that case the\nallocation loop in slhc_init() is skipped, so comp-\u003erstate stays\nNULL and comp-\u003erslot_limit stays 0 (from the kzalloc of struct\nslcompress).\n\nThe receive helpers do not defend against that configuration.\nslhc_uncompress() dereferences comp-\u003erstate[x] when the VJ header\ncarries an explicit connection ID, and slhc_remember() later assigns\ncs = \u0026comp-\u003erstate[...] after only comparing the packet\u0027s slot number\nto comp-\u003erslot_limit. Because rslot_limit is 0, slot 0 passes the\nrange check, and the code dereferences a NULL rstate.\n\nThe configuration is reachable in-tree through PPP. PPPIOCSMAXCID\nstores its argument in a signed int, and (val \u003e\u003e 16) uses arithmetic\nshift. Passing 0xffff0000 therefore sign-extends to -1, so val2 + 1\nis 0 and ppp_generic.c ends up calling slhc_init(0, 1). Because\n/dev/ppp open is gated by ns_capable(CAP_NET_ADMIN), the whole path\nis reachable from an unprivileged user namespace. Once the malformed\nVJ state is installed, any inbound VJ-compressed or VJ-uncompressed\nframe that selects slot 0 crashes the kernel in softirq context:\n\n Oops: general protection fault, probably for non-canonical\n address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:slhc_uncompress (drivers/net/slip/slhc.c:519)\n Call Trace:\n \u003cTASK\u003e\n ppp_receive_nonmp_frame (drivers/net/ppp/ppp_generic.c:2466)\n ppp_input (drivers/net/ppp/ppp_generic.c:2359)\n ppp_async_process (drivers/net/ppp/ppp_async.c:492)\n tasklet_action_common (kernel/softirq.c:926)\n handle_softirqs (kernel/softirq.c:623)\n run_ksoftirqd (kernel/softirq.c:1055)\n smpboot_thread_fn (kernel/smpboot.c:160)\n kthread (kernel/kthread.c:436)\n ret_from_fork (arch/x86/kernel/process.c:164)\n \u003c/TASK\u003e\n\nReject the receive side on such instances instead of touching rstate.\nslhc_uncompress() falls through to its existing \u0027bad\u0027 label, which\nbumps sls_i_error and enters the toss state. slhc_remember() mirrors\nthat with an explicit sls_i_error increment followed by slhc_toss();\nthe sls_i_runt counter is not used here because a missing rstate is\nan internal configuration state, not a runt packet.\n\nThe transmit path is unaffected: the only in-tree caller that picks\nrslots from userspace (ppp_generic.c) still supplies tslots \u003e= 1, and\nslip.c always calls slhc_init(16, 16), so comp-\u003etstate remains valid\nand slhc_compress() continues to work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45842",
"url": "https://www.suse.com/security/cve/CVE-2026-45842"
},
{
"category": "external",
"summary": "SUSE Bug 1266400 for CVE-2026-45842",
"url": "https://bugzilla.suse.com/1266400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45842"
},
{
"cve": "CVE-2026-45843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: bound decode() reads against the compressed packet length\n\nslhc_uncompress() parses a VJ-compressed TCP header by advancing a\npointer through the packet via decode() and pull16(). Neither helper\nbounds-checks against isize, and decode() masks its return with\n\u0026 0xffff so it can never return the -1 that callers test for -- those\nerror paths are dead code.\n\nA short compressed frame whose change byte requests optional fields\nlets decode() read past the end of the packet. The over-read bytes\nare folded into the cached cstate and reflected into subsequent\nreconstructed packets.\n\nMake decode() and pull16() take the packet end pointer and return -1\nwhen exhausted. Add a bounds check before the TCP-checksum read.\nThe existing == -1 tests now do what they were always meant to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45843",
"url": "https://www.suse.com/security/cve/CVE-2026-45843"
},
{
"category": "external",
"summary": "SUSE Bug 1266395 for CVE-2026-45843",
"url": "https://bugzilla.suse.com/1266395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45843"
},
{
"cve": "CVE-2026-45852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix double free in rxe_srq_from_init\n\nIn rxe_srq_from_init(), the queue pointer \u0027q\u0027 is assigned to\n\u0027srq-\u003erq.queue\u0027 before copying the SRQ number to user space.\nIf copy_to_user() fails, the function calls rxe_queue_cleanup()\nto free the queue, but leaves the now-invalid pointer in\n\u0027srq-\u003erq.queue\u0027.\n\nThe caller of rxe_srq_from_init() (rxe_create_srq) eventually\ncalls rxe_srq_cleanup() upon receiving the error, which triggers\na second rxe_queue_cleanup() on the same memory, leading to a\ndouble free.\n\nThe call trace looks like this:\n kmem_cache_free+0x.../0x...\n rxe_queue_cleanup+0x1a/0x30 [rdma_rxe]\n rxe_srq_cleanup+0x42/0x60 [rdma_rxe]\n rxe_elem_release+0x31/0x70 [rdma_rxe]\n rxe_create_srq+0x12b/0x1a0 [rdma_rxe]\n ib_create_srq_user+0x9a/0x150 [ib_core]\n\nFix this by moving \u0027srq-\u003erq.queue = q\u0027 after copy_to_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45852",
"url": "https://www.suse.com/security/cve/CVE-2026-45852"
},
{
"category": "external",
"summary": "SUSE Bug 1266711 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "external",
"summary": "SUSE Bug 1266727 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-45852"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: alb: fix UAF in rlb_arp_recv during bond up/down\n\nThe ALB RX path may access rx_hashtbl concurrently with bond\nteardown. During rapid bond up/down cycles, rlb_deinitialize()\nfrees rx_hashtbl while RX handlers are still running, leading\nto a null pointer dereference detected by KASAN.\n\nHowever, the root cause is that rlb_arp_recv() can still be accessed\nafter setting recv_probe to NULL, which is actually a use-after-free\n(UAF) issue. That is the reason for using the referenced commit in the\nFixes tag.\n\n[ 214.174138] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001d: 0000 [#1] SMP KASAN PTI\n[ 214.186478] KASAN: null-ptr-deref in range [0x00000000000000e8-0x00000000000000ef]\n[ 214.194933] CPU: 30 UID: 0 PID: 2375 Comm: ping Kdump: loaded Not tainted 6.19.0-rc8+ #2 PREEMPT(voluntary)\n[ 214.205907] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.14.0 01/14/2022\n[ 214.214357] RIP: 0010:rlb_arp_recv+0x505/0xab0 [bonding]\n[ 214.220320] Code: 0f 85 2b 05 00 00 48 b8 00 00 00 00 00 fc ff df 40 0f b6 ed 48 c1 e5 06 49 03 ad 78 01 00 00 48 8d 7d 28 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6\n 04 02 84 c0 74 06 0f 8e 12 05 00 00 80 7d 28 00 0f 84 8c 00\n[ 214.241280] RSP: 0018:ffffc900073d8870 EFLAGS: 00010206\n[ 214.247116] RAX: dffffc0000000000 RBX: ffff888168556822 RCX: ffff88816855681e\n[ 214.255082] RDX: 000000000000001d RSI: dffffc0000000000 RDI: 00000000000000e8\n[ 214.263048] RBP: 00000000000000c0 R08: 0000000000000002 R09: ffffed11192021c8\n[ 214.271013] R10: ffff8888c9010e43 R11: 0000000000000001 R12: 1ffff92000e7b119\n[ 214.278978] R13: ffff8888c9010e00 R14: ffff888168556822 R15: ffff888168556810\n[ 214.286943] FS: 00007f85d2d9cb80(0000) GS:ffff88886ccb3000(0000) knlGS:0000000000000000\n[ 214.295966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 214.302380] CR2: 00007f0d047b5e34 CR3: 00000008a1c2e002 CR4: 00000000001726f0\n[ 214.310347] Call Trace:\n[ 214.313070] \u003cIRQ\u003e\n[ 214.315318] ? __pfx_rlb_arp_recv+0x10/0x10 [bonding]\n[ 214.320975] bond_handle_frame+0x166/0xb60 [bonding]\n[ 214.326537] ? __pfx_bond_handle_frame+0x10/0x10 [bonding]\n[ 214.332680] __netif_receive_skb_core.constprop.0+0x576/0x2710\n[ 214.339199] ? __pfx_arp_process+0x10/0x10\n[ 214.343775] ? sched_balance_find_src_group+0x98/0x630\n[ 214.349513] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10\n[ 214.356513] ? arp_rcv+0x307/0x690\n[ 214.360311] ? __pfx_arp_rcv+0x10/0x10\n[ 214.364499] ? __lock_acquire+0x58c/0xbd0\n[ 214.368975] __netif_receive_skb_one_core+0xae/0x1b0\n[ 214.374518] ? __pfx___netif_receive_skb_one_core+0x10/0x10\n[ 214.380743] ? lock_acquire+0x10b/0x140\n[ 214.385026] process_backlog+0x3f1/0x13a0\n[ 214.389502] ? process_backlog+0x3aa/0x13a0\n[ 214.394174] __napi_poll.constprop.0+0x9f/0x370\n[ 214.399233] net_rx_action+0x8c1/0xe60\n[ 214.403423] ? __pfx_net_rx_action+0x10/0x10\n[ 214.408193] ? lock_acquire.part.0+0xbd/0x260\n[ 214.413058] ? sched_clock_cpu+0x6c/0x540\n[ 214.417540] ? mark_held_locks+0x40/0x70\n[ 214.421920] handle_softirqs+0x1fd/0x860\n[ 214.426302] ? __pfx_handle_softirqs+0x10/0x10\n[ 214.431264] ? __neigh_event_send+0x2d6/0xf50\n[ 214.436131] do_softirq+0xb1/0xf0\n[ 214.439830] \u003c/IRQ\u003e\n\nThe issue is reproducible by repeatedly running\nip link set bond0 up/down while receiving ARP messages, where\nrlb_arp_recv() can race with rlb_deinitialize() and dereference\na freed rx_hashtbl entry.\n\nFix this by setting recv_probe to NULL and then calling\nsynchronize_net() to wait for any concurrent RX processing to finish.\nThis ensures that no RX handler can access rx_hashtbl after it is freed\nin bond_alb_deinitialize().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45970",
"url": "https://www.suse.com/security/cve/CVE-2026-45970"
},
{
"category": "external",
"summary": "SUSE Bug 1267205 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "external",
"summary": "SUSE Bug 1267206 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-45970"
},
{
"cve": "CVE-2026-45983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: never defer requests during idmap lookup\n\nDuring v4 request compound arg decoding, some ops (e.g. SETATTR)\ncan trigger idmap lookup upcalls. When those upcall responses get\ndelayed beyond the allowed time limit, cache_check() will mark the\nrequest for deferral and cause it to be dropped.\n\nThis prevents nfs4svc_encode_compoundres from being executed, and\nthus the session slot flag NFSD4_SLOT_INUSE never gets cleared.\nSubsequent client requests will fail with NFSERR_JUKEBOX, given\nthat the slot will be marked as in-use, making the SEQUENCE op\nfail.\n\nFix this by making sure that the RQ_USEDEFERRAL flag is always\nclear during nfs4svc_decode_compoundargs(), since no v4 request\nshould ever be deferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45983",
"url": "https://www.suse.com/security/cve/CVE-2026-45983"
},
{
"category": "external",
"summary": "SUSE Bug 1266697 for CVE-2026-45983",
"url": "https://bugzilla.suse.com/1266697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45983"
},
{
"cve": "CVE-2026-46021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Fix thermal zone governor cleanup issues\n\nIf thermal_zone_device_register_with_trips() fails after adding\na thermal governor to the thermal zone being registered, the\ngovernor is not removed from it as appropriate which may lead to\na memory leak.\n\nIn turn, thermal_zone_device_unregister() calls thermal_set_governor()\nwithout acquiring the thermal zone lock beforehand which may race with\na governor update via sysfs and may lead to a use-after-free in that\ncase.\n\nAddress these issues by adding two thermal_set_governor() calls, one to\nthermal_release() to remove the governor from the given thermal zone,\nand one to the thermal zone registration error path to cover failures\npreceding the thermal zone device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46021",
"url": "https://www.suse.com/security/cve/CVE-2026-46021"
},
{
"category": "external",
"summary": "SUSE Bug 1267220 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "external",
"summary": "SUSE Bug 1267221 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-46021"
},
{
"cve": "CVE-2026-46024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()\n\nIf a message of type CEPH_MSG_AUTH_REPLY contains a zero value for both\nprotocol and result, this is currently not treated as an error. In case\nof ac-\u003enegotiating == true and ac-\u003eprotocol \u003e 0, this leads to setting\nac-\u003eprotocol = 0 and ac-\u003eops = NULL. Thereafter, the check for\nac-\u003eprotocol != protocol returns false, and init_protocol() is not\ncalled. Subsequently, ac-\u003eops-\u003ehandle_reply() is called, which leads to\na null pointer dereference, because ac-\u003eops is still NULL.\n\nThis patch changes the check for ac-\u003eprotocol != protocol to\n!ac-\u003eprotocol, as this also includes the case when the protocol was set\nto zero in the message. This causes the message to be treated as\ncontaining a bad auth protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46024",
"url": "https://www.suse.com/security/cve/CVE-2026-46024"
},
{
"category": "external",
"summary": "SUSE Bug 1267218 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "external",
"summary": "SUSE Bug 1267219 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267219"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46024"
},
{
"cve": "CVE-2026-46043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv\n\nrxe_rcv() currently checks only that the incoming packet is at least\nheader_size(pkt) bytes long before payload_size() is used.\n\nHowever, payload_size() subtracts both the attacker-controlled BTH pad\nfield and RXE_ICRC_SIZE from pkt-\u003epaylen:\n\n payload_size = pkt-\u003epaylen - offset[RXE_PAYLOAD] - bth_pad(pkt)\n - RXE_ICRC_SIZE\n\nThis means a short packet can still make payload_size() underflow even\nif it includes enough bytes for the fixed headers. Simply requiring\nheader_size(pkt) + RXE_ICRC_SIZE is not sufficient either, because a\npacket with a forged non-zero BTH pad can still leave payload_size()\nnegative and pass an underflowed value to later receive-path users.\n\nFix this by validating pkt-\u003epaylen against the full minimum length\nrequired by payload_size(): header_size(pkt) + bth_pad(pkt) +\nRXE_ICRC_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46043",
"url": "https://www.suse.com/security/cve/CVE-2026-46043"
},
{
"category": "external",
"summary": "SUSE Bug 1266901 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "external",
"summary": "SUSE Bug 1266902 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-46043"
},
{
"cve": "CVE-2026-46090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: aloop: Fix peer runtime UAF during format-change stop\n\nloopback_check_format() may stop the capture side when playback starts\nwith parameters that no longer match a running capture stream. Commit\n826af7fa62e3 (\"ALSA: aloop: Fix racy access at PCM trigger\") moved\nthe peer lookup under cable-\u003elock, but the actual snd_pcm_stop() still\nruns after dropping that lock.\n\nA concurrent close can clear the capture entry from cable-\u003estreams[] and\ndetach or free its runtime while the playback trigger path still holds a\nstale peer substream pointer.\n\nKeep a per-cable count of in-flight peer stops before dropping\ncable-\u003elock, and make free_cable() wait for those stops before\ndetaching the runtime. This preserves the existing behavior while\nmaking the peer runtime lifetime explicit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46090",
"url": "https://www.suse.com/security/cve/CVE-2026-46090"
},
{
"category": "external",
"summary": "SUSE Bug 1267531 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "external",
"summary": "SUSE Bug 1267895 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-46090"
},
{
"cve": "CVE-2026-46113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Fix shadow paging use-after-free due to unexpected GFN\n\nThe shadow MMU computes GFNs for direct shadow pages using sp-\u003egfn plus\nthe SPTE index. This assumption breaks for shadow paging if the guest\npage tables are modified between VM entries (similar to commit\naad885e77496, \"KVM: x86/mmu: Drop/zap existing present SPTE even\nwhen creating an MMIO SPTE\", 2026-03-27). The flow is as follows:\n\n- a PDE is installed for a 2MB mapping, and a page in that area is\n accessed. KVM creates a kvm_mmu_page consisting of 512 4KB pages;\n the kvm_mmu_page is marked by FNAME(fetch) as direct-mapped because\n the guest\u0027s mapping is a huge page (and thus contiguous).\n\n- the PDE mapping is changed from outside the guest.\n\n- the guest accesses another page in the same 2MB area. KVM installs\n a new leaf SPTE and rmap entry; the SPTE uses the \"correct\" GFN\n (i.e. based on the new mapping, as changed in the previous step) but\n that GFN is outside of the [sp-\u003egfn, sp-\u003egfn + 511] range; therefore\n the rmap entry cannot be found and removed when the kvm_mmu_page\n is zapped.\n\n- the memslot that covers the first 2MB mapping is deleted, and the\n kvm_mmu_page for the now-invalid GPA is zapped. However, rmap_remove()\n only looks at the [sp-\u003egfn, sp-\u003egfn + 511] range established in step 1,\n and fails to find the rmap entry that was recorded by step 3.\n\n- any operation that causes an rmap walk for the same page accessed\n by step 3 then walks a stale rmap and dereferences a freed kvm_mmu_page.\n This includes dirty logging or MMU notifier invalidations (e.g., from\n MADV_DONTNEED).\n\nThe underlying issue is that KVM\u0027s walking of shadow PTEs assumes that\nif a SPTE is present when KVM wants to install a non-leaf SPTE, then the\nexisting kvm_mmu_page must be for the correct gfn. Because the only way\nfor the gfn to be wrong is if KVM messed up and failed to zap a SPTE...\nwhich shouldn\u0027t happen, but *actually* only happens in response to a\nguest write.\n\nThat bug dates back literally forever, as even the first version of KVM\nassumes that the GFN matches and walks into the \"wrong\" shadow page.\nHowever, that was only an imprecision until 2032a93d66fa (\"KVM: MMU:\nDon\u0027t allocate gfns page for direct mmu pages\") came along.\n\nFix it by checking for a target gfn mismatch and zapping the existing\nSPTE. That way the old SP and rmap entries are gone, KVM installs\nthe rmap in the right location, and everyone is happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46113",
"url": "https://www.suse.com/security/cve/CVE-2026-46113"
},
{
"category": "external",
"summary": "SUSE Bug 1266969 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "external",
"summary": "SUSE Bug 1266970 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-46113"
},
{
"cve": "CVE-2026-46116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: defensively unhash xfrm_state lists in __xfrm_state_delete\n\nKASAN reproduces a slab-use-after-free in __xfrm_state_delete()\u0027s\nhlist_del_rcu calls under syzkaller load on linux-6.12.y stable\n(reproduced on 6.12.47, also reachable via the same code path on\ntorvalds/master and on the ipsec tree). Nine unique signatures cluster\nin the xfrm_state lifecycle, the load-bearing one being:\n\n BUG: KASAN: slab-use-after-free in __hlist_del include/linux/list.h:990 [inline]\n BUG: KASAN: slab-use-after-free in hlist_del_rcu include/linux/rculist.h:516 [inline]\n BUG: KASAN: slab-use-after-free in __xfrm_state_delete net/xfrm/xfrm_state.c\n Write of size 8 at addr ffff8881198bcb70 by task kworker/u8:9/435\n\n Workqueue: netns cleanup_net\n Call Trace:\n __hlist_del / hlist_del_rcu\n __xfrm_state_delete\n xfrm_state_delete\n xfrm_state_flush\n xfrm_state_fini\n ops_exit_list\n cleanup_net\n\nThe other observed signatures hit the same slab object from\n__xfrm_state_lookup, xfrm_alloc_spi, __xfrm_state_insert and an OOB\nwrite variant of __xfrm_state_delete, all on the byseq/byspi\nhash chains.\n\n__xfrm_state_delete() guards its byseq and byspi unhashes with\nvalue-based predicates:\n\n\tif (x-\u003ekm.seq)\n\t\thlist_del_rcu(\u0026x-\u003ebyseq);\n\tif (x-\u003eid.spi)\n\t\thlist_del_rcu(\u0026x-\u003ebyspi);\n\nwhile everywhere else in the file (e.g. state_cache, state_cache_input)\nthe safer hlist_unhashed() check is used. xfrm_alloc_spi() sets\nx-\u003eid.spi = newspi inside xfrm_state_lock and then immediately inserts\ninto byspi, but a path that observes x-\u003eid.spi != 0 outside of\nxfrm_state_lock can still skip-or-hit the byspi unhash inconsistently\nwith whether x is actually on the list. The same holds for x-\u003ekm.seq\nversus byseq, and the bydst/bysrc unhashes have no predicate at all,\nso a second __xfrm_state_delete() on the same object writes through\nLIST_POISON pprev.\n\nThe defensive change here:\n\n - Use hlist_del_init_rcu() instead of hlist_del_rcu() on bydst,\n bysrc, byseq and byspi so a second deletion is a no-op rather\n than a write through LIST_POISON pprev. The byseq/byspi nodes\n are already initialised in xfrm_state_alloc().\n - Test hlist_unhashed() rather than the value predicate for\n byseq/byspi, so the unhash decision tracks list state rather than\n mutable scalar fields.\n\nEmpirical verification: applied this patch on top of v6.12.47, rebuilt,\nand re-ran the same syzkaller harness for 1h16m on a previously-crashy\nconfiguration that produced ~100 hits each of slab-use-after-free\nRead in xfrm_alloc_spi / Read in __xfrm_state_lookup / Write in\n__xfrm_state_delete. After the patch, 7.1M execs across 32 VMs at\n~1550 exec/sec produced zero xfrm_state UAF/OOB hits. /proc/slabinfo\nconfirms the xfrm_state slab is actively allocated and freed during\nthe run (~143 KiB resident), so the fuzzer is still exercising those\ncode paths -- they just no longer crash.\n\nReproduction:\n\n - Linux 6.12.47 x86_64 + KASAN_GENERIC + KASAN_INLINE + KCOV\n - syzkaller @ 746545b8b1e4c3a128db8652b340d3df90ce61db\n - 32 QEMU/KVM VMs x 2 vCPU on AWS c5.metal bare metal\n - 9 unique signatures collected in ~9h, all within xfrm_state\n lifecycle",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46116",
"url": "https://www.suse.com/security/cve/CVE-2026-46116"
},
{
"category": "external",
"summary": "SUSE Bug 1267369 for CVE-2026-46116",
"url": "https://bugzilla.suse.com/1267369"
},
{
"category": "external",
"summary": "SUSE Bug 1267370 for CVE-2026-46116",
"url": "https://bugzilla.suse.com/1267370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-46116"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger\n\nCurrently the runtime.oss.trigger field may be accessed concurrently\nwithout protection, which may lead to the data race. And, in this\ncase, it may lead to more severe problem because it\u0027s a bit field; as\nwriting the data, it may overwrite other bit fields as well, which\nconfuses the operation completely, as spotted by fuzzing.\n\nFix it by covering runtime.oss.trigger bit fled also with the existing\nparams_lock mutex in both snd_pcm_oss_get_trigger() and\nsnd_pcm_oss_poll().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46157",
"url": "https://www.suse.com/security/cve/CVE-2026-46157"
},
{
"category": "external",
"summary": "SUSE Bug 1267726 for CVE-2026-46157",
"url": "https://bugzilla.suse.com/1267726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46157"
},
{
"cve": "CVE-2026-46159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak\n\nbtrfs_ioctl_space_info() has a TOCTOU race between two passes over the\nblock group RAID type lists. The first pass counts entries to determine\nthe allocation size, then the second pass fills the buffer. The\ngroups_sem rwlock is released between passes, allowing concurrent block\ngroup removal to reduce the entry count.\n\nWhen the second pass fills fewer entries than the first pass counted,\ncopy_to_user() copies the full alloc_size bytes including trailing\nuninitialized kmalloc bytes to userspace.\n\nFix by copying only total_spaces entries (the actually-filled count from\nthe second pass) instead of alloc_size bytes, and switch to kzalloc so\nany future copy size mismatch cannot leak heap data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46159",
"url": "https://www.suse.com/security/cve/CVE-2026-46159"
},
{
"category": "external",
"summary": "SUSE Bug 1267652 for CVE-2026-46159",
"url": "https://bugzilla.suse.com/1267652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46159"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46169"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix uninit-value by validating catalog record size\n\nSyzbot reported a KMSAN uninit-value issue in hfsplus_strcasecmp(). The\nroot cause is that hfs_brec_read() doesn\u0027t validate that the on-disk\nrecord size matches the expected size for the record type being read.\n\nWhen mounting a corrupted filesystem, hfs_brec_read() may read less data\nthan expected. For example, when reading a catalog thread record, the\ndebug output showed:\n\n HFSPLUS_BREC_READ: rec_len=520, fd-\u003eentrylength=26\n HFSPLUS_BREC_READ: WARNING - entrylength (26) \u003c rec_len (520) - PARTIAL READ!\n\nhfs_brec_read() only validates that entrylength is not greater than the\nbuffer size, but doesn\u0027t check if it\u0027s less than expected. It successfully\nreads 26 bytes into a 520-byte structure and returns success, leaving 494\nbytes uninitialized.\n\nThis uninitialized data in tmp.thread.nodeName then gets copied by\nhfsplus_cat_build_key_uni() and used by hfsplus_strcasecmp(), triggering\nthe KMSAN warning when the uninitialized bytes are used as array indices\nin case_fold().\n\nFix by introducing hfsplus_brec_read_cat() wrapper that:\n1. Calls hfs_brec_read() to read the data\n2. Validates the record size based on the type field:\n - Fixed size for folder and file records\n - Variable size for thread records (depends on string length)\n3. Returns -EIO if size doesn\u0027t match expected\n\nFor thread records, check against HFSPLUS_MIN_THREAD_SZ before reading\nnodeName.length to avoid reading uninitialized data at call sites that\ndon\u0027t zero-initialize the entry structure.\n\nAlso initialize the tmp variable in hfsplus_find_cat() as defensive\nprogramming to ensure no uninitialized data even if validation is\nbypassed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46169",
"url": "https://www.suse.com/security/cve/CVE-2026-46169"
},
{
"category": "external",
"summary": "SUSE Bug 1267713 for CVE-2026-46169",
"url": "https://bugzilla.suse.com/1267713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46169"
},
{
"cve": "CVE-2026-46181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()\n\nSashiko points out the radix_tree itself is RCU safe, but nothing ever\nfrees the mlx4_srq struct with RCU, and it isn\u0027t even accessed within the\nRCU critical section. It also will crash if an event is delivered before\nthe srq object is finished initializing.\n\nUse the spinlock since it isn\u0027t easy to make RCU work, use\nrefcount_inc_not_zero() to protect against partially initialized objects,\nand order the refcount_set() to be after the srq is fully initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46181",
"url": "https://www.suse.com/security/cve/CVE-2026-46181"
},
{
"category": "external",
"summary": "SUSE Bug 1266826 for CVE-2026-46181",
"url": "https://bugzilla.suse.com/1266826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46181"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_317-default-1-8.7.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:kernel-default-man-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.317.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.317.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.317.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T13:36:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
}
]
}
SUSE-SU-2026:2799-1
Vulnerability from csaf_suse - Published: 2026-07-08 14:58 - Updated: 2026-07-08 14:58| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions (bsc#1266290).\n- CVE-2025-40216: io_uring/rsrc: don\u0027t rely on user vaddr alignment (bsc#1259764).\n- CVE-2025-40341: futex: Don\u0027t leak robust_list pointer on exec race (bsc#1255029).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2025-71294: drm/amdgpu: fix NULL pointer issue buffer funcs (bsc#1264562).\n- CVE-2026-23451: bonding: prevent potential infinite loop in bond_header_parse() (bsc#1261604).\n- CVE-2026-31414: netfilter: nf_conntrack_expect: use expect-\u003ehelper (bsc#1262085).\n- CVE-2026-31429: net: skb: fix cross-cache free of KFENCE-allocated skb head (bsc#1262392).\n- CVE-2026-31450: ext4: publish jinode after initialization (bsc#1262618).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31462: drm/amdgpu: prevent immediate PASID reuse case (bsc#1262655).\n- CVE-2026-31466: mm/huge_memory: fix folio isn\u0027t locked in softleaf_to_folio() (bsc#1267825).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n (bsc#1267816).\n- CVE-2026-31492: RDMA/irdma: Initialize free_qp completion before using it (bsc#1262748).\n- CVE-2026-31495: netfilter: ctnetlink: use netlink policy range checks (bsc#1262798).\n- CVE-2026-31499: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() (bsc#1262674).\n- CVE-2026-31500: Bluetooth: hci_sync: Remove remaining dependencies of hci_request (bsc#1262993).\n- CVE-2026-31502: team: fix header_ops type confusion with non-Ethernet ports (bsc#1263072).\n- CVE-2026-31555: futex: Clear stale exiting pointer in futex_lock_pi() retry path (bsc#1263178).\n- CVE-2026-31560: spi: spi-dw-dma: fix print error log when wait finish transaction (bsc#1263057).\n- CVE-2026-31592: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock (bsc#1263123).\n- CVE-2026-31593: KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU (bsc#1263124).\n- CVE-2026-31647: idpf: fix PREEMPT_RT raw/bh spinlock nesting for async VC handling (bsc#1263581).\n- CVE-2026-31664: xfrm: clear trailing padding in build_polexpire() (bsc#1263578).\n- CVE-2026-31665: netfilter: nft_ct: fix use-after-free in timeout object destroy (bsc#1263137).\n- CVE-2026-31670: net: rfkill: prevent unlimited numbers of rfkill events from being created (bsc#1263573).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31677: crypto: af_alg - limit RX SG extraction by receive buffer budget (bsc#1263560).\n- CVE-2026-31680: net: ipv6: flowlabel: defer exclusive option free until RCU teardown (bsc#1263563).\n- CVE-2026-31693: cifs: some missing initializations on replay (bsc#1267744).\n- CVE-2026-31697: crypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed (bsc#1264116).\n- CVE-2026-31698: crypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).\n- CVE-2026-31699: crypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed (bsc#1263879).\n- CVE-2026-31752: bridge: br_nd_send: validate ND option lengths (bsc#1264045).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).\n- CVE-2026-43010: bpf: Reject sleepable kprobe_multi programs at attach time (bsc#1264015).\n- CVE-2026-43022: Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists (bsc#1264001).\n- CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43034: bnxt_en: set backing store type from query type (bsc#1263998).\n- CVE-2026-43035: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n (bsc#1263996).\n- CVE-2026-43036: net: use skb_header_pointer() for TCPv4 GSO frag_off check (bsc#1263993).\n- CVE-2026-43049: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (bsc#1264080).\n- CVE-2026-43053: xfs: factor out xfs_attr3_node_entry_remove (bsc#1264084).\n- CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43079: perf/x86/intel/uncore: Skip discovery table for offline dies (bsc#1264228).\n- CVE-2026-43080: l2tp: Drop large packets with UDP encap (bsc#1264236).\n- CVE-2026-43081: net: ipa: fix GENERIC_CMD register field masks for IPA v5.0+ (bsc#1264241).\n- CVE-2026-43083: net: ioam6: fix OOB and missing lock (bsc#1264266).\n- CVE-2026-43085: netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator (bsc#1264230).\n- CVE-2026-43086: ipvs: fix NULL deref in ip_vs_add_service error path (bsc#1264286).\n- CVE-2026-43089: xfrm_user: fix info leak in build_mapping() (bsc#1264261).\n- CVE-2026-43093: xsk: tighten UMEM headroom validation to account for tailroom and min frame (bsc#1264254).\n- CVE-2026-43094: ixgbevf: add missing negotiate_features op to Hyper-V ops table (bsc#1264231).\n- CVE-2026-43101: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (bsc#1264239).\n- CVE-2026-43107: xfrm: account XFRMA_IF_ID in aevent size calculation (bsc#1264258).\n- CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437).\n- CVE-2026-43119: Bluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status (bsc#1264561).\n- CVE-2026-43128: RDMA/umem: Fix double dma_buf_unpin in failure path (bsc#1264612).\n- CVE-2026-43139: xfrm6: fix uninitialized saddr in xfrm6_get_saddr() (bsc#1264294).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43171: EFI/CPER: don\u0027t dump the entire memory region (bsc#1264549).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43233: netfilter: nf_conntrack_h323: fix OOB read in decode_choice() (bsc#1264337).\n- CVE-2026-43238: net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash() (bsc#1264320).\n- CVE-2026-43239: smb: client: prevent races in -\u003equery_interfaces() (bsc#1264444).\n- CVE-2026-43303: mm/page_alloc: clear page-\u003eprivate in free_pages_prepare() (bsc#1264974).\n- CVE-2026-43336: lib/crypto: chacha: Zeroize permuted_state before it leaves scope (bsc#1265113).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43345: net: ipa: fix event ring index not programmed for IPA v5.0+ (bsc#1265103).\n- CVE-2026-43405: libceph: Use u32 for non-negative values in ceph_monmap_decode() (bsc#1264741).\n- CVE-2026-43420: ceph: fix i_nlink underrun during async unlink (bsc#1264814).\n- CVE-2026-43456: bonding: fix type confusion in bond_setup_by_slave() (bsc#1264734).\n- CVE-2026-43469: xprtrdma: Decrement re_receiving on the early exit paths (bsc#1265143).\n- CVE-2026-43472: unshare: fix unshare_fs() handling (bsc#1264748).\n- CVE-2026-43491: net: qrtr: ns: Limit the maximum server registration per node (bsc#1265628).\n- CVE-2026-43492: lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl() (bsc#1265629).\n- CVE-2026-43502: net/rds: handle zerocopy send cleanup before the message is queued (bsc#1266008).\n- CVE-2026-45838: bpf: fix end-of-list detection in cgroup_storage_get_next_key() (bsc#1266396).\n- CVE-2026-45840: openvswitch: cap upcall PID array size and pre-size vport replies (bsc#1266397).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45848: apparmor: fix NULL sock in aa_sock_file_perm (bsc#1266734).\n- CVE-2026-45862: iommu/vt-d: Flush cache for PASID table before using it (bsc#1266705).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45891: net: hns3: fix double free issue for tx spare buffer (bsc#1266717).\n- CVE-2026-45894: iommu/vt-d: Clear Present bit before tearing down PASID entry (bsc#1266895).\n- CVE-2026-45912: ext4: don\u0027t cache extent during splitting extent (bsc#1266899).\n- CVE-2026-45940: net: stmmac: fix oops when split header is enabled (bsc#1266916).\n- CVE-2026-45948: ext4: fix memory leak in ext4_ext_shift_extents() (bsc#1266929).\n- CVE-2026-45961: gfs2: fix memory leaks in gfs2_fill_super error path (bsc#1266933).\n- CVE-2026-45964: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path (bsc#1266698).\n- CVE-2026-45965: apparmor: fix invalid deref of rawdata when export_binary is unset (bsc#1267208).\n- CVE-2026-45974: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found (bsc#1266922).\n- CVE-2026-45985: ext4: don\u0027t set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O (bsc#1266700).\n- CVE-2026-46005: xfs: fix a resource leak in xfs_alloc_buftarg() (bsc#1267431).\n- CVE-2026-46028: crypto: algif_aead - snapshot IV for async AEAD requests (bsc#1267430).\n- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).\n- CVE-2026-46053: net: rds: fix MR cleanup on copy error (bsc#1267427).\n- CVE-2026-46063: x86/shstk: Prevent deadlock during shstk sigreturn (bsc#1267228).\n- CVE-2026-46065: fbdev: defio: Disconnect deferred I/O from the lifetime of struct (bsc#1267458).\n- CVE-2026-46069: wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup() (bsc#1267437).\n- CVE-2026-46071: KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12 (bsc#1267591).\n- CVE-2026-46076: KVM: nSVM: Raise #UD if unhandled VMMCALL isn\u0027t intercepted by L1 (bsc#1267365).\n- CVE-2026-46101: netfilter: reject zero shift in nft_bitwise (bsc#1266878).\n- CVE-2026-46112: RDMA/hns: Fix unlocked call to hns_roce_qp_remove() (bsc#1267582).\n- CVE-2026-46116: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete (bsc#1267369).\n- CVE-2026-46119: libceph: Fix slab-out-of-bounds access in auth message processing (bsc#1267628).\n- CVE-2026-46120: ip6_gre: Use cached t-\u003enet in ip6erspan_changelink() (bsc#1267640).\n- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).\n- CVE-2026-46124: isofs: validate block number from NFS file handle in isofs_export_iget (bsc#1266847).\n- CVE-2026-46133: RDMA/rxe: Reject unknown opcodes before ICRC processing (bsc#1266928).\n- CVE-2026-46150: fanotify: fix false positive on permission events.\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46162: ice: fix double free in ice_sf_eth_activate() error path (bsc#1266840).\n- CVE-2026-46172: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (bsc#1266903).\n- CVE-2026-46173: exit: prevent preemption of oopsing TASK_DEAD task (bsc#1267722).\n- CVE-2026-46185: smb/client: fix out-of-bounds read in symlink_data() (bsc#1266830).\n- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).\n- CVE-2026-46214: vsock/virtio: fix accept queue count leak on transport mismatch (bsc#1267717).\n- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).\n- CVE-2026-46229: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure (bsc#1267567).\n- CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync (bsc#1267654).\n- CVE-2026-46253: pstore/ram: fix buffer overflow in persistent_ram_save_old() (bsc#1267635).\n- CVE-2026-46254: AppArmor: Allow apparmor to handle unaligned dfa tables (bsc#1267637).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46266: inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP (bsc#1267684).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1265211 bsc#1267651).\n- CVE-2026-46289: lib/scatterlist: fix length calculations in extract_kvec_to_sg (bsc#1267966).\n- CVE-2026-46291: crypto: caam - guard HMAC key hex dumps in hash_digest_key (bsc#1267937).\n- CVE-2026-46315: io_uring/waitid: clear waitid info before copying it to userspace (bsc#1267953).\n- CVE-2026-46319: net/sched: act_ct: Only release RCU read lock after ct_ft (bsc#1268022).\n- CVE-2026-46320: tap: free page on error paths in tap_get_user_xdp() (bsc#1267993).\n- CVE-2026-46328: apparmor: fix rlimit for posix cpu timers (bsc#1268037).\n- CVE-2026-52908: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible (bsc#1268661).\n- CVE-2026-52909: ip6_vti: set netns_immutable on the fallback device (bsc#1268660).\n- CVE-2026-52918: Bluetooth: serialize accept_q access (bsc#1269100).\n- CVE-2026-52923: ipc: limit next_id allocation to the valid ID range (bsc#1269033).\n- CVE-2026-52943: net: skbuff: fix missing zerocopy reference in pskb_carve helpers (bsc#1269022).\n- CVE-2026-52954: libceph: handle rbtree insertion error in decode_choose_args() (bsc#1269137).\n- CVE-2026-52957: libceph: Fix potential null-ptr-deref in decode_choose_args() (bsc#1269103).\n- CVE-2026-52962: ceph: fix a buffer leak in __ceph_setxattr() (bsc#1269135).\n- CVE-2026-52969: KVM: Reject wrapped offset in kvm_reset_dirty_gfn() (bsc#1269184).\n- CVE-2026-52972: crypto: af_alg - Cap AEAD AD length to 0x80000000 (bsc#1269195).\n- CVE-2026-53016: crypto: ccp - copy IV using skcipher ivsize (bsc#1269090).\n- CVE-2026-53040: ocfs2: validate bg_bits during freefrag scan (bsc#1269397).\n- CVE-2026-53041: ocfs2: fix listxattr handling when the buffer is full (bsc#1269398).\n- CVE-2026-53052: ASoC: qcom: qdsp6: topology: check widget type before accessing data (bsc#1269314).\n- CVE-2026-53053: iommu/amd: Fix clone_alias() to use the original device\u0027s devid (bsc#1269310).\n- CVE-2026-53071: Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp (bsc#1269678).\n- CVE-2026-53072: Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER (bsc#1269681).\n- CVE-2026-53122: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit (bsc#1269418).\n- CVE-2026-53133: RDMA/umem: Fix truncation for block sizes \u003e= 4G (bsc#1269821).\n- CVE-2026-53138: drm/amd/display: Bound VBIOS record-chain walk loops (bsc#1269281).\n- CVE-2026-53182: wifi: nl80211: reject oversized EMA RNR lists (bsc#1269884).\n- CVE-2026-53253: Bluetooth: bnep: fix incorrect length parsing in bnep_rx_frame() extension handling (bsc#1269574).\n- CVE-2026-53266: netfilter: bridge: make ebt_snat ARP rewrite writable (bsc#1269136).\n- CVE-2026-53281: iommu/vt-d: Avoid NULL pointer dereference or refcount corruption (bsc#1269519).\n- CVE-2026-53287: audit: fix incorrect inheritable capability in CAPSET records (bsc#1269506).\n- CVE-2026-53359: KVM: x86: Fix shadow paging use-after-free due to unexpected role (bsc#1270059).\n- CVE-2026-53362: ipv6: account for fraggap on the paged allocation path (bsc#1269493).\n\nThe following non security issues were fixed:\n\n- accel/ivpu: Fix signed integer truncation in IPC receive (git-fixes).\n- ACPI: CPPC: Suppress UBSAN warning caused by field misuse (git-fixes).\n- ACPI: IPMI: Fix inverted interface check in ipmi_bmc_gone() (git-fixes).\n- ACPI: IPMI: Fix message kref handling on dead device (git-fixes).\n- ACPI: NFIT: core: Fix possible NULL pointer dereference (git-fixes).\n- ACPI: resource: Amend kernel-doc style (git-fixes).\n- agp/amd64: Fix broken error propagation in agp_amd64_probe() (git-fixes).\n- ALSA: aloop: Drop superfluous break (git-fixes).\n- ALSA: caiaq: fix out-of-bounds read in the Traktor Kontrol S4 input parser (git-fixes).\n- ALSA: cmipci: check snd_ctl_new1() return value (git-fixes).\n- ALSA: core: Fix unintuitive behavior of snd_power_ref_and_wait() (git-fixes).\n- ALSA: es1938: check snd_ctl_new1() return value (git-fixes).\n- ALSA: firewire: isight: bound the sample count to the packet payload (git-fixes).\n- ALSA: gus: check snd_ctl_new1() return value (git-fixes).\n- ALSA: hda/cs35l41: Fix firmware load work teardown (git-fixes).\n- ALSA: hda/hdmi: Add quirk for TUXEDO IBS14G6 (stable-fixes).\n- ALSA: ice1712: check snd_ctl_new1() return value (git-fixes).\n- ALSA: seq: Clear variable event pointer on read (git-fixes).\n- ALSA: seq: Fix kernel heap address leak in bounce_error_event() (git-fixes).\n- ALSA: seq: Fix partial userptr event expansion (git-fixes).\n- ALSA: seq: Fix uninitialised heap leak in snd_seq_event_dup() (git-fixes).\n- ALSA: seq: midi: Serialize output teardown with event_input (git-fixes).\n- ALSA: timer: Fix UAF at snd_timer_user_params() (stable-fixes).\n- ALSA: usb-audio: avoid kobject path lookup in DualSense match (git-fixes).\n- ALSA: usb-audio: Kill MIDI 2.0 URBs before freeing endpoints (git-fixes).\n- ALSA: usb-audio: Propagate errors in scarlett_ctl_enum_put() (git-fixes).\n- ALSA: usb-audio: Propagate US-16x08 write errors in route/mix EQ-switch put callbacks (git-fixes).\n- ALSA: usb-audio: Roll back quirk control caches on write errors (git-fixes).\n- ALSA: usb-audio: Update Babyface Pro control caches only after successful writes (git-fixes).\n- ALSA: usb-audio: Update US-16x08 EQ/comp shadow state after successful writes (git-fixes).\n- ALSA: virtio: Add missing 384 kHz PCM rate mapping (git-fixes).\n- ALSA: ymfpci: check snd_ctl_new1() return value (git-fixes).\n- ASoC: adau1372: Clear PLL_EN on failed PLL lock without reset GPIO (git-fixes).\n- ASoC: codecs: hdac_hdmi: Validate written enum value (git-fixes).\n- ASoC: cs35l56: Cleanup if component_probe fails (git-fixes).\n- ASoC: cs35l56: Don\u0027t leave parent IRQ disabled if system_suspend fails (git-fixes).\n- ASoC: cs35l56: Fix missing calls to wm_adsp2_remove() (git-fixes).\n- ASoC: fsl: fsl_audmix: Validate written enum values (git-fixes).\n- ASoC: fsl_asrc_dma: fix eDMA maxburst misalignment with channel count (git-fixes).\n- ASoC: mediatek: mt8183: Release reserved memory on cleanup (git-fixes).\n- ASoC: mediatek: mt8192: Release reserved memory on cleanup (git-fixes).\n- ASoC: meson: aiu: Validate written enum values (git-fixes).\n- ASoC: qcom: q6apm: fix NULL pointer dereference in graph_callback (git-fixes).\n- ASoC: SOF: ipc3-control: Fix heap overflow in bytes_ext put/get (git-fixes).\n- ASoC: SOF: ipc3-control: Fix TOCTOU in bytes_put and bytes_get (git-fixes).\n- ASoC: SOF: ipc3-control: Use overflow checks in control_update size calc (git-fixes).\n- ASoC: SOF: ipc3-control: Validate size in snd_sof_update_control (git-fixes).\n- ASoC: SOF: ipc4-control: Fix TOCTOU in sof_ipc4_bytes_put (git-fixes).\n- ASoC: SOF: topology: validate vendor array size before parsing (git-fixes).\n- ASoC: tegra: tegra210_ahub: Validate written enum value (git-fixes).\n- ASoC: tlv320aic3x: restrict CLKDIV bypass Q values in dual-rate mode (git-fixes).\n- ASoC: topology: Check PCM and DAI name strings before use (git-fixes).\n- ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (git-fixes).\n- batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (git-fixes).\n- batman-adv: tp_meter: add only finished tp_vars to lists (git-fixes).\n- batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (git-fixes).\n- batman-adv: tp_meter: avoid window underflow (git-fixes).\n- batman-adv: tp_meter: fix fast recovery precondition (git-fixes).\n- batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (git-fixes).\n- batman-adv: tp_meter: initialize dec_cwnd explicitly (git-fixes).\n- batman-adv: tp_meter: initialize dup_acks explicitly (git-fixes).\n- batman-adv: tp_meter: keep unacked list in ascending ordered (git-fixes).\n- Bluetooth: btmtk: fix URB leak in alloc_mtk_intr_urb error path (git-fixes).\n- Bluetooth: btmtksdio: fix infinite loop in btmtksdio_txrx_work() (git-fixes).\n- Bluetooth: btusb: fix use-after-free on marvell probe failure (git-fixes).\n- Bluetooth: btusb: fix use-after-free on registration failure (git-fixes).\n- Bluetooth: btusb: fix wakeup irq devres lifetime (git-fixes).\n- Bluetooth: btusb: fix wakeup source leak on probe failure (git-fixes).\n- Bluetooth: eir: Fix stack OOB write when prepending the Flags AD (git-fixes).\n- Bluetooth: hci: validate codec capability element length (git-fixes).\n- Bluetooth: hci_qca: fix NULL pointer dereference in qca_dmp_hdr() for non-serdev device (git-fixes).\n- Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig (stable-fixes).\n- Bluetooth: vhci: validate devcoredump state before side effects (git-fixes).\n- bnxt_en: Fix NULL pointer dereference (bsc#1268307).\n- bus: mhi: ep: Add missing state_lock protection for mhi_state access (git-fixes).\n- bus: mhi: ep: Fix potential deadlock in mhi_ep_reset_worker() (git-fixes).\n- bus: mhi: ep: Protect mhi_ep_handle_syserr() in the error path (git-fixes).\n- char: tlclk: fix use-after-free in tlclk_cleanup() (git-fixes).\n- crypto: af_alg - Cap AEAD AD length to 0x80000000 (git-fixes).\n- crypto: amlogic - avoid double cleanup in meson_crypto_probe() (git-fixes).\n- crypto: asymmetric_keys - fix OOB read in pefile_digest_pe_contents (git-fixes).\n- crypto: atmel-sha204a - fix blocking and non-blocking rng logic (git-fixes).\n- crypto: cavium/cpt - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: ccp - Fix snp_filter_reserved_mem_regions() off-by-one (git-fixes).\n- crypto: ccp - Treat zero-length cert chain as query for blob lengths (git-fixes).\n- crypto: drbg - Fix drbg_max_addtl() on 64-bit kernels (git-fixes).\n- crypto: drbg - Fix returning success on failure in CTR_DRBG (git-fixes).\n- crypto: drbg - Fix the fips_enabled priority boost (git-fixes).\n- crypto: ecc - Fix carry overflow in vli multiplication (git-fixes).\n- crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve (git-fixes).\n- crypto: hisilicon/qm - disable error report before flr (git-fixes).\n- crypto: marvell/octeontx - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: pcrypt - restore callback for non-parallel fallback (git-fixes).\n- crypto: qat - protect service table iterations with service_lock (git-fixes).\n- crypto: qat - validate RSA CRT component lengths (git-fixes).\n- crypto: rng - Free default RNG on module exit (git-fixes).\n- dmaengine: dw-edma: Add spinlock to protect DONE_INT_MASK and ABORT_INT_MASK (git-fixes).\n- dmaengine: Fix possible use after free (git-fixes).\n- dmaengine: imx-sdma: Refine spba bus searching in probe (git-fixes).\n- dmaengine: qcom: gpi: set DMA_PRIVATE capability (git-fixes).\n- dmaengine: tegra: Fix burst size calculation (git-fixes).\n- driver core: reject devices with unregistered buses (git-fixes).\n- driver core: use READ_ONCE() for dev-\u003edriver in dev_has_sync_state() (git-fixes).\n- Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-fixes).\n- drm/amd/display: add missing CSC entries for BT.2020 for DCE IPs (stable-fixes).\n- drm/amd/display: Add missing kdoc for ALLM parameters (git-fixes).\n- drm/amd/display: Clamp VBIOS HDMI retimer register count to array size (stable-fixes).\n- drm/amd/pm: fix smu13 power limit default/cap calculation (stable-fixes).\n- drm/amd/pm: mark metrics.energy_accumulator is invalid for smu 14.0.2 (stable-fixes).\n- drm/amd/pm: remove trailing semicolon from AMDGPU_PM_POLICY_ATTR macro (git-fixes).\n- drm/amd/pm: smu_v14_0_0: use SoftMin for gfxclk in set_soft_freq_limited_range (stable-fixes).\n- drm/amdgpu: Fix amdgpu_bo_move() when old_mem and new_mem are both GTT (git-fixes).\n- drm/amdgpu: fix integer overflow in amdgpu_gem_align_pitch() (git-fixes).\n- drm/amdgpu: initialize irq.lock spinlock earlier (git-fixes).\n- drm/amdgpu: restart the CS if some parts of the VM are still invalidated (stable-fixes).\n- drm/amdgpu: set sub_block_index for mca ras sub-blocks (git-fixes).\n- drm/amdgpu: skip already suspended IP blocks in ip_suspend_phase2 (git-fixes).\n- drm/amdgpu: validate CP_GFX_SHADOW chunk size in CS pass1 (git-fixes).\n- drm/amdkfd: always resume_all after suspend_all (git-fixes).\n- drm/amdkfd: Avoid double-unpin of DOORBELL/MMIO BOs on free (git-fixes).\n- drm/amdkfd: Check for pdd drm file first in CRIU restore path (stable-fixes).\n- drm/amdkfd: fix list_del corruption in kfd_criu_resume_svm (git-fixes).\n- drm/amdkfd: fix NULL pointer bug in svm_range_set_attr (stable-fixes).\n- drm/amdkfd: Use exclusive bounds for SVM split alignment checks (git-fixes).\n- drm/amdkfd: Validate CRIU-restored IDs before idr_alloc (git-fixes).\n- drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS() (git-fixes).\n- drm/dp/mst: fix buffer overflows in sideband chunk accumulation (git-fixes).\n- drm/dp/mst: fix OOB reads in remote DPCD/I2C sideband reply parsers (git-fixes).\n- drm/dp/mst: fix OOB reads on 2-byte fields in sideband reply parsers (git-fixes).\n- drm/dp: Add eDP 1.5 bit definition (stable-fixes).\n- drm/edid: fix OOB read in drm_parse_tiled_block() (git-fixes).\n- drm/gpuvm: Do not prepare NULL objects (git-fixes).\n- drm/hisilicon/hibmc: move display contrl config to hibmc_probe() (git-fixes).\n- drm/hisilicon/hibmc: use clock to look up the PLL value (git-fixes).\n- drm/hyperv: use VMBUS_RING_SIZE() (git-fixes).\n- drm/i915/gem: Add missing nospec on parallel submit slot (git-fixes).\n- drm/i915/gem: Fix phys BO pread/pwrite with offset (git-fixes).\n- drm/i915/psr: Add defininitions for INTEL_WA_REGISTER_CAPS DPCD register (stable-fixes).\n- drm/i915: clear CRTC color blob pointers after dropping refs (git-fixes).\n- drm/imagination: Count paired job fence as dependency in prepare_job() (git-fixes).\n- drm/imagination: Fit paired fragment job in the correct CCCB (git-fixes).\n- drm/msm/dp: fix HPD state status bit shift value (git-fixes).\n- drm/msm/dp: Fix the ISR_* enum values (git-fixes).\n- drm/nouveau/acr: fix missing nvkm_done() in error path of nvkm_acr_oneinit() (git-fixes).\n- drm/nouveau/bios: specify correct display fuse register for Ampere and Ada (git-fixes).\n- drm/nouveau: fix reversed error cleanup order in ucopy functions (git-fixes).\n- drm/panthor: Fix kernel-doc warning in panthor_sched.c (git-fixes).\n- drm/radeon: fix integer overflow in radeon_align_pitch() (git-fixes).\n- drm/radeon: fix memory leak in radeon_ring_restore() on lock failure (git-fixes).\n- drm/rockchip: cdn-dp: add missing check in cdn_dp_config_video() (git-fixes).\n- drm/syncobj: Fix memory leak in drm_syncobj_find_fence() (git-fixes).\n- drm/tegra: dc: Fix device node reference leak in tegra_dc_has_output() (git-fixes).\n- drm/tegra: Fix iommu_map_sgtable() return value check (git-fixes).\n- drm/tidss: Drop extra drm_mode_config_reset() call (git-fixes).\n- drm/tidss: Fix missing drm_bridge_add() call (git-fixes).\n- drm/vc4: fix krealloc() memory leak (git-fixes).\n- drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() (git-fixes).\n- drm/virtio: Fix driver removal with disabled KMS (git-fixes).\n- drm/xe: fix refcount leak in xe_range_fence_insert() (git-fixes).\n- drm: renesas: rzg2l_mipi_dsi: Increase reset deassertion delay (git-fixes).\n- ethtool: provide customized dim profile management (bsc#1261256).\n- fbdev: broadsheetfb: fix potential memory leak in broadsheetfb_probe() (git-fixes).\n- fbdev: hecubafb: fix potential memory leak in hecubafb_probe() (git-fixes).\n- fbdev: i740fb: fix potential memory leak in i740fb_probe() (git-fixes).\n- fbdev: metronomefb: fix potential memory leak in metronomefb_probe() (git-fixes).\n- fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode (git-fixes).\n- fbdev: nvidia: fix potential memory leak in nvidiafb_probe() (git-fixes).\n- fbdev: radeon: fix potential memory leak in radeonfb_pci_register() (git-fixes).\n- fbdev: s3fb: fix potential memory leak in s3_pci_probe() (git-fixes).\n- fbdev: sm501fb: Fix buffer errors in OF binding code (git-fixes).\n- fbdev: sm712: Fix operator precedence in big_swap macro (git-fixes).\n- fbdev: tdfxfb: fix potential memory leak in tdfxfb_probe() (git-fixes).\n- fbdev: tridentfb: fix potential memory leak in trident_pci_probe() (git-fixes).\n- fbdev: uvesafb: fix potential memory leak in uvesafb_probe() (git-fixes).\n- fbdev: vesafb: fix memory leak in vesafb_probe() (git-fixes).\n- firmware: arm_scmi: Fix OOB in scmi_power_name_get() (git-fixes).\n- firmware: arm_scmi: Read sensor config as 32-bit value (git-fixes).\n- firmware_loader: fix device reference leak in firmware_upload_register() (git-fixes).\n- firmware_loader: Fix recursive lock in device_cache_fw_images() (git-fixes).\n- fpga: dfl: add bounds check in dfh_get_param_size() (git-fixes).\n- fpga: microchip-spi: fix zero header_size OOB read in mpf_ops_parse_header() (git-fixes).\n- fpga: region: fix use-after-free in child_regions_with_firmware() (git-fixes).\n- gpio: mvebu: fix NULL pointer dereference in suspend/resume (git-fixes).\n- gpu: host1x: Allow entries in BO caches to be freed (git-fixes).\n- gpu: host1x: Fix iommu_map_sgtable() return value check (git-fixes).\n- HID: logitech-hidpp: remove excess kernel-doc member in hidpp_scroll_counter (git-fixes).\n- HID: quirks: Add ALWAYS_POLL quirk for SIGMACHIP USB mouse (stable-fixes).\n- HID: wacom: stop hardware after post-start probe failures (git-fixes).\n- HID: wiimote: Fix table layout and whitespace errors (git-fixes).\n- hv: utils: handle and propagate errors in kvp_register (git-fixes).\n- hv_balloon: Simplify data output in hv_balloon_debug_show() (git-fixes).\n- hwmon: (it87) Clamp negative values to zero in set_fan() (git-fixes).\n- hwrng: jh7110 - fix refcount leak in starfive_trng_read() (git-fixes).\n- hwrng: virtio: clamp device-reported used.len at copy_data() (git-fixes).\n- hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).\n- i2c: core: fix irq domain leak on adapter registration failure (git-fixes).\n- i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl (stable-fixes).\n- i2c: mpc: Fix timeout calculations (git-fixes).\n- i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (git-fixes).\n- i2c: stm32f7: fix timing computation ignoring i2c-analog-filter (git-fixes).\n- i2c: stm32f7: truncate clock period instead of rounding it (git-fixes).\n- i2c: tegra: Fix NOIRQ suspend/resume (git-fixes).\n- i3c: master: Prevent reuse of dynamic address on device add failure (git-fixes).\n- ice: ptp: don\u0027t WARN when controlling PF is unavailable (bsc#1267251).\n- iio: accel: mma8452: handle I2C read error(s) in mma8452_read() (git-fixes).\n- iio: adc: npcm: Convert to platform remove callback returning void (stable-fixes).\n- iio: adc: xilinx-ams: fix out-of-bounds channel lookup in event handling (git-fixes).\n- iio: chemical: scd30: Cleanup initializations and fix sign-extension bug (git-fixes).\n- iio: chemical: scd30: fix division by zero in write_raw (git-fixes).\n- iio: chemical: scd30: Use guard(mutex) to allow early returns (stable-fixes).\n- iio: gyro: bmg160: bail out when bandwidth/filter is not in table (git-fixes).\n- iio: gyro: bmg160: wait full startup time after mode change at probe (git-fixes).\n- iio: light: opt3001: fix missing state reset on timeout (git-fixes).\n- iio: light: si1133: prevent race condition on timeout (git-fixes).\n- iio: light: si1133: reset counter to prevent race condition (git-fixes).\n- iio: light: veml6030: fix channel type when pushing events (git-fixes).\n- iio: magnetometer: ak8975: Add missed pm_runtime_put_autosuspend() call (git-fixes).\n- iio: magnetometer: ak8975: fix potential kernel stack memory leak (git-fixes).\n- iio: tcs3472: power down chip on probe failure (git-fixes).\n- iio: temperature: ltc2983: Fix reinit_completion() called after conversion start (git-fixes).\n- Input: atkbd - add DMI quirk for Lenovo Yoga Air 14 (83QK) (stable-fixes).\n- Input: elan_i2c - validate firmware size before use (stable-fixes).\n- Input: synaptics - add LEN2058 to SMBus passlist for ThinkPad E490 (stable-fixes).\n- Input: synaptics-rmi4 - bound the F3A keymap to the GPIO count (git-fixes).\n- Input: synaptics-rmi4 - bound the F30 keymap to the GPIO/LED count (git-fixes).\n- Input: xpad - add \u0027Nova 2 Lite\u0027 from GameSir (stable-fixes).\n- Input: xpad - add support for ASUS ROG RAIKIRI II (stable-fixes).\n- iommu/s390: allow larger region tables (jsc#PED-15880).\n- iommu/s390: Fix memory corruption when using identity domain (jsc#PED-15880).\n- iommu/s390: handle IOAT registration based on domain (jsc#PED-15880).\n- iommu/s390: implement iommu passthrough via identity domain (jsc#PED-15880).\n- iommu/s390: set appropriate IOTA region type (jsc#PED-15880).\n- iommu/s390: support cleanup of additional table regions (jsc#PED-15880).\n- iommu/s390: support iova_to_phys for additional table regions (jsc#PED-15880).\n- iommu/s390: support map/unmap for additional table regions (jsc#PED-15880).\n- KVM: arm64: Discard PC update state on vcpu reset (git-fixes).\n- KVM: arm64: Guard against NULL vcpu on VHE hyp panic path (git-fixes).\n- KVM: arm64: PMU: Preserve AArch32 counter low bits (git-fixes).\n- KVM: arm64: Treat vCPU with pending SError as runnable (git-fixes).\n- KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits (git-fixes).\n- KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes).\n- KVM: arm64: Wake-up from WFI when iqrchip is in userspace (git-fixes).\n- KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation (git-fixes).\n- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode (git-fixes).\n- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state (git-fixes).\n- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes).\n- KVM: s390: Limit adapter indicator access to mapped page (bsc#1268159).\n- KVM: SEV: Ignore MMIO requests of length \u00270\u0027 (git-fixes).\n- KVM: SEV: Ignore Port I/O requests of length \u00270\u0027 (git-fixes).\n- KVM: SVM: Allow KVM_SET_NESTED_STATE to clear GIF when SVME==0 (git-fixes).\n- KVM: SVM: check validity of VMCB controls when returning from SMM (git-fixes).\n- KVM: SVM: Don\u0027t set GIF when clearing EFER.SVME (git-fixes).\n- KVM: SVM: Fix page overflow in sev_dbg_crypt() for ENCRYPT path (git-fixes).\n- KVM: SVM: Flush the current TLB when transitioning from xAVIC =\u003e x2AVIC (git-fixes).\n- KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (git-fixes).\n- KVM: SVM: Truncate INVLPGA address in compatibility mode (git-fixes).\n- KVM: VMX: Grab vmcs12 on CR8 interception update iff vCPU is in guest mode (git-fixes).\n- KVM: x86/mmu: Ensure hugepage is in by slot before checking max mapping level (git-fixes).\n- KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes).\n- KVM: x86/mmu: Recursively zap orphaned nested TDP shadow pages on emulated writes (git-fixes).\n- KVM: x86: hyper-v: Bound the bank index when querying sparse banks (git-fixes).\n- KVM: x86: ioapic: Use old_dest_mode consistently in ioapic_write_indirect() (git-fixes).\n- KVM: x86: Move update_cr8_intercept() to lapic.c (git-fixes).\n- KVM: x86: Unconditionally recompute CR8 intercept on PPR update (git-fixes).\n- leds: uleds: Fix potential buffer overread (git-fixes).\n- linux/dim: move useful macros to .h file (bsc#1261256).\n- loadpin: Prevent SECURITY_LOADPIN_ENFORCE=y without module decompression (jsc#PED-16303).\n- loadpin: remove MODULE_COMPRESS_NONE as it is no longer supported (jsc#PED-16303).\n- mailbox: mtk-adsp: fix UAF during device teardown (git-fixes).\n- media: aspeed: fix missing of_reserved_mem_device_release() on probe failure (git-fixes).\n- media: cec: seco: unregister adapter on IR probe failure (git-fixes).\n- media: cedrus: Fix failure to clean up hardware on probe failure (git-fixes).\n- media: cedrus: Fix missing cleanup in error path (git-fixes).\n- media: cedrus: skip invalid H.264 reference list entries (git-fixes).\n- media: marvell-cam: fix missing pci_disable_device() on remove (git-fixes).\n- media: mtk-jpeg: cancel workqueue on release for supported platforms only (git-fixes).\n- media: pci: dm1105: Free allocated workqueue (git-fixes).\n- media: ti: vpe: unwind v4l2 device registration on probe error (git-fixes).\n- media: v4l2-ctrls: validate HEVC active reference counts (git-fixes).\n- media: vidtv: fix NULL pointer dereference in vidtv_mux_push_si (git-fixes).\n- media: vidtv: fix reference leak on failed device registration (git-fixes).\n- media: vimc: fix reference leak on failed device registration (git-fixes).\n- media: vpif_capture: fix OF node reference imbalance (git-fixes).\n- misc: fastrpc: fix DMA address corruption due to find_vma misuse (git-fixes).\n- misc: fastrpc: Fix NULL pointer dereference in rpmsg callback (git-fixes).\n- misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (git-fixes).\n- misc: fastrpc: fix use-after-free race in fastrpc_map_create (git-fixes).\n- module: fix init_module_from_file() error handling (jsc#PED-16303).\n- module: make waiting for a concurrent module loader interruptible (jsc#PED-16303).\n- module: Split modules_install compression and in-kernel decompression (jsc#PED-16303).\n- module: split up \u0027finit_module()\u0027 into init_module_from_file() helper (jsc#PED-16303).\n- module: warn about excessively long module waits (jsc#PED-16303).\n- modules: catch concurrent module loads, treat them as idempotent (jsc#PED-16303).\n- mtd: maps: vmu-flash: fix NULL pointer dereference in initialization (git-fixes).\n- mtd: rawnand: fix condition in \u0027nand_select_target()\u0027 (git-fixes).\n- mtd: rawnand: pl353: fix probe resource allocation (git-fixes).\n- mtd: slram: remove failed entries from the device list (git-fixes).\n- mtd: spi-nor: Drop duplicate Kconfig dependency (git-fixes).\n- mtd: spi-nor: swp: Improve locking user experience (git-fixes).\n- net: aquantia: Add missing descriptor cache invalidation on ATL2 (bsc#1268428).\n- net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).\n- net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).\n- net: mana: Add support for PF device 0x00C1 (bsc#1268237).\n- net: mana: Add support for RX CQE Coalescing (bsc#1261256).\n- net: mana: Allocate interrupt context for each EQ when creating vPort (git-fixes).\n- net: mana: Create separate EQs for each vPort (git-fixes).\n- net: mana: Fall back to standard MTU when PF reports adapter_mtu of 0 (git-fixes).\n- net: mana: guard TX wq object destroy with INVALID_MANA_HANDLE check (git-fixes).\n- net: mana: initialize gdma queue id to INVALID_QUEUE_ID (git-fixes).\n- net: mana: Introduce GIC context with refcounting for interrupt management (git-fixes).\n- net: mana: Optimize irq affinity for low vcpu configs (git-fixes).\n- net: mana: Query device capabilities and configure MSI-X sharing for EQs (git-fixes).\n- net: mana: Use GIC functions to allocate global EQs (git-fixes).\n- nfc: hci: fix out-of-bounds read in HCP header parsing (git-fixes).\n- nfc: llcp: Fix use-after-free in llcp_sock_release() (git-fixes).\n- nfc: llcp: Fix use-after-free race in nfc_llcp_recv_cc() (git-fixes).\n- of: cpu: add check in __of_find_n_match_cpu_property() (git-fixes).\n- page_pool: Move pp_magic check into helper functions (bsc#1261562).\n- page_pool: Track DMA-mapped pages and unmap them when destroying the pool (bsc#1261562).\n- platform/x86: intel-hid: Protect ACPI notify handler against recursion (git-fixes).\n- platform/x86: xo15-ebook: Fix wakeup source and GPE handling (git-fixes).\n- PM: sleep: Use complete() in device_pm_sleep_init() (git-fixes).\n- power: reset: linkstation-poweroff: fix use-after-free in the linkstation_poweroff_init() (git-fixes).\n- power: supply: charger-manager: fix refcount leak in is_full_charged() (git-fixes).\n- power: supply: core: fix supplied_from allocations (git-fixes).\n- power: supply: cpcap-battery: Fix missing nvmem_device_put() causing reference leak (git-fixes).\n- powerpc/boot: Allow text relocations for pseries wrapper with binutils 2.46+ (git-fixes).\n- powerpc/fadump: define MIN_RMA in bytes rather than MB (bsc#1236743 git-fixes).\n- RDMA/mana_ib: Allocate interrupt contexts on EQs (git-fixes).\n- RDMA/mana_ib: Use ib_get_eth_speed for reporting port speed (git-fixes).\n- rtc: abx80x: fix the RTC_VL_CLR clearing all status flags (git-fixes).\n- rtc: cmos: unregister HPET IRQ handler on probe failure (git-fixes).\n- rtc: ds1307: Fix off-by-one issue with wday for rx8130 (git-fixes).\n- rtc: ds1307: handle oscillator stop flag for ds1337/ds1339/ds3231 (git-fixes).\n- rtc: mpfs: fix counter upload completion condition (git-fixes).\n- rtc: msc313: fix NULL deref in shared IRQ handler at probe (git-fixes).\n- s390/pci: check for relaxed translation capability (jsc#PED-15880).\n- s390/pci: Fix dev.dma_range_map missing sentinel element (jsc#PED-15880).\n- s390/pci: store DMA offset in bus_dma_region (jsc#PED-15880).\n- scripts/submit_branch: add SLE15-SP7 submission script.\n- scsi: storvsc: Replace symbolic permissions with octal (git-fixes).\n- scsi: target: Fix hexadecimal CHAP_I handling (git-fixes).\n- selftests/bpf: Add BPF_STRICT_BUILD toggle (bsc#1269617).\n- selftests/bpf: Allow test_progs to link with a partial object set (bsc#1269617).\n- selftests/bpf: Fix test_kmods KDIR to honor O= and distro kernels (bsc#1269617).\n- selftests/bpf: Make skeleton headers order-only prerequisites of .test.d (bsc#1269617).\n- selftests/bpf: Provide weak definitions for cross-test functions (bsc#1269617).\n- selftests/bpf: Skip tests whose objects were not built (bsc#1269617).\n- selftests/bpf: Tolerate benchmark build failures (bsc#1269617).\n- selftests/bpf: Tolerate BPF and skeleton generation failures (bsc#1269617).\n- selftests/bpf: Tolerate missing files during install (bsc#1269617).\n- selftests/bpf: Tolerate test file compilation failures (bsc#1269617).\n- serdev: make serdev_bus_type const (stable-fixes).\n- serial: 8250: dispatch SysRq character in serial8250_handle_irq() (git-fixes).\n- serial: 8250_dw: dispatch SysRq character in dw8250_handle_irq() (git-fixes).\n- slimbus: qcom-ngd-ctrl: fix OF node refcount (git-fixes).\n- soc: fsl: qe: panic on ioremap() failure in qe_reset() (git-fixes).\n- soc: ti: k3-ringacc: Fix access mode for k3_ringacc_ring_pop_tail_io/proxy (git-fixes).\n- spi: at91-usart: drop dead runtime pm support (git-fixes).\n- spi: dw: fix wrong BAUDR setting after resume (git-fixes).\n- spi: ep93xx: fix double-free of zeropage on DMA setup failure (git-fixes).\n- spi: fsl-lpspi: replace dmaengine_terminate_all() with dmaengine_terminate_sync() (git-fixes).\n- spi: fsl-lpspi: terminate the RX channel on TX prepare failure path (git-fixes).\n- spi: meson-spifc: fix runtime PM leak on remove (git-fixes).\n- spi: rpc-if: Use correct device for hardware reinitialization on resume (git-fixes).\n- spi: uniphier: Fix completion initialization order before devm_request_irq() (git-fixes).\n- spi: xilinx: use FIFO occupancy register to determine buffer size (git-fixes).\n- Split off kABI workaround for bsc#1267458 (bsc#1267458).\n- staging: most: video: avoid double free on video register failure (git-fixes).\n- staging: nvec: fix use-after-free in nvec_rx_completed() (git-fixes).\n- thermal: hwmon: Fix critical temperature attribute removal (git-fixes).\n- thermal: intel: Fix dangling resources on thermal_throttle_online() failure (git-fixes).\n- thunderbolt: Bound root directory content to block size (git-fixes).\n- thunderbolt: Clamp XDomain response data copy to allocation size (git-fixes).\n- thunderbolt: Limit XDomain response copy to actual frame size (git-fixes).\n- thunderbolt: Reject zero-length property entries in validator (git-fixes).\n- thunderbolt: Validate XDomain request packet size before type cast (git-fixes).\n- tpm: fix event_size output in tpm1_binary_bios_measurements_show (git-fixes).\n- tpm: tpm_tis_spi: Use wait_woken() in wait_for_tmp_stat() (git-fixes).\n- usb: core: Fix SuperSpeed root hub wMaxPacketSize (stable-fixes).\n- usb: core: Fix up Interrupt IN endpoints with bogus wBytesPerInterval (stable-fixes).\n- usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo (git-fixes).\n- usb: host: max3421: Fix shift-out-of-bounds in max3421_hub_control() (git-fixes).\n- usb: host: max3421: Reject hub port requests for non-existent ports (git-fixes).\n- USB: quirks: add NO_LPM for Lenovo ThinkPad USB-C Dock Gen2 hub controllers (stable-fixes).\n- USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in get_manuf_info() (git-fixes).\n- USB: serial: kl5kusb105: fix bulk-out buffer overflow (git-fixes).\n- USB: serial: option: add MeiG SRM813Q (stable-fixes).\n- USB: serial: option: add usb-id for Dell Wireless DW5826e-m (stable-fixes).\n- usb: storage: Add quirks for PNY Elite Portable SSD (stable-fixes).\n- usb: typec: altmodes/displayport: validate count before reading Status Update VDO (stable-fixes).\n- usb: typec: tcpm/tcpci_maxim: validate header NDO against RX_BYTE_CNT (stable-fixes).\n- usb: typec: ucsi: ccg: reject firmware images without a \u0027:\u0027 record header (stable-fixes).\n- usb: typec: ucsi: displayport: NAK DP_CMD_CONFIGURE without a payload VDO (stable-fixes).\n- usb: typec: ucsi: validate connector number in ucsi_connector_change() (stable-fixes).\n- usb: typec: wcove: don\u0027t write past struct pd_message in wcove_read_rx_buffer() (stable-fixes).\n- vc_screen: fix null-ptr-deref in vcs_notifier() during concurrent vcs_write (git-fixes).\n- watchdog/hpwdt: Refine hpwdt message for UV platform (bsc#1269199).\n- watchdog: apple: Add \u0027apple,t8103-wdt\u0027 compatible (git-fixes).\n- watchdog: sp5100_tco: Use EFCH MMIO for newer Hygon FCH (git-fixes).\n- watchdog: sprd_wdt: Remove redundant sprd_wdt_disable() on register failure (git-fixes).\n- watchdog: unregister PM notifier on watchdog unregister (git-fixes).\n- wifi: ath9k: fix OOB access from firmware tx status queue ID (git-fixes).\n- wifi: ath11k: fix warning when unbinding (git-fixes).\n- wifi: cfg80211: fix grammar in MLO group key error message (git-fixes).\n- wifi: mac80211: fix monitor mode frame capture for real chanctx drivers (git-fixes).\n- wifi: mt76: fix argument to ieee80211_is_first_frag() (git-fixes).\n- wifi: mt76: mt7915: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7921: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7925: clean up DMA on probe failure (git-fixes).\n- wifi: mt76: mt7925: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7996: fix potential tx_retries underflow (git-fixes).\n- wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor (git-fixes).\n- wifi: rtw88: fix OOB read from firmware RX descriptor exceeding DMA buffer (git-fixes).\n- wifi: rtw88: increase TX report timeout to fix race condition (git-fixes).\n- wifi: rtw88: usb: fix memory leaks on USB write failures (git-fixes).\n- wifi: rtw89: Correct data type for scan index to avoid infinite loop (git-fixes).\n- wifi: wcn36xx: fix heap overflow from oversized firmware HAL response (git-fixes).\n- wifi: wcn36xx: fix OOB read from firmware count in PRINT_REG_INFO indication (git-fixes).\n- wifi: wcn36xx: fix OOB read from short trigger BA firmware response (git-fixes).\n- x86/platform/uv: Expose the uv_hub_type() interface (jsc#PED-16305).\n- x86/tsc: Disable clocksource watchdog checking on recent and future UV platforms (jsc#PED-16305).\n- X.509: Fix validation of ASN.1 certificate header (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2799,SUSE-SLE-Module-Live-Patching-15-SP7-2026-2799,SUSE-SLE-Module-RT-15-SP7-2026-2799",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2799-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2799-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262799-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2799-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-July/027328.html"
},
{
"category": "self",
"summary": "SUSE Bug 1236743",
"url": "https://bugzilla.suse.com/1236743"
},
{
"category": "self",
"summary": "SUSE Bug 1255029",
"url": "https://bugzilla.suse.com/1255029"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1259764",
"url": "https://bugzilla.suse.com/1259764"
},
{
"category": "self",
"summary": "SUSE Bug 1261256",
"url": "https://bugzilla.suse.com/1261256"
},
{
"category": "self",
"summary": "SUSE Bug 1261562",
"url": "https://bugzilla.suse.com/1261562"
},
{
"category": "self",
"summary": "SUSE Bug 1261604",
"url": "https://bugzilla.suse.com/1261604"
},
{
"category": "self",
"summary": "SUSE Bug 1262085",
"url": "https://bugzilla.suse.com/1262085"
},
{
"category": "self",
"summary": "SUSE Bug 1262392",
"url": "https://bugzilla.suse.com/1262392"
},
{
"category": "self",
"summary": "SUSE Bug 1262617",
"url": "https://bugzilla.suse.com/1262617"
},
{
"category": "self",
"summary": "SUSE Bug 1262618",
"url": "https://bugzilla.suse.com/1262618"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262655",
"url": "https://bugzilla.suse.com/1262655"
},
{
"category": "self",
"summary": "SUSE Bug 1262674",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "self",
"summary": "SUSE Bug 1262748",
"url": "https://bugzilla.suse.com/1262748"
},
{
"category": "self",
"summary": "SUSE Bug 1262798",
"url": "https://bugzilla.suse.com/1262798"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263057",
"url": "https://bugzilla.suse.com/1263057"
},
{
"category": "self",
"summary": "SUSE Bug 1263072",
"url": "https://bugzilla.suse.com/1263072"
},
{
"category": "self",
"summary": "SUSE Bug 1263123",
"url": "https://bugzilla.suse.com/1263123"
},
{
"category": "self",
"summary": "SUSE Bug 1263124",
"url": "https://bugzilla.suse.com/1263124"
},
{
"category": "self",
"summary": "SUSE Bug 1263137",
"url": "https://bugzilla.suse.com/1263137"
},
{
"category": "self",
"summary": "SUSE Bug 1263178",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "self",
"summary": "SUSE Bug 1263560",
"url": "https://bugzilla.suse.com/1263560"
},
{
"category": "self",
"summary": "SUSE Bug 1263563",
"url": "https://bugzilla.suse.com/1263563"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263573",
"url": "https://bugzilla.suse.com/1263573"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263581",
"url": "https://bugzilla.suse.com/1263581"
},
{
"category": "self",
"summary": "SUSE Bug 1263879",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "self",
"summary": "SUSE Bug 1263880",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263993",
"url": "https://bugzilla.suse.com/1263993"
},
{
"category": "self",
"summary": "SUSE Bug 1263996",
"url": "https://bugzilla.suse.com/1263996"
},
{
"category": "self",
"summary": "SUSE Bug 1263998",
"url": "https://bugzilla.suse.com/1263998"
},
{
"category": "self",
"summary": "SUSE Bug 1264001",
"url": "https://bugzilla.suse.com/1264001"
},
{
"category": "self",
"summary": "SUSE Bug 1264015",
"url": "https://bugzilla.suse.com/1264015"
},
{
"category": "self",
"summary": "SUSE Bug 1264045",
"url": "https://bugzilla.suse.com/1264045"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264080",
"url": "https://bugzilla.suse.com/1264080"
},
{
"category": "self",
"summary": "SUSE Bug 1264084",
"url": "https://bugzilla.suse.com/1264084"
},
{
"category": "self",
"summary": "SUSE Bug 1264116",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "self",
"summary": "SUSE Bug 1264137",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "self",
"summary": "SUSE Bug 1264145",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "self",
"summary": "SUSE Bug 1264228",
"url": "https://bugzilla.suse.com/1264228"
},
{
"category": "self",
"summary": "SUSE Bug 1264230",
"url": "https://bugzilla.suse.com/1264230"
},
{
"category": "self",
"summary": "SUSE Bug 1264231",
"url": "https://bugzilla.suse.com/1264231"
},
{
"category": "self",
"summary": "SUSE Bug 1264236",
"url": "https://bugzilla.suse.com/1264236"
},
{
"category": "self",
"summary": "SUSE Bug 1264239",
"url": "https://bugzilla.suse.com/1264239"
},
{
"category": "self",
"summary": "SUSE Bug 1264241",
"url": "https://bugzilla.suse.com/1264241"
},
{
"category": "self",
"summary": "SUSE Bug 1264254",
"url": "https://bugzilla.suse.com/1264254"
},
{
"category": "self",
"summary": "SUSE Bug 1264258",
"url": "https://bugzilla.suse.com/1264258"
},
{
"category": "self",
"summary": "SUSE Bug 1264261",
"url": "https://bugzilla.suse.com/1264261"
},
{
"category": "self",
"summary": "SUSE Bug 1264263",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "self",
"summary": "SUSE Bug 1264266",
"url": "https://bugzilla.suse.com/1264266"
},
{
"category": "self",
"summary": "SUSE Bug 1264286",
"url": "https://bugzilla.suse.com/1264286"
},
{
"category": "self",
"summary": "SUSE Bug 1264294",
"url": "https://bugzilla.suse.com/1264294"
},
{
"category": "self",
"summary": "SUSE Bug 1264320",
"url": "https://bugzilla.suse.com/1264320"
},
{
"category": "self",
"summary": "SUSE Bug 1264337",
"url": "https://bugzilla.suse.com/1264337"
},
{
"category": "self",
"summary": "SUSE Bug 1264437",
"url": "https://bugzilla.suse.com/1264437"
},
{
"category": "self",
"summary": "SUSE Bug 1264444",
"url": "https://bugzilla.suse.com/1264444"
},
{
"category": "self",
"summary": "SUSE Bug 1264449",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264549",
"url": "https://bugzilla.suse.com/1264549"
},
{
"category": "self",
"summary": "SUSE Bug 1264561",
"url": "https://bugzilla.suse.com/1264561"
},
{
"category": "self",
"summary": "SUSE Bug 1264562",
"url": "https://bugzilla.suse.com/1264562"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264612",
"url": "https://bugzilla.suse.com/1264612"
},
{
"category": "self",
"summary": "SUSE Bug 1264734",
"url": "https://bugzilla.suse.com/1264734"
},
{
"category": "self",
"summary": "SUSE Bug 1264741",
"url": "https://bugzilla.suse.com/1264741"
},
{
"category": "self",
"summary": "SUSE Bug 1264748",
"url": "https://bugzilla.suse.com/1264748"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1264814",
"url": "https://bugzilla.suse.com/1264814"
},
{
"category": "self",
"summary": "SUSE Bug 1264974",
"url": "https://bugzilla.suse.com/1264974"
},
{
"category": "self",
"summary": "SUSE Bug 1265103",
"url": "https://bugzilla.suse.com/1265103"
},
{
"category": "self",
"summary": "SUSE Bug 1265113",
"url": "https://bugzilla.suse.com/1265113"
},
{
"category": "self",
"summary": "SUSE Bug 1265143",
"url": "https://bugzilla.suse.com/1265143"
},
{
"category": "self",
"summary": "SUSE Bug 1265211",
"url": "https://bugzilla.suse.com/1265211"
},
{
"category": "self",
"summary": "SUSE Bug 1265421",
"url": "https://bugzilla.suse.com/1265421"
},
{
"category": "self",
"summary": "SUSE Bug 1265628",
"url": "https://bugzilla.suse.com/1265628"
},
{
"category": "self",
"summary": "SUSE Bug 1265629",
"url": "https://bugzilla.suse.com/1265629"
},
{
"category": "self",
"summary": "SUSE Bug 1266008",
"url": "https://bugzilla.suse.com/1266008"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266396",
"url": "https://bugzilla.suse.com/1266396"
},
{
"category": "self",
"summary": "SUSE Bug 1266397",
"url": "https://bugzilla.suse.com/1266397"
},
{
"category": "self",
"summary": "SUSE Bug 1266698",
"url": "https://bugzilla.suse.com/1266698"
},
{
"category": "self",
"summary": "SUSE Bug 1266700",
"url": "https://bugzilla.suse.com/1266700"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266705",
"url": "https://bugzilla.suse.com/1266705"
},
{
"category": "self",
"summary": "SUSE Bug 1266717",
"url": "https://bugzilla.suse.com/1266717"
},
{
"category": "self",
"summary": "SUSE Bug 1266734",
"url": "https://bugzilla.suse.com/1266734"
},
{
"category": "self",
"summary": "SUSE Bug 1266830",
"url": "https://bugzilla.suse.com/1266830"
},
{
"category": "self",
"summary": "SUSE Bug 1266840",
"url": "https://bugzilla.suse.com/1266840"
},
{
"category": "self",
"summary": "SUSE Bug 1266847",
"url": "https://bugzilla.suse.com/1266847"
},
{
"category": "self",
"summary": "SUSE Bug 1266878",
"url": "https://bugzilla.suse.com/1266878"
},
{
"category": "self",
"summary": "SUSE Bug 1266895",
"url": "https://bugzilla.suse.com/1266895"
},
{
"category": "self",
"summary": "SUSE Bug 1266899",
"url": "https://bugzilla.suse.com/1266899"
},
{
"category": "self",
"summary": "SUSE Bug 1266903",
"url": "https://bugzilla.suse.com/1266903"
},
{
"category": "self",
"summary": "SUSE Bug 1266916",
"url": "https://bugzilla.suse.com/1266916"
},
{
"category": "self",
"summary": "SUSE Bug 1266922",
"url": "https://bugzilla.suse.com/1266922"
},
{
"category": "self",
"summary": "SUSE Bug 1266928",
"url": "https://bugzilla.suse.com/1266928"
},
{
"category": "self",
"summary": "SUSE Bug 1266929",
"url": "https://bugzilla.suse.com/1266929"
},
{
"category": "self",
"summary": "SUSE Bug 1266933",
"url": "https://bugzilla.suse.com/1266933"
},
{
"category": "self",
"summary": "SUSE Bug 1267208",
"url": "https://bugzilla.suse.com/1267208"
},
{
"category": "self",
"summary": "SUSE Bug 1267228",
"url": "https://bugzilla.suse.com/1267228"
},
{
"category": "self",
"summary": "SUSE Bug 1267251",
"url": "https://bugzilla.suse.com/1267251"
},
{
"category": "self",
"summary": "SUSE Bug 1267361",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "self",
"summary": "SUSE Bug 1267365",
"url": "https://bugzilla.suse.com/1267365"
},
{
"category": "self",
"summary": "SUSE Bug 1267369",
"url": "https://bugzilla.suse.com/1267369"
},
{
"category": "self",
"summary": "SUSE Bug 1267381",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267427",
"url": "https://bugzilla.suse.com/1267427"
},
{
"category": "self",
"summary": "SUSE Bug 1267430",
"url": "https://bugzilla.suse.com/1267430"
},
{
"category": "self",
"summary": "SUSE Bug 1267431",
"url": "https://bugzilla.suse.com/1267431"
},
{
"category": "self",
"summary": "SUSE Bug 1267437",
"url": "https://bugzilla.suse.com/1267437"
},
{
"category": "self",
"summary": "SUSE Bug 1267458",
"url": "https://bugzilla.suse.com/1267458"
},
{
"category": "self",
"summary": "SUSE Bug 1267567",
"url": "https://bugzilla.suse.com/1267567"
},
{
"category": "self",
"summary": "SUSE Bug 1267582",
"url": "https://bugzilla.suse.com/1267582"
},
{
"category": "self",
"summary": "SUSE Bug 1267591",
"url": "https://bugzilla.suse.com/1267591"
},
{
"category": "self",
"summary": "SUSE Bug 1267621",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267628",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "self",
"summary": "SUSE Bug 1267635",
"url": "https://bugzilla.suse.com/1267635"
},
{
"category": "self",
"summary": "SUSE Bug 1267637",
"url": "https://bugzilla.suse.com/1267637"
},
{
"category": "self",
"summary": "SUSE Bug 1267640",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267654",
"url": "https://bugzilla.suse.com/1267654"
},
{
"category": "self",
"summary": "SUSE Bug 1267682",
"url": "https://bugzilla.suse.com/1267682"
},
{
"category": "self",
"summary": "SUSE Bug 1267684",
"url": "https://bugzilla.suse.com/1267684"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267697",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "self",
"summary": "SUSE Bug 1267717",
"url": "https://bugzilla.suse.com/1267717"
},
{
"category": "self",
"summary": "SUSE Bug 1267722",
"url": "https://bugzilla.suse.com/1267722"
},
{
"category": "self",
"summary": "SUSE Bug 1267744",
"url": "https://bugzilla.suse.com/1267744"
},
{
"category": "self",
"summary": "SUSE Bug 1267816",
"url": "https://bugzilla.suse.com/1267816"
},
{
"category": "self",
"summary": "SUSE Bug 1267825",
"url": "https://bugzilla.suse.com/1267825"
},
{
"category": "self",
"summary": "SUSE Bug 1267918",
"url": "https://bugzilla.suse.com/1267918"
},
{
"category": "self",
"summary": "SUSE Bug 1267937",
"url": "https://bugzilla.suse.com/1267937"
},
{
"category": "self",
"summary": "SUSE Bug 1267953",
"url": "https://bugzilla.suse.com/1267953"
},
{
"category": "self",
"summary": "SUSE Bug 1267966",
"url": "https://bugzilla.suse.com/1267966"
},
{
"category": "self",
"summary": "SUSE Bug 1267993",
"url": "https://bugzilla.suse.com/1267993"
},
{
"category": "self",
"summary": "SUSE Bug 1268022",
"url": "https://bugzilla.suse.com/1268022"
},
{
"category": "self",
"summary": "SUSE Bug 1268037",
"url": "https://bugzilla.suse.com/1268037"
},
{
"category": "self",
"summary": "SUSE Bug 1268159",
"url": "https://bugzilla.suse.com/1268159"
},
{
"category": "self",
"summary": "SUSE Bug 1268237",
"url": "https://bugzilla.suse.com/1268237"
},
{
"category": "self",
"summary": "SUSE Bug 1268307",
"url": "https://bugzilla.suse.com/1268307"
},
{
"category": "self",
"summary": "SUSE Bug 1268335",
"url": "https://bugzilla.suse.com/1268335"
},
{
"category": "self",
"summary": "SUSE Bug 1268428",
"url": "https://bugzilla.suse.com/1268428"
},
{
"category": "self",
"summary": "SUSE Bug 1268660",
"url": "https://bugzilla.suse.com/1268660"
},
{
"category": "self",
"summary": "SUSE Bug 1268661",
"url": "https://bugzilla.suse.com/1268661"
},
{
"category": "self",
"summary": "SUSE Bug 1269022",
"url": "https://bugzilla.suse.com/1269022"
},
{
"category": "self",
"summary": "SUSE Bug 1269033",
"url": "https://bugzilla.suse.com/1269033"
},
{
"category": "self",
"summary": "SUSE Bug 1269090",
"url": "https://bugzilla.suse.com/1269090"
},
{
"category": "self",
"summary": "SUSE Bug 1269100",
"url": "https://bugzilla.suse.com/1269100"
},
{
"category": "self",
"summary": "SUSE Bug 1269103",
"url": "https://bugzilla.suse.com/1269103"
},
{
"category": "self",
"summary": "SUSE Bug 1269135",
"url": "https://bugzilla.suse.com/1269135"
},
{
"category": "self",
"summary": "SUSE Bug 1269136",
"url": "https://bugzilla.suse.com/1269136"
},
{
"category": "self",
"summary": "SUSE Bug 1269137",
"url": "https://bugzilla.suse.com/1269137"
},
{
"category": "self",
"summary": "SUSE Bug 1269184",
"url": "https://bugzilla.suse.com/1269184"
},
{
"category": "self",
"summary": "SUSE Bug 1269195",
"url": "https://bugzilla.suse.com/1269195"
},
{
"category": "self",
"summary": "SUSE Bug 1269199",
"url": "https://bugzilla.suse.com/1269199"
},
{
"category": "self",
"summary": "SUSE Bug 1269281",
"url": "https://bugzilla.suse.com/1269281"
},
{
"category": "self",
"summary": "SUSE Bug 1269310",
"url": "https://bugzilla.suse.com/1269310"
},
{
"category": "self",
"summary": "SUSE Bug 1269314",
"url": "https://bugzilla.suse.com/1269314"
},
{
"category": "self",
"summary": "SUSE Bug 1269397",
"url": "https://bugzilla.suse.com/1269397"
},
{
"category": "self",
"summary": "SUSE Bug 1269398",
"url": "https://bugzilla.suse.com/1269398"
},
{
"category": "self",
"summary": "SUSE Bug 1269418",
"url": "https://bugzilla.suse.com/1269418"
},
{
"category": "self",
"summary": "SUSE Bug 1269493",
"url": "https://bugzilla.suse.com/1269493"
},
{
"category": "self",
"summary": "SUSE Bug 1269506",
"url": "https://bugzilla.suse.com/1269506"
},
{
"category": "self",
"summary": "SUSE Bug 1269519",
"url": "https://bugzilla.suse.com/1269519"
},
{
"category": "self",
"summary": "SUSE Bug 1269574",
"url": "https://bugzilla.suse.com/1269574"
},
{
"category": "self",
"summary": "SUSE Bug 1269617",
"url": "https://bugzilla.suse.com/1269617"
},
{
"category": "self",
"summary": "SUSE Bug 1269678",
"url": "https://bugzilla.suse.com/1269678"
},
{
"category": "self",
"summary": "SUSE Bug 1269681",
"url": "https://bugzilla.suse.com/1269681"
},
{
"category": "self",
"summary": "SUSE Bug 1269798",
"url": "https://bugzilla.suse.com/1269798"
},
{
"category": "self",
"summary": "SUSE Bug 1269821",
"url": "https://bugzilla.suse.com/1269821"
},
{
"category": "self",
"summary": "SUSE Bug 1269884",
"url": "https://bugzilla.suse.com/1269884"
},
{
"category": "self",
"summary": "SUSE Bug 1270059",
"url": "https://bugzilla.suse.com/1270059"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40216 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40341 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-71294 page",
"url": "https://www.suse.com/security/cve/CVE-2025-71294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23451 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23451/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31429 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31450 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31450/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31453 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31462 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31462/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31466 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31495 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31502 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31560 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31592 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31593 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31647 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31665 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31670 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31677 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31677/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31697 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31698 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31699 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31752 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31771 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43010 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43022 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43023 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43034 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43035 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43049 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43074 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43079 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43080 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43081 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43085 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43086 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43089 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43093 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43094 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43107 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43128 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43139 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43171 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43233 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43238 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43284 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43303 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43336 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43336/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43345 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43420 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43420/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43456 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43472 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43491 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43502 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45838 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45840 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45848 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45862 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45891 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45894 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45912 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45940 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45948 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45961 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45964 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45974 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45985 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46063 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46065 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46069 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46071 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46076 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46116 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46123 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46124 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46133 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46162 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46173 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46185 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46197 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46214 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46227 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46229 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46253 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46254 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46266 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46274 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46289 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46291 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46315 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46315/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46319 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46320 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46328 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46328/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46331 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46331/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52908 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52909 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52918 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52923 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52943 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52954 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52957 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52962 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52969 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-52972 page",
"url": "https://www.suse.com/security/cve/CVE-2026-52972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53016 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53040 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53041 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53052 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53071 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53072 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53122 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53122/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53133 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53138 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53182 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53253 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53266 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53266/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53281 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53287 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-53362 page",
"url": "https://www.suse.com/security/cve/CVE-2026-53362/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-07-08T14:58:16Z",
"generator": {
"date": "2026-07-08T14:58:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2799-1",
"initial_release_date": "2026-07-08T14:58:16Z",
"revision_history": [
{
"date": "2026-07-08T14:58:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150700.7.62.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150700.7.62.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-rt-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150700.7.62.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP7",
"product": {
"name": "SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150700.7.62.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150700.7.62.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150700.7.62.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150700.7.62.1.noarch as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64 as component of SUSE Real Time Module 15 SP7",
"product_id": "SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
},
{
"category": "external",
"summary": "SUSE Bug 1270230 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1270230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-40216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/rsrc: don\u0027t rely on user vaddr alignment\n\nThere is no guaranteed alignment for user pointers, however the\ncalculation of an offset of the first page into a folio after coalescing\nuses some weird bit mask logic, get rid of it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40216",
"url": "https://www.suse.com/security/cve/CVE-2025-40216"
},
{
"category": "external",
"summary": "SUSE Bug 1259764 for CVE-2025-40216",
"url": "https://bugzilla.suse.com/1259764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-40216"
},
{
"cve": "CVE-2025-40341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40341"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Don\u0027t leak robust_list pointer on exec race\n\nsys_get_robust_list() and compat_get_robust_list() use ptrace_may_access()\nto check if the calling task is allowed to access another task\u0027s\nrobust_list pointer. This check is racy against a concurrent exec() in the\ntarget process.\n\nDuring exec(), a task may transition from a non-privileged binary to a\nprivileged one (e.g., setuid binary) and its credentials/memory mappings\nmay change. If get_robust_list() performs ptrace_may_access() before\nthis transition, it may erroneously allow access to sensitive information\nafter the target becomes privileged.\n\nA racy access allows an attacker to exploit a window during which\nptrace_may_access() passes before a target process transitions to a\nprivileged state via exec().\n\nFor example, consider a non-privileged task T that is about to execute a\nsetuid-root binary. An attacker task A calls get_robust_list(T) while T\nis still unprivileged. Since ptrace_may_access() checks permissions\nbased on current credentials, it succeeds. However, if T begins exec\nimmediately afterwards, it becomes privileged and may change its memory\nmappings. Because get_robust_list() proceeds to access T-\u003erobust_list\nwithout synchronizing with exec() it may read user-space pointers from a\nnow-privileged process.\n\nThis violates the intended post-exec access restrictions and could\nexpose sensitive memory addresses or be used as a primitive in a larger\nexploit chain. Consequently, the race can lead to unauthorized\ndisclosure of information across privilege boundaries and poses a\npotential security risk.\n\nTake a read lock on signal-\u003eexec_update_lock prior to invoking\nptrace_may_access() and accessing the robust_list/compat_robust_list.\nThis ensures that the target task\u0027s exec state remains stable during the\ncheck, allowing for consistent and synchronized validation of\ncredentials.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40341",
"url": "https://www.suse.com/security/cve/CVE-2025-40341"
},
{
"category": "external",
"summary": "SUSE Bug 1255029 for CVE-2025-40341",
"url": "https://bugzilla.suse.com/1255029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-40341"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2025-71294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-71294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix NULL pointer issue buffer funcs\n\nIf SDMA block not enabled, buffer_funcs will not initialize,\nfix the null pointer issue if buffer_funcs not initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-71294",
"url": "https://www.suse.com/security/cve/CVE-2025-71294"
},
{
"category": "external",
"summary": "SUSE Bug 1264562 for CVE-2025-71294",
"url": "https://bugzilla.suse.com/1264562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-71294"
},
{
"cve": "CVE-2026-23451",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23451"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: prevent potential infinite loop in bond_header_parse()\n\nbond_header_parse() can loop if a stack of two bonding devices is setup,\nbecause skb-\u003edev always points to the hierarchy top.\n\nAdd new \"const struct net_device *dev\" parameter to\n(struct header_ops)-\u003eparse() method to make sure the recursion\nis bounded, and that the final leaf parse method is called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23451",
"url": "https://www.suse.com/security/cve/CVE-2026-23451"
},
{
"category": "external",
"summary": "SUSE Bug 1261604 for CVE-2026-23451",
"url": "https://bugzilla.suse.com/1261604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-23451"
},
{
"cve": "CVE-2026-31414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31414",
"url": "https://www.suse.com/security/cve/CVE-2026-31414"
},
{
"category": "external",
"summary": "SUSE Bug 1262085 for CVE-2026-31414",
"url": "https://bugzilla.suse.com/1262085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31429",
"url": "https://www.suse.com/security/cve/CVE-2026-31429"
},
{
"category": "external",
"summary": "SUSE Bug 1262392 for CVE-2026-31429",
"url": "https://bugzilla.suse.com/1262392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31450",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31450"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: publish jinode after initialization\n\next4_inode_attach_jinode() publishes ei-\u003ejinode to concurrent users.\nIt used to set ei-\u003ejinode before jbd2_journal_init_jbd_inode(),\nallowing a reader to observe a non-NULL jinode with i_vfs_inode\nstill unset.\n\nThe fast commit flush path can then pass this jinode to\njbd2_wait_inode_data(), which dereferences i_vfs_inode-\u003ei_mapping and\nmay crash.\n\nBelow is the crash I observe:\n```\nBUG: unable to handle page fault for address: 000000010beb47f4\nPGD 110e51067 P4D 110e51067 PUD 0\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 1 UID: 0 PID: 4850 Comm: fc_fsync_bench_ Not tainted 6.18.0-00764-g795a690c06a5 #1 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.17.0-2-2 04/01/2014\nRIP: 0010:xas_find_marked+0x3d/0x2e0\nCode: e0 03 48 83 f8 02 0f 84 f0 01 00 00 48 8b 47 08 48 89 c3 48 39 c6 0f 82 fd 01 00 00 48 85 c9 74 3d 48 83 f9 03 77 63 4c 8b 0f \u003c49\u003e 8b 71 08 48 c7 47 18 00 00 00 00 48 89 f1 83 e1 03 48 83 f9 02\nRSP: 0018:ffffbbee806e7bf0 EFLAGS: 00010246\nRAX: 000000000010beb4 RBX: 000000000010beb4 RCX: 0000000000000003\nRDX: 0000000000000001 RSI: 0000002000300000 RDI: ffffbbee806e7c10\nRBP: 0000000000000001 R08: 0000002000300000 R09: 000000010beb47ec\nR10: ffff9ea494590090 R11: 0000000000000000 R12: 0000002000300000\nR13: ffffbbee806e7c90 R14: ffff9ea494513788 R15: ffffbbee806e7c88\nFS: 00007fc2f9e3e6c0(0000) GS:ffff9ea6b1444000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000000010beb47f4 CR3: 0000000119ac5000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\nfilemap_get_folios_tag+0x87/0x2a0\n__filemap_fdatawait_range+0x5f/0xd0\n? srso_alias_return_thunk+0x5/0xfbef5\n? __schedule+0x3e7/0x10c0\n? srso_alias_return_thunk+0x5/0xfbef5\n? srso_alias_return_thunk+0x5/0xfbef5\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\n? cap_safe_nice+0x37/0x70\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\nfilemap_fdatawait_range_keep_errors+0x12/0x40\next4_fc_commit+0x697/0x8b0\n? ext4_file_write_iter+0x64b/0x950\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\n? srso_alias_return_thunk+0x5/0xfbef5\n? vfs_write+0x356/0x480\n? srso_alias_return_thunk+0x5/0xfbef5\n? preempt_count_sub+0x5f/0x80\next4_sync_file+0xf7/0x370\ndo_fsync+0x3b/0x80\n? syscall_trace_enter+0x108/0x1d0\n__x64_sys_fdatasync+0x16/0x20\ndo_syscall_64+0x62/0x2c0\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n...\n```\n\nFix this by initializing the jbd2_inode first.\nUse smp_wmb() and WRITE_ONCE() to publish ei-\u003ejinode after\ninitialization. Readers use READ_ONCE() to fetch the pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31450",
"url": "https://www.suse.com/security/cve/CVE-2026-31450"
},
{
"category": "external",
"summary": "SUSE Bug 1262618 for CVE-2026-31450",
"url": "https://bugzilla.suse.com/1262618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31450"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: avoid dereferencing log items after push callbacks\n\nAfter xfsaild_push_item() calls iop_push(), the log item may have been\nfreed if the AIL lock was dropped during the push. Background inode\nreclaim or the dquot shrinker can free the log item while the AIL lock\nis not held, and the tracepoints in the switch statement dereference\nthe log item after iop_push() returns.\n\nFix this by capturing the log item type, flags, and LSN before calling\nxfsaild_push_item(), and introducing a new xfs_ail_push_class trace\nevent class that takes these pre-captured values and the ailp pointer\ninstead of the log item pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31453",
"url": "https://www.suse.com/security/cve/CVE-2026-31453"
},
{
"category": "external",
"summary": "SUSE Bug 1262617 for CVE-2026-31453",
"url": "https://bugzilla.suse.com/1262617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31453"
},
{
"cve": "CVE-2026-31462",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31462"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: prevent immediate PASID reuse case\n\nPASID resue could cause interrupt issue when process\nimmediately runs into hw state left by previous\nprocess exited with the same PASID, it\u0027s possible that\npage faults are still pending in the IH ring buffer when\nthe process exits and frees up its PASID. To prevent the\ncase, it uses idr cyclic allocator same as kernel pid\u0027s.\n\n(cherry picked from commit 8f1de51f49be692de137c8525106e0fce2d1912d)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31462",
"url": "https://www.suse.com/security/cve/CVE-2026-31462"
},
{
"category": "external",
"summary": "SUSE Bug 1262655 for CVE-2026-31462",
"url": "https://bugzilla.suse.com/1262655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31462"
},
{
"cve": "CVE-2026-31466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix folio isn\u0027t locked in softleaf_to_folio()\n\nOn arm64 server, we found folio that get from migration entry isn\u0027t locked\nin softleaf_to_folio(). This issue triggers when mTHP splitting and\nzap_nonpresent_ptes() races, and the root cause is lack of memory barrier\nin softleaf_to_folio(). The race is as follows:\n\n\tCPU0 CPU1\n\ndeferred_split_scan() zap_nonpresent_ptes()\n lock folio\n split_folio()\n unmap_folio()\n change ptes to migration entries\n __split_folio_to_order() softleaf_to_folio()\n set flags(including PG_locked) for tail pages folio = pfn_folio(softleaf_to_pfn(entry))\n smp_wmb() VM_WARN_ON_ONCE(!folio_test_locked(folio))\n prep_compound_page() for tail pages\n\nIn __split_folio_to_order(), smp_wmb() guarantees page flags of tail pages\nare visible before the tail page becomes non-compound. smp_wmb() should\nbe paired with smp_rmb() in softleaf_to_folio(), which is missed. As a\nresult, if zap_nonpresent_ptes() accesses migration entry that stores tail\npfn, softleaf_to_folio() may see the updated compound_head of tail page\nbefore page-\u003eflags.\n\nThis issue will trigger VM_WARN_ON_ONCE() in pfn_swap_entry_folio()\nbecause of the race between folio split and zap_nonpresent_ptes()\nleading to a folio incorrectly undergoing modification without a folio\nlock being held.\n\nThis is a BUG_ON() before commit 93976a20345b (\"mm: eliminate further\nswapops predicates\"), which in merged in v6.19-rc1.\n\nTo fix it, add missing smp_rmb() if the softleaf entry is migration entry\nin softleaf_to_folio() and softleaf_to_page().\n\n[tujinjiang@huawei.com: update function name and comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31466",
"url": "https://www.suse.com/security/cve/CVE-2026-31466"
},
{
"category": "external",
"summary": "SUSE Bug 1267825 for CVE-2026-31466",
"url": "https://bugzilla.suse.com/1267825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31466"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Initialize free_qp completion before using it\n\nIn irdma_create_qp, if ib_copy_to_udata fails, it will call\nirdma_destroy_qp to clean up which will attempt to wait on\nthe free_qp completion, which is not initialized yet. Fix this\nby initializing the completion before the ib_copy_to_udata call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31492",
"url": "https://www.suse.com/security/cve/CVE-2026-31492"
},
{
"category": "external",
"summary": "SUSE Bug 1262748 for CVE-2026-31492",
"url": "https://bugzilla.suse.com/1262748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31492"
},
{
"cve": "CVE-2026-31495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31495",
"url": "https://www.suse.com/security/cve/CVE-2026-31495"
},
{
"category": "external",
"summary": "SUSE Bug 1262798 for CVE-2026-31495",
"url": "https://bugzilla.suse.com/1262798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix deadlock in l2cap_conn_del()\n\nl2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer\nand id_addr_timer while holding conn-\u003elock. However, the work functions\nl2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire\nconn-\u003elock, creating a potential AB-BA deadlock if the work is already\nexecuting when l2cap_conn_del() takes the lock.\n\nMove the work cancellations before acquiring conn-\u003elock and use\ndisable_delayed_work_sync() to additionally prevent the works from\nbeing rearmed after cancellation, consistent with the pattern used in\nhci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31499",
"url": "https://www.suse.com/security/cve/CVE-2026-31499"
},
{
"category": "external",
"summary": "SUSE Bug 1262674 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "external",
"summary": "SUSE Bug 1271058 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1271058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31499"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31502"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: fix header_ops type confusion with non-Ethernet ports\n\nSimilar to commit 950803f72547 (\"bonding: fix type confusion in\nbond_setup_by_slave()\") team has the same class of header_ops type\nconfusion.\n\nFor non-Ethernet ports, team_setup_by_port() copies port_dev-\u003eheader_ops\ndirectly. When the team device later calls dev_hard_header() or\ndev_parse_header(), these callbacks can run with the team net_device\ninstead of the real lower device, so netdev_priv(dev) is interpreted as\nthe wrong private type and can crash.\n\nThe syzbot report shows a crash in bond_header_create(), but the root\ncause is in team: the topology is gre -\u003e bond -\u003e team, and team calls\nthe inherited header_ops with its own net_device instead of the lower\ndevice, so bond_header_create() receives a team device and interprets\nnetdev_priv() as bonding private data, causing a type confusion crash.\n\nFix this by introducing team header_ops wrappers for create/parse,\nselecting a team port under RCU, and calling the lower device callbacks\nwith port-\u003edev, so each callback always sees the correct net_device\ncontext.\n\nAlso pass the selected lower device to the lower parse callback, so\nrecursion is bounded in stacked non-Ethernet topologies and parse\ncallbacks always run with the correct device context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31502",
"url": "https://www.suse.com/security/cve/CVE-2026-31502"
},
{
"category": "external",
"summary": "SUSE Bug 1263072 for CVE-2026-31502",
"url": "https://bugzilla.suse.com/1263072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31502"
},
{
"cve": "CVE-2026-31555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31555",
"url": "https://www.suse.com/security/cve/CVE-2026-31555"
},
{
"category": "external",
"summary": "SUSE Bug 1263178 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "external",
"summary": "SUSE Bug 1263179 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-dw-dma: fix print error log when wait finish transaction\n\nIf an error occurs, the device may not have a current message. In this\ncase, the system will crash.\n\nIn this case, it\u0027s better to use dev from the struct ctlr (struct spi_controller*).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31560",
"url": "https://www.suse.com/security/cve/CVE-2026-31560"
},
{
"category": "external",
"summary": "SUSE Bug 1263057 for CVE-2026-31560",
"url": "https://bugzilla.suse.com/1263057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31560"
},
{
"cve": "CVE-2026-31592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock\n\nTake and hold kvm-\u003elock for before checking sev_guest() in\nsev_mem_enc_register_region(), as sev_guest() isn\u0027t stable unless kvm-\u003elock\nis held (or KVM can guarantee KVM_SEV_INIT{2} has completed and can\u0027t\nrollack state). If KVM_SEV_INIT{2} fails, KVM can end up trying to add to\na not-yet-initialized sev-\u003eregions_list, e.g. triggering a #GP\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n CPU: 110 UID: 0 PID: 72717 Comm: syz.15.11462 Tainted: G U W O 6.16.0-smp-DEV #1 NONE\n Tainted: [U]=USER, [W]=WARN, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:sev_mem_enc_register_region+0x3f0/0x4f0 ../include/linux/list.h:83\n Code: \u003c41\u003e 80 3c 04 00 74 08 4c 89 ff e8 f1 c7 a2 00 49 39 ed 0f 84 c6 00\n RSP: 0018:ffff88838647fbb8 EFLAGS: 00010256\n RAX: dffffc0000000000 RBX: 1ffff92015cf1e0b RCX: dffffc0000000000\n RDX: 0000000000000000 RSI: 0000000000001000 RDI: ffff888367870000\n RBP: ffffc900ae78f050 R08: ffffea000d9e0007 R09: 1ffffd4001b3c000\n R10: dffffc0000000000 R11: fffff94001b3c001 R12: 0000000000000000\n R13: ffff8982ab0bde00 R14: ffffc900ae78f058 R15: 0000000000000000\n FS: 00007f34e9dc66c0(0000) GS:ffff89ee64d33000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fe180adef98 CR3: 000000047210e000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vm_ioctl+0xa72/0x1240 ../arch/x86/kvm/x86.c:7371\n kvm_vm_ioctl+0x649/0x990 ../virt/kvm/kvm_main.c:5363\n __se_sys_ioctl+0x101/0x170 ../fs/ioctl.c:51\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x6f/0x1f0 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f34e9f7e9a9\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f34e9dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007f34ea1a6080 RCX: 00007f34e9f7e9a9\n RDX: 0000200000000280 RSI: 000000008010aebb RDI: 0000000000000007\n RBP: 00007f34ea000d69 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f34ea1a6080 R15: 00007ffce77197a8\n \u003c/TASK\u003e\n\nwith a syzlang reproducer that looks like:\n\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000040)={0x0, \u0026(0x7f0000000180)=ANY=[], 0x70}) (async)\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000080)={0x0, \u0026(0x7f0000000180)=ANY=[@ANYBLOB=\"...\"], 0x4f}) (async)\n r0 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000200), 0x0, 0x0)\n r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)\n r2 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000240), 0x0, 0x0)\n r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)\n ioctl$KVM_SET_CLOCK(r3, 0xc008aeba, \u0026(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) (async)\n ioctl$KVM_SET_PIT2(r3, 0x8010aebb, \u0026(0x7f0000000280)={[...], 0x5}) (async)\n ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) (async)\n r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)\n openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)\n ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, \u0026(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, \u0026(0x7f0000001000/0x2000)=nil}) (async)\n r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)\n close(r0) (async)\n openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000000), 0x8000, 0x0) (async)\n ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, \u0026(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x46, 0x0, 0x0, 0x0, 0x0, 0x1000]}) (async)\n ioctl$KVM_RUN(r5, 0xae80, 0x0)\n\nOpportunistically use guard() to avoid having to define a new error label\nand goto usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31592",
"url": "https://www.suse.com/security/cve/CVE-2026-31592"
},
{
"category": "external",
"summary": "SUSE Bug 1263123 for CVE-2026-31592",
"url": "https://bugzilla.suse.com/1263123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31593"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU\n\nReject synchronizing vCPU state to its associated VMSA if the vCPU has\nalready been launched, i.e. if the VMSA has already been encrypted. On a\nhost with SNP enabled, accessing guest-private memory generates an RMP #PF\nand panics the host.\n\n BUG: unable to handle page fault for address: ff1276cbfdf36000\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x80000003) - RMP violation\n PGD 5a31801067 P4D 5a31802067 PUD 40ccfb5063 PMD 40e5954063 PTE 80000040fdf36163\n SEV-SNP: PFN 0x40fdf36, RMP entry: [0x6010fffffffff001 - 0x000000000000001f]\n Oops: Oops: 0003 [#1] SMP NOPTI\n CPU: 33 UID: 0 PID: 996180 Comm: qemu-system-x86 Tainted: G OE\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: Dell Inc. PowerEdge R7625/0H1TJT, BIOS 1.5.8 07/21/2023\n RIP: 0010:sev_es_sync_vmsa+0x54/0x4c0 [kvm_amd]\n Call Trace:\n \u003cTASK\u003e\n snp_launch_update_vmsa+0x19d/0x290 [kvm_amd]\n snp_launch_finish+0xb6/0x380 [kvm_amd]\n sev_mem_enc_ioctl+0x14e/0x720 [kvm_amd]\n kvm_arch_vm_ioctl+0x837/0xcf0 [kvm]\n kvm_vm_ioctl+0x3fd/0xcc0 [kvm]\n __x64_sys_ioctl+0xa3/0x100\n x64_sys_call+0xfe0/0x2350\n do_syscall_64+0x81/0x10f0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7ffff673287d\n \u003c/TASK\u003e\n\nNote, the KVM flaw has been present since commit ad73109ae7ec (\"KVM: SVM:\nProvide support to launch and run an SEV-ES guest\"), but has only been\nactively dangerous for the host since SNP support was added. With SEV-ES,\nKVM would \"just\" clobber guest state, which is totally fine from a host\nkernel perspective since userspace can clobber guest state any time before\nsev_launch_update_vmsa().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31593",
"url": "https://www.suse.com/security/cve/CVE-2026-31593"
},
{
"category": "external",
"summary": "SUSE Bug 1263124 for CVE-2026-31593",
"url": "https://bugzilla.suse.com/1263124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31593"
},
{
"cve": "CVE-2026-31647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix PREEMPT_RT raw/bh spinlock nesting for async VC handling\n\nSwitch from using the completion\u0027s raw spinlock to a local lock in the\nidpf_vc_xn struct. The conversion is safe because complete/_all() are\ncalled outside the lock and there is no reason to share the completion\nlock in the current logic. This avoids invalid wait context reported by\nthe kernel due to the async handler taking BH spinlock:\n\n[ 805.726977] =============================\n[ 805.726991] [ BUG: Invalid wait context ]\n[ 805.727006] 7.0.0-rc2-net-devq-031026+ #28 Tainted: G S OE\n[ 805.727026] -----------------------------\n[ 805.727038] kworker/u261:0/572 is trying to lock:\n[ 805.727051] ff190da6a8dbb6a0 (\u0026vport_config-\u003emac_filter_list_lock){+...}-{3:3}, at: idpf_mac_filter_async_handler+0xe9/0x260 [idpf]\n[ 805.727099] other info that might help us debug this:\n[ 805.727111] context-{5:5}\n[ 805.727119] 3 locks held by kworker/u261:0/572:\n[ 805.727132] #0: ff190da6db3e6148 ((wq_completion)idpf-0000:83:00.0-mbx){+.+.}-{0:0}, at: process_one_work+0x4b5/0x730\n[ 805.727163] #1: ff3c6f0a6131fe50 ((work_completion)(\u0026(\u0026adapter-\u003embx_task)-\u003ework)){+.+.}-{0:0}, at: process_one_work+0x1e5/0x730\n[ 805.727191] #2: ff190da765190020 (\u0026x-\u003ewait#34){+.+.}-{2:2}, at: idpf_recv_mb_msg+0xc8/0x710 [idpf]\n[ 805.727218] stack backtrace:\n...\n[ 805.727238] Workqueue: idpf-0000:83:00.0-mbx idpf_mbx_task [idpf]\n[ 805.727247] Call Trace:\n[ 805.727249] \u003cTASK\u003e\n[ 805.727251] dump_stack_lvl+0x77/0xb0\n[ 805.727259] __lock_acquire+0xb3b/0x2290\n[ 805.727268] ? __irq_work_queue_local+0x59/0x130\n[ 805.727275] lock_acquire+0xc6/0x2f0\n[ 805.727277] ? idpf_mac_filter_async_handler+0xe9/0x260 [idpf]\n[ 805.727284] ? _printk+0x5b/0x80\n[ 805.727290] _raw_spin_lock_bh+0x38/0x50\n[ 805.727298] ? idpf_mac_filter_async_handler+0xe9/0x260 [idpf]\n[ 805.727303] idpf_mac_filter_async_handler+0xe9/0x260 [idpf]\n[ 805.727310] idpf_recv_mb_msg+0x1c8/0x710 [idpf]\n[ 805.727317] process_one_work+0x226/0x730\n[ 805.727322] worker_thread+0x19e/0x340\n[ 805.727325] ? __pfx_worker_thread+0x10/0x10\n[ 805.727328] kthread+0xf4/0x130\n[ 805.727333] ? __pfx_kthread+0x10/0x10\n[ 805.727336] ret_from_fork+0x32c/0x410\n[ 805.727345] ? __pfx_kthread+0x10/0x10\n[ 805.727347] ret_from_fork_asm+0x1a/0x30\n[ 805.727354] \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31647",
"url": "https://www.suse.com/security/cve/CVE-2026-31647"
},
{
"category": "external",
"summary": "SUSE Bug 1263581 for CVE-2026-31647",
"url": "https://bugzilla.suse.com/1263581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31647"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31665",
"url": "https://www.suse.com/security/cve/CVE-2026-31665"
},
{
"category": "external",
"summary": "SUSE Bug 1263137 for CVE-2026-31665",
"url": "https://bugzilla.suse.com/1263137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rfkill: prevent unlimited numbers of rfkill events from being created\n\nUserspace can create an unlimited number of rfkill events if the system\nis so configured, while not consuming them from the rfkill file\ndescriptor, causing a potential out of memory situation. Prevent this\nfrom bounding the number of pending rfkill events at a \"large\" number\n(i.e. 1000) to prevent abuses like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31670",
"url": "https://www.suse.com/security/cve/CVE-2026-31670"
},
{
"category": "external",
"summary": "SUSE Bug 1263573 for CVE-2026-31670",
"url": "https://bugzilla.suse.com/1263573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31670"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31677"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - limit RX SG extraction by receive buffer budget\n\nMake af_alg_get_rsgl() limit each RX scatterlist extraction to the\nremaining receive buffer budget.\n\naf_alg_get_rsgl() currently uses af_alg_readable() only as a gate\nbefore extracting data into the RX scatterlist. Limit each extraction\nto the remaining af_alg_rcvbuf(sk) budget so that receive-side\naccounting matches the amount of data attached to the request.\n\nIf skcipher cannot obtain enough RX space for at least one chunk while\nmore data remains to be processed, reject the recvmsg call instead of\nrounding the request length down to zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31677",
"url": "https://www.suse.com/security/cve/CVE-2026-31677"
},
{
"category": "external",
"summary": "SUSE Bug 1263560 for CVE-2026-31677",
"url": "https://bugzilla.suse.com/1263560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31677"
},
{
"cve": "CVE-2026-31680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31680",
"url": "https://www.suse.com/security/cve/CVE-2026-31680"
},
{
"category": "external",
"summary": "SUSE Bug 1263563 for CVE-2026-31680",
"url": "https://bugzilla.suse.com/1263563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31693",
"url": "https://www.suse.com/security/cve/CVE-2026-31693"
},
{
"category": "external",
"summary": "SUSE Bug 1267744 for CVE-2026-31693",
"url": "https://bugzilla.suse.com/1267744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31693"
},
{
"cve": "CVE-2026-31697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don\u0027t attempt to copy the ID blob to\nuserspace if the firmware command failed. If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31697",
"url": "https://www.suse.com/security/cve/CVE-2026-31697"
},
{
"category": "external",
"summary": "SUSE Bug 1264116 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "external",
"summary": "SUSE Bug 1264144 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31697"
},
{
"cve": "CVE-2026-31698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed\n\nWhen retrieving the PDH cert, don\u0027t attempt to copy the blobs to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff8885c4ab8aa0 by task syz.0.186/21033\n\n CPU: 51 UID: 0 PID: 21033 Comm: syz.0.186 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.84.12-0 11/17/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pdh_export+0x3d3/0x7c0 ../drivers/crypto/ccp/sev-dev.c:2347\n sev_ioctl+0x2a2/0x490 ../drivers/crypto/ccp/sev-dev.c:2568\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31698",
"url": "https://www.suse.com/security/cve/CVE-2026-31698"
},
{
"category": "external",
"summary": "SUSE Bug 1263880 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "external",
"summary": "SUSE Bug 1263929 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31698"
},
{
"cve": "CVE-2026-31699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed\n\nWhen retrieving the PEK CSR, don\u0027t attempt to copy the blob to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff898144612e20 by task syz.9.219/21405\n\n CPU: 14 UID: 0 PID: 21405 Comm: syz.9.219 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pek_csr+0x31f/0x590 ../drivers/crypto/ccp/sev-dev.c:1872\n sev_ioctl+0x3a4/0x490 ../drivers/crypto/ccp/sev-dev.c:2562\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31699",
"url": "https://www.suse.com/security/cve/CVE-2026-31699"
},
{
"category": "external",
"summary": "SUSE Bug 1263879 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "external",
"summary": "SUSE Bug 1263928 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31699"
},
{
"cve": "CVE-2026-31752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31752",
"url": "https://www.suse.com/security/cve/CVE-2026-31752"
},
{
"category": "external",
"summary": "SUSE Bug 1264045 for CVE-2026-31752",
"url": "https://bugzilla.suse.com/1264045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: move wake reason storage into validated event handlers\n\nhci_store_wake_reason() is called from hci_event_packet() immediately\nafter stripping the HCI event header but before hci_event_func()\nenforces the per-event minimum payload length from hci_ev_table.\nThis means a short HCI event frame can reach bacpy() before any bounds\ncheck runs.\n\nRather than duplicating skb parsing and per-event length checks inside\nhci_store_wake_reason(), move wake-address storage into the individual\nevent handlers after their existing event-length validation has\nsucceeded. Convert hci_store_wake_reason() into a small helper that only\nstores an already-validated bdaddr while the caller holds hci_dev_lock().\nUse the same helper after hci_event_func() with a NULL address to\npreserve the existing unexpected-wake fallback semantics when no\nvalidated event handler records a wake address.\n\nAnnotate the helper with __must_hold(\u0026hdev-\u003elock) and add\nlockdep_assert_held(\u0026hdev-\u003elock) so future call paths keep the lock\ncontract explicit.\n\nCall the helper from hci_conn_request_evt(), hci_conn_complete_evt(),\nhci_sync_conn_complete_evt(), le_conn_complete_evt(),\nhci_le_adv_report_evt(), hci_le_ext_adv_report_evt(),\nhci_le_direct_adv_report_evt(), hci_le_pa_sync_established_evt(), and\nhci_le_past_received_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31771",
"url": "https://www.suse.com/security/cve/CVE-2026-31771"
},
{
"category": "external",
"summary": "SUSE Bug 1264145 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "external",
"summary": "SUSE Bug 1264146 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-31771"
},
{
"cve": "CVE-2026-43010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Reject sleepable kprobe_multi programs at attach time\n\nkprobe.multi programs run in atomic/RCU context and cannot sleep.\nHowever, bpf_kprobe_multi_link_attach() did not validate whether the\nprogram being attached had the sleepable flag set, allowing sleepable\nhelpers such as bpf_copy_from_user() to be invoked from a non-sleepable\ncontext.\n\nThis causes a \"sleeping function called from invalid context\" splat:\n\n BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:169\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1787, name: sudo\n preempt_count: 1, expected: 0\n RCU nest depth: 2, expected: 0\n\nFix this by rejecting sleepable programs early in\nbpf_kprobe_multi_link_attach(), before any further processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43010",
"url": "https://www.suse.com/security/cve/CVE-2026-43010"
},
{
"category": "external",
"summary": "SUSE Bug 1264015 for CVE-2026-43010",
"url": "https://bugzilla.suse.com/1264015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43010"
},
{
"cve": "CVE-2026-43022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists\n\nhci_cmd_sync_queue_once() needs to indicate whether a queue item was\nadded, so caller can know if callbacks are called, so it can avoid\nleaking resources.\n\nChange the function to return -EEXIST if queue item already exists.\n\nModify all callsites to handle that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43022",
"url": "https://www.suse.com/security/cve/CVE-2026-43022"
},
{
"category": "external",
"summary": "SUSE Bug 1264001 for CVE-2026-43022",
"url": "https://bugzilla.suse.com/1264001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43022"
},
{
"cve": "CVE-2026-43023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: fix race conditions in sco_sock_connect()\n\nsco_sock_connect() checks sk_state and sk_type without holding\nthe socket lock. Two concurrent connect() syscalls on the same\nsocket can both pass the check and enter sco_connect(), leading\nto use-after-free.\n\nThe buggy scenario involves three participants and was confirmed\nwith additional logging instrumentation:\n\n Thread A (connect): HCI disconnect: Thread B (connect):\n\n sco_sock_connect(sk) sco_sock_connect(sk)\n sk_state==BT_OPEN sk_state==BT_OPEN\n (pass, no lock) (pass, no lock)\n sco_connect(sk): sco_connect(sk):\n hci_dev_lock hci_dev_lock\n hci_connect_sco \u003c- blocked\n -\u003e hcon1\n sco_conn_add-\u003econn1\n lock_sock(sk)\n sco_chan_add:\n conn1-\u003esk = sk\n sk-\u003econn = conn1\n sk_state=BT_CONNECT\n release_sock\n hci_dev_unlock\n hci_dev_lock\n sco_conn_del:\n lock_sock(sk)\n sco_chan_del:\n sk-\u003econn=NULL\n conn1-\u003esk=NULL\n sk_state=\n BT_CLOSED\n SOCK_ZAPPED\n release_sock\n hci_dev_unlock\n (unblocked)\n hci_connect_sco\n -\u003e hcon2\n sco_conn_add\n -\u003e conn2\n lock_sock(sk)\n sco_chan_add:\n sk-\u003econn=conn2\n sk_state=\n BT_CONNECT\n // zombie sk!\n release_sock\n hci_dev_unlock\n\nThread B revives a BT_CLOSED + SOCK_ZAPPED socket back to\nBT_CONNECT. Subsequent cleanup triggers double sock_put() and\nuse-after-free. Meanwhile conn1 is leaked as it was orphaned\nwhen sco_conn_del() cleared the association.\n\nFix this by:\n- Moving lock_sock() before the sk_state/sk_type checks in\n sco_sock_connect() to serialize concurrent connect attempts\n- Fixing the sk_type != SOCK_SEQPACKET check to actually\n return the error instead of just assigning it\n- Adding a state re-check in sco_connect() after lock_sock()\n to catch state changes during the window between the locks\n- Adding sco_pi(sk)-\u003econn check in sco_chan_add() to prevent\n double-attach of a socket to multiple connections\n- Adding hci_conn_drop() on sco_chan_add failure to prevent\n HCI connection leaks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43023",
"url": "https://www.suse.com/security/cve/CVE-2026-43023"
},
{
"category": "external",
"summary": "SUSE Bug 1264137 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "external",
"summary": "SUSE Bug 1264138 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-43023"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: set backing store type from query type\n\nbnxt_hwrm_func_backing_store_qcaps_v2() stores resp-\u003etype from the\nfirmware response in ctxm-\u003etype and later uses that value to index\nfixed backing-store metadata arrays such as ctx_arr[] and\nbnxt_bstore_to_trace[].\n\nctxm-\u003etype is fixed by the current backing-store query type and matches\nthe array index of ctx-\u003ectx_arr. Set ctxm-\u003etype from the current loop\nvariable instead of depending on resp-\u003etype.\n\nAlso update the loop to advance type from next_valid_type in the for\nstatement, which keeps the control flow simpler for non-valid and\nunchanged entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43034",
"url": "https://www.suse.com/security/cve/CVE-2026-43034"
},
{
"category": "external",
"summary": "SUSE Bug 1263998 for CVE-2026-43034",
"url": "https://bugzilla.suse.com/1263998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43034"
},
{
"cve": "CVE-2026-43035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43035",
"url": "https://www.suse.com/security/cve/CVE-2026-43035"
},
{
"category": "external",
"summary": "SUSE Bug 1263996 for CVE-2026-43035",
"url": "https://bugzilla.suse.com/1263996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use skb_header_pointer() for TCPv4 GSO frag_off check\n\nSyzbot reported a KMSAN uninit-value warning in gso_features_check()\ncalled from netif_skb_features() [1].\n\ngso_features_check() reads iph-\u003efrag_off to decide whether to clear\nmangleid_features. Accessing the IPv4 header via ip_hdr()/inner_ip_hdr()\ncan rely on skb header offsets that are not always safe for direct\ndereference on packets injected from PF_PACKET paths.\n\nUse skb_header_pointer() for the TCPv4 frag_off check so the header read\nis robust whether data is already linear or needs copying.\n\n[1] https://syzkaller.appspot.com/bug?extid=1543a7d954d9c6d00407",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43036",
"url": "https://www.suse.com/security/cve/CVE-2026-43036"
},
{
"category": "external",
"summary": "SUSE Bug 1263993 for CVE-2026-43036",
"url": "https://bugzilla.suse.com/1263993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43036"
},
{
"cve": "CVE-2026-43049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure\n\nPresently, if the force feedback initialisation fails when probing the\nLogitech G920 Driving Force Racing Wheel for Xbox One, an error number\nwill be returned and propagated before the userspace infrastructure\n(sysfs and /dev/input) has been torn down. If userspace ignores the\nerrors and continues to use its references to these dangling entities, a\nUAF will promptly follow.\n\nWe have 2 options; continue to return the error, but ensure that all of\nthe infrastructure is torn down accordingly or continue to treat this\ncondition as a warning by emitting the message but returning success.\nIt is thought that the original author\u0027s intention was to emit the\nwarning but keep the device functional, less the force feedback feature,\nso let\u0027s go with that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43049",
"url": "https://www.suse.com/security/cve/CVE-2026-43049"
},
{
"category": "external",
"summary": "SUSE Bug 1264080 for CVE-2026-43049",
"url": "https://bugzilla.suse.com/1264080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43049"
},
{
"cve": "CVE-2026-43053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: close crash window in attr dabtree inactivation\n\nWhen inactivating an inode with node-format extended attributes,\nxfs_attr3_node_inactive() invalidates all child leaf/node blocks via\nxfs_trans_binval(), but intentionally does not remove the corresponding\nentries from their parent node blocks. The implicit assumption is that\nxfs_attr_inactive() will truncate the entire attr fork to zero extents\nafterwards, so log recovery will never reach the root node and follow\nthose stale pointers.\n\nHowever, if a log shutdown occurs after the leaf/node block cancellations\ncommit but before the attr bmap truncation commits, this assumption\nbreaks. Recovery replays the attr bmap intact (the inode still has\nattr fork extents), but suppresses replay of all cancelled leaf/node\nblocks, maybe leaving them as stale data on disk. On the next mount,\nxlog_recover_process_iunlinks() retries inactivation and attempts to\nread the root node via the attr bmap. If the root node was not replayed,\nreading the unreplayed root block triggers a metadata verification\nfailure immediately; if it was replayed, following its child pointers\nto unreplayed child blocks triggers the same failure:\n\n XFS (pmem0): Metadata corruption detected at\n xfs_da3_node_read_verify+0x53/0x220, xfs_da3_node block 0x78\n XFS (pmem0): Unmount and run xfs_repair\n XFS (pmem0): First 128 bytes of corrupted metadata buffer:\n 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n XFS (pmem0): metadata I/O error in \"xfs_da_read_buf+0x104/0x190\" at daddr 0x78 len 8 error 117\n\nFix this in two places:\n\nIn xfs_attr3_node_inactive(), after calling xfs_trans_binval() on a\nchild block, immediately remove the entry that references it from the\nparent node in the same transaction. This eliminates the window where\nthe parent holds a pointer to a cancelled block. Once all children are\nremoved, the now-empty root node is converted to a leaf block within the\nsame transaction. This node-to-leaf conversion is necessary for crash\nsafety. If the system shutdown after the empty node is written to the\nlog but before the second-phase bmap truncation commits, log recovery\nwill attempt to verify the root block on disk. xfs_da3_node_verify()\ndoes not permit a node block with count == 0; such a block will fail\nverification and trigger a metadata corruption shutdown. on the other\nhand, leaf blocks are allowed to have this transient state.\n\nIn xfs_attr_inactive(), split the attr fork truncation into two explicit\nphases. First, truncate all extents beyond the root block (the child\nextents whose parent references have already been removed above).\nSecond, invalidate the root block and truncate the attr bmap to zero in\na single transaction. The two operations in the second phase must be\natomic: as long as the attr bmap has any non-zero length, recovery can\nfollow it to the root block, so the root block invalidation must commit\ntogether with the bmap-to-zero truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43053",
"url": "https://www.suse.com/security/cve/CVE-2026-43053"
},
{
"category": "external",
"summary": "SUSE Bug 1264084 for CVE-2026-43053",
"url": "https://bugzilla.suse.com/1264084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43053"
},
{
"cve": "CVE-2026-43074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: defer struct eventpoll free to RCU grace period\n\nIn certain situations, ep_free() in eventpoll.c will kfree the epi-\u003eep\neventpoll struct while it still being used by another concurrent thread.\nDefer the kfree() to an RCU callback to prevent UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43074",
"url": "https://www.suse.com/security/cve/CVE-2026-43074"
},
{
"category": "external",
"summary": "SUSE Bug 1264263 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "external",
"summary": "SUSE Bug 1265307 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1265307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-43074"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/intel/uncore: Skip discovery table for offline dies\n\nThis warning can be triggered if NUMA is disabled and the system\nboots with fewer CPUs than the number of CPUs in die 0.\n\nWARNING: CPU: 9 PID: 7257 at uncore.c:1157 uncore_pci_pmu_register+0x136/0x160 [intel_uncore]\n\nCurrently, the discovery table continues to be parsed even if all CPUs\nin the associated die are offline. This can lead to an array overflow\nat \"pmu-\u003eboxes[die] = box\" in uncore_pci_pmu_register(), which may\ntrigger the warning above or cause other issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43079",
"url": "https://www.suse.com/security/cve/CVE-2026-43079"
},
{
"category": "external",
"summary": "SUSE Bug 1264228 for CVE-2026-43079",
"url": "https://bugzilla.suse.com/1264228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43079"
},
{
"cve": "CVE-2026-43080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: Drop large packets with UDP encap\n\nsyzbot reported a WARN on my patch series [1]. The actual issue is an\noverflow of 16-bit UDP length field, and it exists in the upstream code.\nMy series added a debug WARN with an overflow check that exposed the\nissue, that\u0027s why syzbot tripped on my patches, rather than on upstream\ncode.\n\nsyzbot\u0027s repro:\n\nr0 = socket$pppl2tp(0x18, 0x1, 0x1)\nr1 = socket$inet6_udp(0xa, 0x2, 0x0)\nconnect$inet6(r1, \u0026(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback, 0xfffffffc}, 0x1c)\nconnect$pppl2tp(r0, \u0026(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e22, 0xffff, @ipv4={\u0027\\x00\u0027, \u0027\\xff\\xff\u0027, @empty}}}}, 0x32)\nwritev(r0, \u0026(0x7f0000000080)=[{\u0026(0x7f0000000000)=\"ee\", 0x34000}], 0x1)\n\nIt basically sends an oversized (0x34000 bytes) PPPoL2TP packet with UDP\nencapsulation, and l2tp_xmit_core doesn\u0027t check for overflows when it\nassigns the UDP length field. The value gets trimmed to 16 bites.\n\nAdd an overflow check that drops oversized packets and avoids sending\npackets with trimmed UDP length to the wire.\n\nsyzbot\u0027s stack trace (with my patch applied):\n\nlen \u003e= 65536u\nWARNING: ./include/linux/udp.h:38 at udp_set_len_short include/linux/udp.h:38 [inline], CPU#1: syz.0.17/5957\nWARNING: ./include/linux/udp.h:38 at l2tp_xmit_core net/l2tp/l2tp_core.c:1293 [inline], CPU#1: syz.0.17/5957\nWARNING: ./include/linux/udp.h:38 at l2tp_xmit_skb+0x1204/0x18d0 net/l2tp/l2tp_core.c:1327, CPU#1: syz.0.17/5957\nModules linked in:\nCPU: 1 UID: 0 PID: 5957 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nRIP: 0010:udp_set_len_short include/linux/udp.h:38 [inline]\nRIP: 0010:l2tp_xmit_core net/l2tp/l2tp_core.c:1293 [inline]\nRIP: 0010:l2tp_xmit_skb+0x1204/0x18d0 net/l2tp/l2tp_core.c:1327\nCode: 0f 0b 90 e9 21 f9 ff ff e8 e9 05 ec f6 90 0f 0b 90 e9 8d f9 ff ff e8 db 05 ec f6 90 0f 0b 90 e9 cc f9 ff ff e8 cd 05 ec f6 90 \u003c0f\u003e 0b 90 e9 de fa ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 4f\nRSP: 0018:ffffc90003d67878 EFLAGS: 00010293\nRAX: ffffffff8ad985e3 RBX: ffff8881a6400090 RCX: ffff8881697f0000\nRDX: 0000000000000000 RSI: 0000000000034010 RDI: 000000000000ffff\nRBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004\nR10: dffffc0000000000 R11: fffff520007acf00 R12: ffff8881baf20900\nR13: 0000000000034010 R14: ffff8881a640008e R15: ffff8881760f7000\nFS: 000055557e81f500(0000) GS:ffff8882a9467000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000200000033000 CR3: 00000001612f4000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n pppol2tp_sendmsg+0x40a/0x5f0 net/l2tp/l2tp_ppp.c:302\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n sock_write_iter+0x503/0x550 net/socket.c:1195\n do_iter_readv_writev+0x619/0x8c0 fs/read_write.c:-1\n vfs_writev+0x33c/0x990 fs/read_write.c:1059\n do_writev+0x154/0x2e0 fs/read_write.c:1105\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f636479c629\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffffd4241c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: 00007f6364a15fa0 RCX: 00007f636479c629\nRDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000003\nRBP: 00007f6364832b39 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007f6364a15fac R14: 00007f6364a15fa0 R15: 00007f6364a15fa0\n \u003c/TASK\u003e\n\n[1]: https://lore.kernel.org/all/20260226201600.222044-1-alice.kernel@fastmail.im/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43080",
"url": "https://www.suse.com/security/cve/CVE-2026-43080"
},
{
"category": "external",
"summary": "SUSE Bug 1264236 for CVE-2026-43080",
"url": "https://bugzilla.suse.com/1264236"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43080"
},
{
"cve": "CVE-2026-43081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43081"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix GENERIC_CMD register field masks for IPA v5.0+\n\nFix the field masks to match the hardware layout documented in\ndownstream GSI (GSI_V3_0_EE_n_GSI_EE_GENERIC_CMD_*).\n\nNotably this fixes a WARN I was seeing when I tried to send \"stop\"\nto the MPSS remoteproc while IPA was up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43081",
"url": "https://www.suse.com/security/cve/CVE-2026-43081"
},
{
"category": "external",
"summary": "SUSE Bug 1264241 for CVE-2026-43081",
"url": "https://bugzilla.suse.com/1264241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43081"
},
{
"cve": "CVE-2026-43083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ioam6: fix OOB and missing lock\n\nWhen trace-\u003etype.bit6 is set:\n\n if (trace-\u003etype.bit6) {\n ...\n queue = skb_get_tx_queue(dev, skb);\n qdisc = rcu_dereference(queue-\u003eqdisc);\n\nThis code can lead to an out-of-bounds access of the dev-\u003e_tx[] array\nwhen is_input is true. In such a case, the packet is on the RX path and\nskb-\u003equeue_mapping contains the RX queue index of the ingress device. If\nthe ingress device has more RX queues than the egress device (dev) has\nTX queues, skb_get_queue_mapping(skb) will exceed dev-\u003enum_tx_queues.\nAdd a check to avoid this situation since skb_get_tx_queue() does not\nclamp the index. This issue has also revealed that per queue visibility\ncannot be accurate and will be replaced later as a new feature.\n\nWhile at it, add missing lock around qdisc_qstats_qlen_backlog(). The\nfunction __ioam6_fill_trace_data() is called from both softirq and\nprocess contexts, hence the use of spin_lock_bh() here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43083",
"url": "https://www.suse.com/security/cve/CVE-2026-43083"
},
{
"category": "external",
"summary": "SUSE Bug 1264266 for CVE-2026-43083",
"url": "https://bugzilla.suse.com/1264266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43083"
},
{
"cve": "CVE-2026-43085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator\n\nWhen batching multiple NFLOG messages (inst-\u003eqlen \u003e 1), __nfulnl_send()\nappends an NLMSG_DONE terminator with sizeof(struct nfgenmsg) payload via\nnlmsg_put(), but never initializes the nfgenmsg bytes. The nlmsg_put()\nhelper only zeroes alignment padding after the payload, not the payload\nitself, so four bytes of stale kernel heap data are leaked to userspace\nin the NLMSG_DONE message body.\n\nUse nfnl_msg_put() to build the NLMSG_DONE terminator, which initializes\nthe nfgenmsg payload via nfnl_fill_hdr(), consistent with how\n__build_packet_message() already constructs NFULNL_MSG_PACKET headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43085",
"url": "https://www.suse.com/security/cve/CVE-2026-43085"
},
{
"category": "external",
"summary": "SUSE Bug 1264230 for CVE-2026-43085",
"url": "https://bugzilla.suse.com/1264230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43085"
},
{
"cve": "CVE-2026-43086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix NULL deref in ip_vs_add_service error path\n\nWhen ip_vs_bind_scheduler() succeeds in ip_vs_add_service(), the local\nvariable sched is set to NULL. If ip_vs_start_estimator() subsequently\nfails, the out_err cleanup calls ip_vs_unbind_scheduler(svc, sched)\nwith sched == NULL. ip_vs_unbind_scheduler() passes the cur_sched NULL\ncheck (because svc-\u003escheduler was set by the successful bind) but then\ndereferences the NULL sched parameter at sched-\u003edone_service, causing a\nkernel panic at offset 0x30 from NULL.\n\n Oops: general protection fault, [..] [#1] PREEMPT SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n RIP: 0010:ip_vs_unbind_scheduler (net/netfilter/ipvs/ip_vs_sched.c:69)\n Call Trace:\n \u003cTASK\u003e\n ip_vs_add_service.isra.0 (net/netfilter/ipvs/ip_vs_ctl.c:1500)\n do_ip_vs_set_ctl (net/netfilter/ipvs/ip_vs_ctl.c:2809)\n nf_setsockopt (net/netfilter/nf_sockopt.c:102)\n [..]\n\nFix by simply not clearing the local sched variable after a successful\nbind. ip_vs_unbind_scheduler() already detects whether a scheduler is\ninstalled via svc-\u003escheduler, and keeping sched non-NULL ensures the\nerror path passes the correct pointer to both ip_vs_unbind_scheduler()\nand ip_vs_scheduler_put().\n\nWhile the bug is older, the problem popups in more recent kernels (6.2),\nwhen the new error path is taken after the ip_vs_start_estimator() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43086",
"url": "https://www.suse.com/security/cve/CVE-2026-43086"
},
{
"category": "external",
"summary": "SUSE Bug 1264286 for CVE-2026-43086",
"url": "https://bugzilla.suse.com/1264286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43086"
},
{
"cve": "CVE-2026-43089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43089"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm_user: fix info leak in build_mapping()\n\nstruct xfrm_usersa_id has a one-byte padding hole after the proto\nfield, which ends up never getting set to zero before copying out to\nuserspace. Fix that up by zeroing out the whole structure before\nsetting individual variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43089",
"url": "https://www.suse.com/security/cve/CVE-2026-43089"
},
{
"category": "external",
"summary": "SUSE Bug 1264261 for CVE-2026-43089",
"url": "https://bugzilla.suse.com/1264261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43089"
},
{
"cve": "CVE-2026-43093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: tighten UMEM headroom validation to account for tailroom and min frame\n\nThe current headroom validation in xdp_umem_reg() could leave us with\ninsufficient space dedicated to even receive minimum-sized ethernet\nframe. Furthermore if multi-buffer would come to play then\nskb_shared_info stored at the end of XSK frame would be corrupted.\n\nHW typically works with 128-aligned sizes so let us provide this value\nas bare minimum.\n\nMulti-buffer setting is known later in the configuration process so\nbesides accounting for 128 bytes, let us also take care of tailroom space\nupfront.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43093",
"url": "https://www.suse.com/security/cve/CVE-2026-43093"
},
{
"category": "external",
"summary": "SUSE Bug 1264254 for CVE-2026-43093",
"url": "https://bugzilla.suse.com/1264254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43093"
},
{
"cve": "CVE-2026-43094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nixgbevf: add missing negotiate_features op to Hyper-V ops table\n\nCommit a7075f501bd3 (\"ixgbevf: fix mailbox API compatibility by\nnegotiating supported features\") added the .negotiate_features callback\nto ixgbe_mac_operations and populated it in ixgbevf_mac_ops, but forgot\nto add it to ixgbevf_hv_mac_ops. This leaves the function pointer NULL\non Hyper-V VMs.\n\nDuring probe, ixgbevf_negotiate_api() calls ixgbevf_set_features(),\nwhich unconditionally dereferences hw-\u003emac.ops.negotiate_features().\nOn Hyper-V this results in a NULL pointer dereference:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n [...]\n Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine [...]\n Workqueue: events work_for_cpu_fn\n RIP: 0010:0x0\n [...]\n Call Trace:\n ixgbevf_negotiate_api+0x66/0x160 [ixgbevf]\n ixgbevf_sw_init+0xe4/0x1f0 [ixgbevf]\n ixgbevf_probe+0x20f/0x4a0 [ixgbevf]\n local_pci_probe+0x50/0xa0\n work_for_cpu_fn+0x1a/0x30\n [...]\n\nAdd ixgbevf_hv_negotiate_features_vf() that returns -EOPNOTSUPP and\nwire it into ixgbevf_hv_mac_ops. The caller already handles -EOPNOTSUPP\ngracefully.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43094",
"url": "https://www.suse.com/security/cve/CVE-2026-43094"
},
{
"category": "external",
"summary": "SUSE Bug 1264231 for CVE-2026-43094",
"url": "https://bugzilla.suse.com/1264231"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43094"
},
{
"cve": "CVE-2026-43101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()\n\nWe need to check __in6_dev_get() for possible NULL value, as\nsuggested by Yiming Qian.\n\nAlso add skb_dst_dev_rcu() instead of skb_dst_dev(),\nand two missing READ_ONCE().\n\nNote that @dev can\u0027t be NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43101",
"url": "https://www.suse.com/security/cve/CVE-2026-43101"
},
{
"category": "external",
"summary": "SUSE Bug 1264239 for CVE-2026-43101",
"url": "https://bugzilla.suse.com/1264239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43101"
},
{
"cve": "CVE-2026-43107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43107"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: account XFRMA_IF_ID in aevent size calculation\n\nxfrm_get_ae() allocates the reply skb with xfrm_aevent_msgsize(), then\nbuild_aevent() appends attributes including XFRMA_IF_ID when x-\u003eif_id is\nset.\n\nxfrm_aevent_msgsize() does not include space for XFRMA_IF_ID. For states\nwith if_id, build_aevent() can fail with -EMSGSIZE and hit BUG_ON(err \u003c 0)\nin xfrm_get_ae(), turning a malformed netlink interaction into a kernel\npanic.\n\nAccount XFRMA_IF_ID in the size calculation unconditionally and replace\nthe BUG_ON with normal error unwinding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43107",
"url": "https://www.suse.com/security/cve/CVE-2026-43107"
},
{
"category": "external",
"summary": "SUSE Bug 1264258 for CVE-2026-43107",
"url": "https://bugzilla.suse.com/1264258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43107"
},
{
"cve": "CVE-2026-43112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43112",
"url": "https://www.suse.com/security/cve/CVE-2026-43112"
},
{
"category": "external",
"summary": "SUSE Bug 1264437 for CVE-2026-43112",
"url": "https://bugzilla.suse.com/1264437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43112"
},
{
"cve": "CVE-2026-43119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status\n\n__hci_cmd_sync_sk() sets hdev-\u003ereq_status under hdev-\u003ereq_lock:\n\n hdev-\u003ereq_status = HCI_REQ_PEND;\n\nHowever, several other functions read or write hdev-\u003ereq_status without\nholding any lock:\n\n - hci_send_cmd_sync() reads req_status in hci_cmd_work (workqueue)\n - hci_cmd_sync_complete() reads/writes from HCI event completion\n - hci_cmd_sync_cancel() / hci_cmd_sync_cancel_sync() read/write\n - hci_abort_conn() reads in connection abort path\n\nSince __hci_cmd_sync_sk() runs on hdev-\u003ereq_workqueue while\nhci_send_cmd_sync() runs on hdev-\u003eworkqueue, these are different\nworkqueues that can execute concurrently on different CPUs. The plain\nC accesses constitute a data race.\n\nAdd READ_ONCE()/WRITE_ONCE() annotations on all concurrent accesses\nto hdev-\u003ereq_status to prevent potential compiler optimizations that\ncould affect correctness (e.g., load fusing in the wait_event\ncondition or store reordering).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43119",
"url": "https://www.suse.com/security/cve/CVE-2026-43119"
},
{
"category": "external",
"summary": "SUSE Bug 1264561 for CVE-2026-43119",
"url": "https://bugzilla.suse.com/1264561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43119"
},
{
"cve": "CVE-2026-43128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43128"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umem: Fix double dma_buf_unpin in failure path\n\nIn ib_umem_dmabuf_get_pinned_with_dma_device(), the call to\nib_umem_dmabuf_map_pages() can fail. If this occurs, the dmabuf\nis immediately unpinned but the umem_dmabuf-\u003epinned flag is still\nset. Then, when ib_umem_release() is called, it calls\nib_umem_dmabuf_revoke() which will call dma_buf_unpin() again.\n\nFix this by removing the immediate unpin upon failure and just let\nthe ib_umem_release/revoke path handle it. This also ensures the\nproper unmap-unpin unwind ordering if the dmabuf_map_pages call\nhappened to fail due to dma_resv_wait_timeout (and therefore has\na non-NULL umem_dmabuf-\u003esgt).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43128",
"url": "https://www.suse.com/security/cve/CVE-2026-43128"
},
{
"category": "external",
"summary": "SUSE Bug 1264612 for CVE-2026-43128",
"url": "https://bugzilla.suse.com/1264612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43128"
},
{
"cve": "CVE-2026-43139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm6: fix uninitialized saddr in xfrm6_get_saddr()\n\nxfrm6_get_saddr() does not check the return value of\nipv6_dev_get_saddr(). When ipv6_dev_get_saddr() fails to find a suitable\nsource address (returns -EADDRNOTAVAIL), saddr-\u003ein6 is left\nuninitialized, but xfrm6_get_saddr() still returns 0 (success).\n\nThis causes the caller xfrm_tmpl_resolve_one() to use the uninitialized\naddress in xfrm_state_find(), triggering KMSAN warning:\n\n=====================================================\nBUG: KMSAN: uninit-value in xfrm_state_find+0x2424/0xa940\n xfrm_state_find+0x2424/0xa940\n xfrm_resolve_and_create_bundle+0x906/0x5a20\n xfrm_lookup_with_ifid+0xcc0/0x3770\n xfrm_lookup_route+0x63/0x2b0\n ip_route_output_flow+0x1ce/0x270\n udp_sendmsg+0x2ce1/0x3400\n inet_sendmsg+0x1ef/0x2a0\n __sock_sendmsg+0x278/0x3d0\n __sys_sendto+0x593/0x720\n __x64_sys_sendto+0x130/0x200\n x64_sys_call+0x332b/0x3e70\n do_syscall_64+0xd3/0xf80\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nLocal variable tmp.i.i created at:\n xfrm_resolve_and_create_bundle+0x3e3/0x5a20\n xfrm_lookup_with_ifid+0xcc0/0x3770\n=====================================================\n\nFix by checking the return value of ipv6_dev_get_saddr() and propagating\nthe error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43139",
"url": "https://www.suse.com/security/cve/CVE-2026-43139"
},
{
"category": "external",
"summary": "SUSE Bug 1264294 for CVE-2026-43139",
"url": "https://bugzilla.suse.com/1264294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43139"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nEFI/CPER: don\u0027t dump the entire memory region\n\nThe current logic at cper_print_fw_err() doesn\u0027t check if the\nerror record length is big enough to handle offset. On a bad firmware,\nif the ofset is above the actual record, length -= offset will\nunderflow, making it dump the entire memory.\n\nThe end result can be:\n\n - the logic taking a lot of time dumping large regions of memory;\n - data disclosure due to the memory dumps;\n - an OOPS, if it tries to dump an unmapped memory region.\n\nFix it by checking if the section length is too small before doing\na hex dump.\n\n[ rjw: Subject tweaks ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43171",
"url": "https://www.suse.com/security/cve/CVE-2026-43171"
},
{
"category": "external",
"summary": "SUSE Bug 1264549 for CVE-2026-43171",
"url": "https://bugzilla.suse.com/1264549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43171"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43233"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_h323: fix OOB read in decode_choice()\n\nIn decode_choice(), the boundary check before get_len() uses the\nvariable `len`, which is still 0 from its initialization at the top of\nthe function:\n\n unsigned int type, ext, len = 0;\n ...\n if (ext || (son-\u003eattr \u0026 OPEN)) {\n BYTE_ALIGN(bs);\n if (nf_h323_error_boundary(bs, len, 0)) /* len is 0 here */\n return H323_ERROR_BOUND;\n len = get_len(bs); /* OOB read */\n\nWhen the bitstream is exactly consumed (bs-\u003ecur == bs-\u003eend), the check\nnf_h323_error_boundary(bs, 0, 0) evaluates to (bs-\u003ecur + 0 \u003e bs-\u003eend),\nwhich is false. The subsequent get_len() call then dereferences\n*bs-\u003ecur++, reading 1 byte past the end of the buffer. If that byte\nhas bit 7 set, get_len() reads a second byte as well.\n\nThis can be triggered remotely by sending a crafted Q.931 SETUP message\nwith a User-User Information Element containing exactly 2 bytes of\nPER-encoded data ({0x08, 0x00}) to port 1720 through a firewall with\nthe nf_conntrack_h323 helper active. The decoder fully consumes the\nPER buffer before reaching this code path, resulting in a 1-2 byte\nheap-buffer-overflow read confirmed by AddressSanitizer.\n\nFix this by checking for 2 bytes (the maximum that get_len() may read)\ninstead of the uninitialized `len`. This matches the pattern used at\nevery other get_len() call site in the same file, where the caller\nchecks for 2 bytes of available data before calling get_len().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43233",
"url": "https://www.suse.com/security/cve/CVE-2026-43233"
},
{
"category": "external",
"summary": "SUSE Bug 1264337 for CVE-2026-43233",
"url": "https://bugzilla.suse.com/1264337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43233"
},
{
"cve": "CVE-2026-43238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43238"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash()\n\nCommit 38a6f0865796 (\"net: sched: support hash selecting tx queue\")\nadded SKBEDIT_F_TXQ_SKBHASH support. The inclusive range size is\ncomputed as:\n\nmapping_mod = queue_mapping_max - queue_mapping + 1;\n\nThe range size can be 65536 when the requested range covers all possible\nu16 queue IDs (e.g. queue_mapping=0 and queue_mapping_max=U16_MAX).\nThat value cannot be represented in a u16 and previously wrapped to 0,\nso tcf_skbedit_hash() could trigger a divide-by-zero:\n\nqueue_mapping += skb_get_hash(skb) % params-\u003emapping_mod;\n\nCompute mapping_mod in a wider type and reject ranges larger than U16_MAX\nto prevent params-\u003emapping_mod from becoming 0 and avoid the crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43238",
"url": "https://www.suse.com/security/cve/CVE-2026-43238"
},
{
"category": "external",
"summary": "SUSE Bug 1264320 for CVE-2026-43238",
"url": "https://bugzilla.suse.com/1264320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43238"
},
{
"cve": "CVE-2026-43239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: prevent races in -\u003equery_interfaces()\n\nIt was possible for two query interface works to be concurrently trying\nto update the interfaces.\n\nPrevent this by checking and updating iface_last_update under\niface_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43239",
"url": "https://www.suse.com/security/cve/CVE-2026-43239"
},
{
"category": "external",
"summary": "SUSE Bug 1264444 for CVE-2026-43239",
"url": "https://bugzilla.suse.com/1264444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43239"
},
{
"cve": "CVE-2026-43284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: esp: avoid in-place decrypt on shared skb frags\n\nMSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP\nmarks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(),\nso later paths that may modify packet data can first make a private\ncopy. The IPv4/IPv6 datagram append paths did not set this flag when\nsplicing pages into UDP skbs.\n\nThat leaves an ESP-in-UDP packet made from shared pipe pages looking\nlike an ordinary uncloned nonlinear skb. ESP input then takes the no-COW\nfast path for uncloned skbs without a frag_list and decrypts in place\nover data that is not owned privately by the skb.\n\nMark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching\nTCP. Also make ESP input fall back to skb_cow_data() when the flag is\npresent, so ESP does not decrypt externally backed frags in place.\nPrivate nonlinear skb frags still use the existing fast path.\n\nThis intentionally does not change ESP output. In esp_output_head(),\nthe path that appends the ESP trailer to existing skb tailroom without\ncalling skb_cow_data() is not reachable for nonlinear skbs:\nskb_tailroom() returns zero when skb-\u003edata_len is nonzero, while ESP\ntailen is positive. Thus ESP output will either use the separate\ndestination-frag path or fall back to skb_cow_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43284",
"url": "https://www.suse.com/security/cve/CVE-2026-43284"
},
{
"category": "external",
"summary": "SUSE Bug 1264449 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "external",
"summary": "SUSE Bug 1264459 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264459"
},
{
"category": "external",
"summary": "SUSE Bug 1265383 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1265383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-43284"
},
{
"cve": "CVE-2026-43303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/page_alloc: clear page-\u003eprivate in free_pages_prepare()\n\nSeveral subsystems (slub, shmem, ttm, etc.) use page-\u003eprivate but don\u0027t\nclear it before freeing pages. When these pages are later allocated as\nhigh-order pages and split via split_page(), tail pages retain stale\npage-\u003eprivate values.\n\nThis causes a use-after-free in the swap subsystem. The swap code uses\npage-\u003eprivate to track swap count continuations, assuming freshly\nallocated pages have page-\u003eprivate == 0. When stale values are present,\nswap_count_continued() incorrectly assumes the continuation list is valid\nand iterates over uninitialized page-\u003elru containing LIST_POISON values,\ncausing a crash:\n\n KASAN: maybe wild-memory-access in range [0xdead000000000100-0xdead000000000107]\n RIP: 0010:__do_sys_swapoff+0x1151/0x1860\n\nFix this by clearing page-\u003eprivate in free_pages_prepare(), ensuring all\nfreed pages have clean state regardless of previous use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43303",
"url": "https://www.suse.com/security/cve/CVE-2026-43303"
},
{
"category": "external",
"summary": "SUSE Bug 1264974 for CVE-2026-43303",
"url": "https://bugzilla.suse.com/1264974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43303"
},
{
"cve": "CVE-2026-43336",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43336"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/crypto: chacha: Zeroize permuted_state before it leaves scope\n\nSince the ChaCha permutation is invertible, the local variable\n\u0027permuted_state\u0027 is sufficient to compute the original \u0027state\u0027, and thus\nthe key, even after the permutation has been done.\n\nWhile the kernel is quite inconsistent about zeroizing secrets on the\nstack (and some prominent userspace crypto libraries don\u0027t bother at all\nsince it\u0027s not guaranteed to work anyway), the kernel does try to do it\nas a best practice, especially in cases involving the RNG.\n\nThus, explicitly zeroize \u0027permuted_state\u0027 before it goes out of scope.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43336",
"url": "https://www.suse.com/security/cve/CVE-2026-43336"
},
{
"category": "external",
"summary": "SUSE Bug 1265113 for CVE-2026-43336",
"url": "https://bugzilla.suse.com/1265113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43336"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix event ring index not programmed for IPA v5.0+\n\nFor IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to\nCH_C_CNTXT_1. The v5.0 register definition intended to define this\nfield in the CH_C_CNTXT_1 fmask array but used the old identifier of\nERINDEX instead of CH_ERINDEX.\n\nWithout a valid event ring, GSI channels could never signal transfer\ncompletions. This caused gsi_channel_trans_quiesce() to block\nforever in wait_for_completion().\n\nAt least for IPA v5.2 this resolves an issue seen where runtime\nsuspend, system suspend, and remoteproc stop all hanged forever. It\nalso meant the IPA data path was completely non functional.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43345",
"url": "https://www.suse.com/security/cve/CVE-2026-43345"
},
{
"category": "external",
"summary": "SUSE Bug 1265103 for CVE-2026-43345",
"url": "https://bugzilla.suse.com/1265103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43345"
},
{
"cve": "CVE-2026-43405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Use u32 for non-negative values in ceph_monmap_decode()\n\nThis patch fixes unnecessary implicit conversions that change signedness\nof blob_len and num_mon in ceph_monmap_decode().\nCurrently blob_len and num_mon are (signed) int variables. They are used\nto hold values that are always non-negative and get assigned in\nceph_decode_32_safe(), which is meant to assign u32 values. Both\nvariables are subsequently used as unsigned values, and the value of\nnum_mon is further assigned to monmap-\u003enum_mon, which is of type u32.\nTherefore, both variables should be of type u32. This is especially\nrelevant for num_mon. If the value read from the incoming message is\nvery large, it is interpreted as a negative value, and the check for\nnum_mon \u003e CEPH_MAX_MON does not catch it. This leads to the attempt to\nallocate a very large chunk of memory for monmap, which will most likely\nfail. In this case, an unnecessary attempt to allocate memory is\nperformed, and -ENOMEM is returned instead of -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43405",
"url": "https://www.suse.com/security/cve/CVE-2026-43405"
},
{
"category": "external",
"summary": "SUSE Bug 1264741 for CVE-2026-43405",
"url": "https://bugzilla.suse.com/1264741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43405"
},
{
"cve": "CVE-2026-43420",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43420"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix i_nlink underrun during async unlink\n\nDuring async unlink, we drop the `i_nlink` counter before we receive\nthe completion (that will eventually update the `i_nlink`) because \"we\nassume that the unlink will succeed\". That is not a bad idea, but it\nraces against deletions by other clients (or against the completion of\nour own unlink) and can lead to an underrun which emits a WARNING like\nthis one:\n\n WARNING: CPU: 85 PID: 25093 at fs/inode.c:407 drop_nlink+0x50/0x68\n Modules linked in:\n CPU: 85 UID: 3221252029 PID: 25093 Comm: php-cgi8.1 Not tainted 6.14.11-cm4all1-ampere #655\n Hardware name: Supermicro ARS-110M-NR/R12SPD-A, BIOS 1.1b 10/17/2023\n pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : drop_nlink+0x50/0x68\n lr : ceph_unlink+0x6c4/0x720\n sp : ffff80012173bc90\n x29: ffff80012173bc90 x28: ffff086d0a45aaf8 x27: ffff0871d0eb5680\n x26: ffff087f2a64a718 x25: 0000020000000180 x24: 0000000061c88647\n x23: 0000000000000002 x22: ffff07ff9236d800 x21: 0000000000001203\n x20: ffff07ff9237b000 x19: ffff088b8296afc0 x18: 00000000f3c93365\n x17: 0000000000070000 x16: ffff08faffcbdfe8 x15: ffff08faffcbdfec\n x14: 0000000000000000 x13: 45445f65645f3037 x12: 34385f6369706f74\n x11: 0000a2653104bb20 x10: ffffd85f26d73290 x9 : ffffd85f25664f94\n x8 : 00000000000000c0 x7 : 0000000000000000 x6 : 0000000000000002\n x5 : 0000000000000081 x4 : 0000000000000481 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff08727d3f91e8\n Call trace:\n drop_nlink+0x50/0x68 (P)\n vfs_unlink+0xb0/0x2e8\n do_unlinkat+0x204/0x288\n __arm64_sys_unlinkat+0x3c/0x80\n invoke_syscall.constprop.0+0x54/0xe8\n do_el0_svc+0xa4/0xc8\n el0_svc+0x18/0x58\n el0t_64_sync_handler+0x104/0x130\n el0t_64_sync+0x154/0x158\n\nIn ceph_unlink(), a call to ceph_mdsc_submit_request() submits the\nCEPH_MDS_OP_UNLINK to the MDS, but does not wait for completion.\n\nMeanwhile, between this call and the following drop_nlink() call, a\nworker thread may process a CEPH_CAP_OP_IMPORT, CEPH_CAP_OP_GRANT or\njust a CEPH_MSG_CLIENT_REPLY (the latter of which could be our own\ncompletion). These will lead to a set_nlink() call, updating the\n`i_nlink` counter to the value received from the MDS. If that new\n`i_nlink` value happens to be zero, it is illegal to decrement it\nfurther. But that is exactly what ceph_unlink() will do then.\n\nThe WARNING can be reproduced this way:\n\n1. Force async unlink; only the async code path is affected. Having\n no real clue about Ceph internals, I was unable to find out why the\n MDS wouldn\u0027t give me the \"Fxr\" capabilities, so I patched\n get_caps_for_async_unlink() to always succeed.\n\n (Note that the WARNING dump above was found on an unpatched kernel,\n without this kludge - this is not a theoretical bug.)\n\n2. Add a sleep call after ceph_mdsc_submit_request() so the unlink\n completion gets handled by a worker thread before drop_nlink() is\n called. This guarantees that the `i_nlink` is already zero before\n drop_nlink() runs.\n\nThe solution is to skip the counter decrement when it is already zero,\nbut doing so without a lock is still racy (TOCTOU). Since\nceph_fill_inode() and handle_cap_grant() both hold the\n`ceph_inode_info.i_ceph_lock` spinlock while set_nlink() runs, this\nseems like the proper lock to protect the `i_nlink` updates.\n\nI found prior art in NFS and SMB (using `inode.i_lock`) and AFS (using\n`afs_vnode.cb_lock`). All three have the zero check as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43420",
"url": "https://www.suse.com/security/cve/CVE-2026-43420"
},
{
"category": "external",
"summary": "SUSE Bug 1264814 for CVE-2026-43420",
"url": "https://bugzilla.suse.com/1264814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43420"
},
{
"cve": "CVE-2026-43456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix type confusion in bond_setup_by_slave()\n\nkernel BUG at net/core/skbuff.c:2306!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nRIP: 0010:pskb_expand_head+0xa08/0xfe0 net/core/skbuff.c:2306\nRSP: 0018:ffffc90004aff760 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffff88807e3c8780 RCX: ffffffff89593e0e\nRDX: ffff88807b7c4900 RSI: ffffffff89594747 RDI: ffff88807b7c4900\nRBP: 0000000000000820 R08: 0000000000000005 R09: 0000000000000000\nR10: 00000000961a63e0 R11: 0000000000000000 R12: ffff88807e3c8780\nR13: 00000000961a6560 R14: dffffc0000000000 R15: 00000000961a63e0\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe1a0ed8df0 CR3: 000000002d816000 CR4: 00000000003526f0\nCall Trace:\n \u003cTASK\u003e\n ipgre_header+0xdd/0x540 net/ipv4/ip_gre.c:900\n dev_hard_header include/linux/netdevice.h:3439 [inline]\n packet_snd net/packet/af_packet.c:3028 [inline]\n packet_sendmsg+0x3ae5/0x53c0 net/packet/af_packet.c:3108\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n ____sys_sendmsg+0xa54/0xc30 net/socket.c:2592\n ___sys_sendmsg+0x190/0x1e0 net/socket.c:2646\n __sys_sendmsg+0x170/0x220 net/socket.c:2678\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe1a0e6c1a9\n\nWhen a non-Ethernet device (e.g. GRE tunnel) is enslaved to a bond,\nbond_setup_by_slave() directly copies the slave\u0027s header_ops to the\nbond device:\n\n bond_dev-\u003eheader_ops = slave_dev-\u003eheader_ops;\n\nThis causes a type confusion when dev_hard_header() is later called\non the bond device. Functions like ipgre_header(), ip6gre_header(),all use\nnetdev_priv(dev) to access their device-specific private data. When\ncalled with the bond device, netdev_priv() returns the bond\u0027s private\ndata (struct bonding) instead of the expected type (e.g. struct\nip_tunnel), leading to garbage values being read and kernel crashes.\n\nFix this by introducing bond_header_ops with wrapper functions that\ndelegate to the active slave\u0027s header_ops using the slave\u0027s own\ndevice. This ensures netdev_priv() in the slave\u0027s header functions\nalways receives the correct device.\n\nThe fix is placed in the bonding driver rather than individual device\ndrivers, as the root cause is bond blindly inheriting header_ops from\nthe slave without considering that these callbacks expect a specific\nnetdev_priv() layout.\n\nThe type confusion can be observed by adding a printk in\nipgre_header() and running the following commands:\n\n ip link add dummy0 type dummy\n ip addr add 10.0.0.1/24 dev dummy0\n ip link set dummy0 up\n ip link add gre1 type gre local 10.0.0.1\n ip link add bond1 type bond mode active-backup\n ip link set gre1 master bond1\n ip link set gre1 up\n ip link set bond1 up\n ip addr add fe80::1/64 dev bond1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43456",
"url": "https://www.suse.com/security/cve/CVE-2026-43456"
},
{
"category": "external",
"summary": "SUSE Bug 1264734 for CVE-2026-43456",
"url": "https://bugzilla.suse.com/1264734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43456"
},
{
"cve": "CVE-2026-43469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: Decrement re_receiving on the early exit paths\n\nIn the event that rpcrdma_post_recvs() fails to create a work request\n(due to memory allocation failure, say) or otherwise exits early, we\nshould decrement ep-\u003ere_receiving before returning. Otherwise we will\nhang in rpcrdma_xprt_drain() as re_receiving will never reach zero and\nthe completion will never be triggered.\n\nOn a system with high memory pressure, this can appear as the following\nhung task:\n\n INFO: task kworker/u385:17:8393 blocked for more than 122 seconds.\n Tainted: G S E 6.19.0 #3\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u385:17 state:D stack:0 pid:8393 tgid:8393 ppid:2 task_flags:0x4248060 flags:0x00080000\n Workqueue: xprtiod xprt_autoclose [sunrpc]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x48b/0x18b0\n ? ib_post_send_mad+0x247/0xae0 [ib_core]\n schedule+0x27/0xf0\n schedule_timeout+0x104/0x110\n __wait_for_common+0x98/0x180\n ? __pfx_schedule_timeout+0x10/0x10\n wait_for_completion+0x24/0x40\n rpcrdma_xprt_disconnect+0x444/0x460 [rpcrdma]\n xprt_rdma_close+0x12/0x40 [rpcrdma]\n xprt_autoclose+0x5f/0x120 [sunrpc]\n process_one_work+0x191/0x3e0\n worker_thread+0x2e3/0x420\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x230\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x273/0x2b0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43469",
"url": "https://www.suse.com/security/cve/CVE-2026-43469"
},
{
"category": "external",
"summary": "SUSE Bug 1265143 for CVE-2026-43469",
"url": "https://bugzilla.suse.com/1265143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43469"
},
{
"cve": "CVE-2026-43472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nunshare: fix unshare_fs() handling\n\nThere\u0027s an unpleasant corner case in unshare(2), when we have a\nCLONE_NEWNS in flags and current-\u003efs hadn\u0027t been shared at all; in that\ncase copy_mnt_ns() gets passed current-\u003efs instead of a private copy,\nwhich causes interesting warts in proof of correctness]\n\n\u003e I guess if private means fs-\u003eusers == 1, the condition could still be true.\n\nUnfortunately, it\u0027s worse than just a convoluted proof of correctness.\nConsider the case when we have CLONE_NEWCGROUP in addition to CLONE_NEWNS\n(and current-\u003efs-\u003eusers == 1).\n\nWe pass current-\u003efs to copy_mnt_ns(), all right. Suppose it succeeds and\nflips current-\u003efs-\u003e{pwd,root} to corresponding locations in the new namespace.\nNow we proceed to copy_cgroup_ns(), which fails (e.g. with -ENOMEM).\nWe call put_mnt_ns() on the namespace created by copy_mnt_ns(), it\u0027s\ndestroyed and its mount tree is dissolved, but... current-\u003efs-\u003eroot and\ncurrent-\u003efs-\u003epwd are both left pointing to now detached mounts.\n\nThey are pinning those, so it\u0027s not a UAF, but it leaves the calling\nprocess with unshare(2) failing with -ENOMEM _and_ leaving it with\npwd and root on detached isolated mounts. The last part is clearly a bug.\n\nThere is other fun related to that mess (races with pivot_root(), including\nthe one between pivot_root() and fork(), of all things), but this one\nis easy to isolate and fix - treat CLONE_NEWNS as \"allocate a new\nfs_struct even if it hadn\u0027t been shared in the first place\". Sure, we could\ngo for something like \"if both CLONE_NEWNS *and* one of the things that might\nend up failing after copy_mnt_ns() call in create_new_namespaces() are set,\nforce allocation of new fs_struct\", but let\u0027s keep it simple - the cost\nof copy_fs_struct() is trivial.\n\nAnother benefit is that copy_mnt_ns() with CLONE_NEWNS *always* gets\na freshly allocated fs_struct, yet to be attached to anything. That\nseriously simplifies the analysis...\n\nFWIW, that bug had been there since the introduction of unshare(2) ;-/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43472",
"url": "https://www.suse.com/security/cve/CVE-2026-43472"
},
{
"category": "external",
"summary": "SUSE Bug 1264748 for CVE-2026-43472",
"url": "https://bugzilla.suse.com/1264748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43472"
},
{
"cve": "CVE-2026-43491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit the maximum server registration per node\n\nCurrent code does no bound checking on the number of servers added per\nnode. A malicious client can flood NEW_SERVER messages and exhaust memory.\n\nFix this issue by limiting the maximum number of server registrations to\n256 per node. If the NEW_SERVER message is received for an old port, then\ndon\u0027t restrict it as it will get replaced. While at it, also rate limit\nthe error messages in the failure path of qrtr_ns_worker().\n\nNote that the limit of 256 is chosen based on the current platform\nrequirements. If requirement changes in the future, this limit can be\nincreased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43491",
"url": "https://www.suse.com/security/cve/CVE-2026-43491"
},
{
"category": "external",
"summary": "SUSE Bug 1265628 for CVE-2026-43491",
"url": "https://bugzilla.suse.com/1265628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43491"
},
{
"cve": "CVE-2026-43492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()\n\nYiming reports an integer underflow in mpi_read_raw_from_sgl() when\nsubtracting \"lzeros\" from the unsigned \"nbytes\".\n\nFor this to happen, the scatterlist \"sgl\" needs to occupy more bytes\nthan the \"nbytes\" parameter and the first \"nbytes + 1\" bytes of the\nscatterlist must be zero. Under these conditions, the while loop\niterating over the scatterlist will count more zeroes than \"nbytes\",\nsubtract the number of zeroes from \"nbytes\" and cause the underflow.\n\nWhen commit 2d4d1eea540b (\"lib/mpi: Add mpi sgl helpers\") originally\nintroduced the bug, it couldn\u0027t be triggered because all callers of\nmpi_read_raw_from_sgl() passed a scatterlist whose length was equal to\n\"nbytes\".\n\nHowever since commit 63ba4d67594a (\"KEYS: asymmetric: Use new crypto\ninterface without scatterlists\"), the underflow can now actually be\ntriggered. When invoking a KEYCTL_PKEY_ENCRYPT system call with a\nlarger \"out_len\" than \"in_len\" and filling the \"in\" buffer with zeroes,\ncrypto_akcipher_sync_prep() will create an all-zero scatterlist used for\nboth the \"src\" and \"dst\" member of struct akcipher_request and thereby\nfulfil the conditions to trigger the bug:\n\n sys_keyctl()\n keyctl_pkey_e_d_s()\n asymmetric_key_eds_op()\n software_key_eds_op()\n crypto_akcipher_sync_encrypt()\n crypto_akcipher_sync_prep()\n crypto_akcipher_encrypt()\n rsa_enc()\n mpi_read_raw_from_sgl()\n\nTo the user this will be visible as a DoS as the kernel spins forever,\ncausing soft lockup splats as a side effect.\n\nFix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43492",
"url": "https://www.suse.com/security/cve/CVE-2026-43492"
},
{
"category": "external",
"summary": "SUSE Bug 1265629 for CVE-2026-43492",
"url": "https://bugzilla.suse.com/1265629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43492"
},
{
"cve": "CVE-2026-43502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43502"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: handle zerocopy send cleanup before the message is queued\n\nA zerocopy send can fail after user pages have been pinned but before\nthe message is attached to the sending socket.\n\nThe purge path currently infers zerocopy state from rm-\u003em_rs, so an\nunqueued message can be cleaned up as if it owned normal payload pages.\nHowever, zerocopy ownership is really determined by the presence of\nop_mmp_znotifier, regardless of whether the message has reached the\nsocket queue.\n\nCapture op_mmp_znotifier up front in rds_message_purge() and use it as\nthe cleanup discriminator. If the message is already associated with a\nsocket, keep the existing completion path. Otherwise, drop the pinned\npage accounting directly and release the notifier before putting the\npayload pages.\n\nThis keeps early send failure cleanup consistent with the zerocopy\nlifetime rules without changing the normal queued completion path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43502",
"url": "https://www.suse.com/security/cve/CVE-2026-43502"
},
{
"category": "external",
"summary": "SUSE Bug 1266008 for CVE-2026-43502",
"url": "https://bugzilla.suse.com/1266008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-43502"
},
{
"cve": "CVE-2026-45838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix end-of-list detection in cgroup_storage_get_next_key()\n\nlist_next_entry() never returns NULL -- when the current element is the\nlast entry it wraps to the list head via container_of(). The subsequent\nNULL check is therefore dead code and get_next_key() never returns\n-ENOENT for the last element, instead reading storage-\u003ekey from a bogus\npointer that aliases internal map fields and copying the result to\nuserspace.\n\nReplace it with list_entry_is_head() so the function correctly returns\n-ENOENT when there are no more entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45838",
"url": "https://www.suse.com/security/cve/CVE-2026-45838"
},
{
"category": "external",
"summary": "SUSE Bug 1266396 for CVE-2026-45838",
"url": "https://bugzilla.suse.com/1266396"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45838"
},
{
"cve": "CVE-2026-45840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: cap upcall PID array size and pre-size vport replies\n\nThe vport netlink reply helpers allocate a fixed-size skb with\nnlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\narray via ovs_vport_get_upcall_portids(). Since\novs_vport_set_upcall_portids() accepts any non-zero multiple of\nsizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\narray large enough to overflow the reply buffer, causing nla_put() to\nfail with -EMSGSIZE and hitting BUG_ON(err \u003c 0). On systems with\nunprivileged user namespaces enabled (e.g., Ubuntu default), this is\nreachable via unshare -Urn since OVS vport mutation operations use\nGENL_UNS_ADMIN_PERM.\n\n kernel BUG at net/openvswitch/datapath.c:2414!\n Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n genl_rcv_msg (net/netlink/genetlink.c:1194)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sys_sendto (net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nReject attempts to set more PIDs than nr_cpu_ids in\novs_vport_set_upcall_portids(), and pre-compute the worst-case reply\nsize in ovs_vport_cmd_msg_size() based on that bound, similar to the\nexisting ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\nused by the per-CPU dispatch configuration on the datapath side\n(ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\ntwo sides stay consistent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45840",
"url": "https://www.suse.com/security/cve/CVE-2026-45840"
},
{
"category": "external",
"summary": "SUSE Bug 1266397 for CVE-2026-45840",
"url": "https://bugzilla.suse.com/1266397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45840"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix NULL sock in aa_sock_file_perm\n\nDeal with the potential that sock and sock-sk can be NULL during\nsocket setup or teardown. This could lead to an oops. The fix for NULL\npointer dereference in __unix_needs_revalidation shows this is at\nleast possible for af_unix sockets. While the fix for af_unix sockets\napplies for newer mediation this is still the fall back path for older\naf_unix mediation and other sockets, so ensure it is covered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45848",
"url": "https://www.suse.com/security/cve/CVE-2026-45848"
},
{
"category": "external",
"summary": "SUSE Bug 1266734 for CVE-2026-45848",
"url": "https://bugzilla.suse.com/1266734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45848"
},
{
"cve": "CVE-2026-45862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Flush cache for PASID table before using it\n\nWhen writing the address of a freshly allocated zero-initialized PASID\ntable to a PASID directory entry, do that after the CPU cache flush for\nthis PASID table, not before it, to avoid the time window when this\nPASID table may be already used by non-coherent IOMMU hardware while\nits contents in RAM is still some random old data, not zero-initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45862",
"url": "https://www.suse.com/security/cve/CVE-2026-45862"
},
{
"category": "external",
"summary": "SUSE Bug 1266705 for CVE-2026-45862",
"url": "https://bugzilla.suse.com/1266705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45862"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix double free issue for tx spare buffer\n\nIn hns3_set_ringparam(), a temporary copy (tmp_rings) of the ring structure\nis created for rollback. However, the tx_spare pointer in the original\nring handle is incorrectly left pointing to the old backup memory.\n\nLater, if memory allocation fails in hns3_init_all_ring() during the setup,\nthe error path attempts to free all newly allocated rings. Since tx_spare\ncontains a stale (non-NULL) pointer from the backup, it is mistaken for\na newly allocated buffer and is erroneously freed, leading to a double-free\nof the backup memory.\n\nThe root cause is that the tx_spare field was not cleared after its value\nwas saved in tmp_rings, leaving a dangling pointer.\n\nFix this by setting tx_spare to NULL in the original ring structure\nwhen the creation of the new `tx_spare` fails. This ensures the\nerror cleanup path only frees genuinely newly allocated buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45891",
"url": "https://www.suse.com/security/cve/CVE-2026-45891"
},
{
"category": "external",
"summary": "SUSE Bug 1266717 for CVE-2026-45891",
"url": "https://bugzilla.suse.com/1266717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45891"
},
{
"cve": "CVE-2026-45894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clear Present bit before tearing down PASID entry\n\nThe Intel VT-d Scalable Mode PASID table entry consists of 512 bits (64\nbytes). When tearing down an entry, the current implementation zeros the\nentire 64-byte structure immediately using multiple 64-bit writes.\n\nSince the IOMMU hardware may fetch these 64 bytes using multiple\ninternal transactions (e.g., four 128-bit bursts), updating or zeroing\nthe entire entry while it is active (P=1) risks a \"torn\" read. If a\nhardware fetch occurs simultaneously with the CPU zeroing the entry, the\nhardware could observe an inconsistent state, leading to unpredictable\nbehavior or spurious faults.\n\nFollow the \"Guidance to Software for Invalidations\" in the VT-d spec\n(Section 6.5.3.3) by implementing the recommended ownership handshake:\n\n1. Clear only the \u0027Present\u0027 (P) bit of the PASID entry.\n2. Use a dma_wmb() to ensure the cleared bit is visible to hardware\n before proceeding.\n3. Execute the required invalidation sequence (PASID cache, IOTLB, and\n Device-TLB flush) to ensure the hardware has released all cached\n references.\n4. Only after the flushes are complete, zero out the remaining fields\n of the PASID entry.\n\nAlso, add a dma_wmb() in pasid_set_present() to ensure that all other\nfields of the PASID entry are visible to the hardware before the Present\nbit is set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45894",
"url": "https://www.suse.com/security/cve/CVE-2026-45894"
},
{
"category": "external",
"summary": "SUSE Bug 1266895 for CVE-2026-45894",
"url": "https://bugzilla.suse.com/1266895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45894"
},
{
"cve": "CVE-2026-45912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don\u0027t cache extent during splitting extent\n\nCaching extents during the splitting process is risky, as it may result\nin stale extents remaining in the status tree. Moreover, in most cases,\nthe corresponding extent block entries are likely already cached before\nthe split happens, making caching here not particularly useful.\n\nAssume we have an unwritten extent, and then DIO writes the first half.\n\n [UUUUUUUUUUUUUUUU] on-disk extent U: unwritten extent\n [UUUUUUUUUUUUUUUU] extent status tree\n |\u003c- -\u003e| ----\u003e dio write this range\n\nFirst, when ext4_split_extent_at() splits this extent, it truncates the\nexisting extent and then inserts a new one. During this process, this\nextent status entry may be shrunk, and calls to ext4_find_extent() and\next4_cache_extents() may occur, which could potentially insert the\ntruncated range as a hole into the extent status tree. After the split\nis completed, this hole is not replaced with the correct status.\n\n [UUUUUUU|UUUUUUUU] on-disk extent U: unwritten extent\n [UUUUUUU|HHHHHHHH] extent status tree H: hole\n\nThen, the outer calling functions will not correct this remaining hole\nextent either. Finally, if we perform a delayed buffer write on this\nlatter part, it will re-insert the delayed extent and cause an error in\nspace accounting.\n\nIn adition, if the unwritten extent cache is not shrunk during the\nsplitting, ext4_cache_extents() also conflicts with existing extents\nwhen caching extents. In the future, we will add checks when caching\nextents, which will trigger a warning. Therefore, Do not cache extents\nthat are being split.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45912",
"url": "https://www.suse.com/security/cve/CVE-2026-45912"
},
{
"category": "external",
"summary": "SUSE Bug 1266899 for CVE-2026-45912",
"url": "https://bugzilla.suse.com/1266899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45912"
},
{
"cve": "CVE-2026-45940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix oops when split header is enabled\n\nFor GMAC4, when split header is enabled, in some rare cases, the\nhardware does not fill buf2 of the first descriptor with payload.\nThus we cannot assume buf2 is always fully filled if it is not\nthe last descriptor. Otherwise, the length of buf2 of the second\ndescriptor will be calculated wrong and cause an oops:\n\nUnable to handle kernel paging request at virtual address ffff00019246bfc0\n...\nx2 : 0000000000000040 x1 : ffff00019246bfc0 x0 : ffff00009246c000\nCall trace:\n dcache_inval_poc+0x28/0x58 (P)\n dma_direct_sync_single_for_cpu+0x38/0x6c\n __dma_sync_single_for_cpu+0x34/0x6c\n stmmac_napi_poll_rx+0x8f0/0xb60\n __napi_poll.constprop.0+0x30/0x144\n net_rx_action+0x160/0x274\n handle_softirqs+0x1b8/0x1fc\n...\n\nTo fix this, the PL bit-field in RDES3 register is used for all\ndescriptors, whether it is the last descriptor or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45940",
"url": "https://www.suse.com/security/cve/CVE-2026-45940"
},
{
"category": "external",
"summary": "SUSE Bug 1266916 for CVE-2026-45940",
"url": "https://bugzilla.suse.com/1266916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45940"
},
{
"cve": "CVE-2026-45948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leak in ext4_ext_shift_extents()\n\nIn ext4_ext_shift_extents(), if the extent is NULL in the while loop, the\nfunction returns immediately without releasing the path obtained via\next4_find_extent(), leading to a memory leak.\n\nFix this by jumping to the out label to ensure the path is properly\nreleased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45948",
"url": "https://www.suse.com/security/cve/CVE-2026-45948"
},
{
"category": "external",
"summary": "SUSE Bug 1266929 for CVE-2026-45948",
"url": "https://bugzilla.suse.com/1266929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45948"
},
{
"cve": "CVE-2026-45961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix memory leaks in gfs2_fill_super error path\n\nFix two memory leaks in the gfs2_fill_super() error handling path when\ntransitioning a filesystem to read-write mode fails.\n\nFirst leak: kthread objects (thread_struct, task_struct, etc.)\nWhen gfs2_freeze_lock_shared() fails after init_threads() succeeds, the\ncreated kernel threads (logd and quotad) are never destroyed. This\noccurs because the fail_per_node label doesn\u0027t call\ngfs2_destroy_threads().\n\nSecond leak: quota bitmap buffer (8192 bytes)\nWhen gfs2_make_fs_rw() fails after gfs2_quota_init() succeeds but\nbefore other operations complete, the allocated quota bitmap is never\nfreed.\n\nThe fix moves thread cleanup to the fail_per_node label to handle all\nerror paths uniformly. gfs2_destroy_threads() is safe to call\nunconditionally as it checks for NULL pointers. Quota cleanup is added\nin gfs2_make_fs_rw() to properly handle the withdrawal case where\nquota initialization succeeds but the filesystem is then withdrawn.\n\nThread leak backtrace (gfs2_freeze_lock_shared failure):\n unreferenced object 0xffff88801d7bca80 (size 4480):\n copy_process+0x3a1/0x4670 kernel/fork.c:2422\n kernel_clone+0xf3/0x6e0 kernel/fork.c:2779\n kthread_create_on_node+0x100/0x150 kernel/kthread.c:478\n init_threads+0xab/0x350 fs/gfs2/ops_fstype.c:611\n gfs2_fill_super+0xe5c/0x1240 fs/gfs2/ops_fstype.c:1265\n\nQuota leak backtrace (gfs2_make_fs_rw failure):\n unreferenced object 0xffff88812de7c000 (size 8192):\n gfs2_quota_init+0xe5/0x820 fs/gfs2/quota.c:1409\n gfs2_make_fs_rw+0x7a/0xe0 fs/gfs2/super.c:149\n gfs2_fill_super+0xfbb/0x1240 fs/gfs2/ops_fstype.c:1275",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45961",
"url": "https://www.suse.com/security/cve/CVE-2026-45961"
},
{
"category": "external",
"summary": "SUSE Bug 1266933 for CVE-2026-45961",
"url": "https://bugzilla.suse.com/1266933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "low"
}
],
"title": "CVE-2026-45961"
},
{
"cve": "CVE-2026-45964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix gss_auth kref leak in gss_alloc_msg error path\n\nCommit 5940d1cf9f42 (\"SUNRPC: Rebalance a kref in auth_gss.c\") added\na kref_get(\u0026gss_auth-\u003ekref) call to balance the gss_put_auth() done\nin gss_release_msg(), but forgot to add a corresponding kref_put()\non the error path when kstrdup_const() fails.\n\nIf service_name is non-NULL and kstrdup_const() fails, the function\njumps to err_put_pipe_version which calls put_pipe_version() and\nkfree(gss_msg), but never releases the gss_auth reference. This leads\nto a kref leak where the gss_auth structure is never freed.\n\nAdd a forward declaration for gss_free_callback() and call kref_put()\nin the err_put_pipe_version error path to properly release the\nreference taken earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45964",
"url": "https://www.suse.com/security/cve/CVE-2026-45964"
},
{
"category": "external",
"summary": "SUSE Bug 1266698 for CVE-2026-45964",
"url": "https://bugzilla.suse.com/1266698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45964"
},
{
"cve": "CVE-2026-45965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix invalid deref of rawdata when export_binary is unset\n\nIf the export_binary parameter is disabled on runtime, profiles that\nwere loaded before that will still have their rawdata stored in\napparmorfs, with a symbolic link to the rawdata on the policy\ndirectory. When one of those profiles are replaced, the rawdata is set\nto NULL, but when trying to resolve the symbolic links to rawdata for\nthat profile, it will try to dereference profile-\u003erawdata-\u003ename when\nprofile-\u003erawdata is now NULL causing an oops. Fix it by checking if\nrawdata is set.\n\n[ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088\n[ 168.657420] #PF: supervisor read access in kernel mode\n[ 168.660619] #PF: error_code(0x0000) - not-present page\n[ 168.663613] PGD 0 P4D 0\n[ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary)\n[ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330\n[ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 \u003c48\u003e 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8\n[ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282\n[ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158\n[ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80\n[ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000\n[ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80\n[ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0\n[ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000\n[ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0\n[ 168.701696] Call Trace:\n[ 168.702325] \u003cTASK\u003e\n[ 168.702995] rawdata_get_link_data+0x1c/0x30\n[ 168.704145] vfs_readlink+0xd4/0x160\n[ 168.705152] do_readlinkat+0x114/0x180\n[ 168.706214] __x64_sys_readlink+0x1e/0x30\n[ 168.708653] x64_sys_call+0x1d77/0x26b0\n[ 168.709525] do_syscall_64+0x81/0x500\n[ 168.710348] ? do_statx+0x72/0xb0\n[ 168.711109] ? putname+0x3e/0x80\n[ 168.711845] ? __x64_sys_statx+0xb7/0x100\n[ 168.712711] ? x64_sys_call+0x10fc/0x26b0\n[ 168.713577] ? do_syscall_64+0xbf/0x500\n[ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0\n[ 168.715404] ? irqentry_exit+0xb2/0x740\n[ 168.716359] ? exc_page_fault+0x90/0x1b0\n[ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45965",
"url": "https://www.suse.com/security/cve/CVE-2026-45965"
},
{
"category": "external",
"summary": "SUSE Bug 1267208 for CVE-2026-45965",
"url": "https://bugzilla.suse.com/1267208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45965"
},
{
"cve": "CVE-2026-45974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45974",
"url": "https://www.suse.com/security/cve/CVE-2026-45974"
},
{
"category": "external",
"summary": "SUSE Bug 1266922 for CVE-2026-45974",
"url": "https://bugzilla.suse.com/1266922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45974"
},
{
"cve": "CVE-2026-45985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don\u0027t set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O\n\nWhen allocating blocks during within-EOF DIO and writeback with\ndioread_nolock enabled, EXT4_GET_BLOCKS_PRE_IO was set to split an\nexisting large unwritten extent. However, EXT4_GET_BLOCKS_CONVERT was\nset when calling ext4_split_convert_extents(), which may potentially\nresult in stale data issues.\n\nAssume we have an unwritten extent, and then DIO writes the second half.\n\n [UUUUUUUUUUUUUUUU] on-disk extent U: unwritten extent\n [UUUUUUUUUUUUUUUU] extent status tree\n |\u003c- -\u003e| ----\u003e dio write this range\n\nFirst, ext4_iomap_alloc() call ext4_map_blocks() with\nEXT4_GET_BLOCKS_PRE_IO, EXT4_GET_BLOCKS_UNWRIT_EXT and\nEXT4_GET_BLOCKS_CREATE flags set. ext4_map_blocks() find this extent and\ncall ext4_split_convert_extents() with EXT4_GET_BLOCKS_CONVERT and the\nabove flags set.\n\nThen, ext4_split_convert_extents() calls ext4_split_extent() with\nEXT4_EXT_MAY_ZEROOUT, EXT4_EXT_MARK_UNWRIT2 and EXT4_EXT_DATA_VALID2\nflags set, and it calls ext4_split_extent_at() to split the second half\nwith EXT4_EXT_DATA_VALID2, EXT4_EXT_MARK_UNWRIT1, EXT4_EXT_MAY_ZEROOUT\nand EXT4_EXT_MARK_UNWRIT2 flags set. However, ext4_split_extent_at()\nfailed to insert extent since a temporary lack -ENOSPC. It zeroes out\nthe first half but convert the entire on-disk extent to written since\nthe EXT4_EXT_DATA_VALID2 flag set, but left the second half as unwritten\nin the extent status tree.\n\n [0000000000SSSSSS] data S: stale data, 0: zeroed\n [WWWWWWWWWWWWWWWW] on-disk extent W: written extent\n [WWWWWWWWWWUUUUUU] extent status tree\n\nFinally, if the DIO failed to write data to the disk, the stale data in\nthe second half will be exposed once the cached extent entry is gone.\n\nFix this issue by not passing EXT4_GET_BLOCKS_CONVERT when splitting\nan unwritten extent before submitting I/O, and make\next4_split_convert_extents() to zero out the entire extent range\nto zero for this case, and also mark the extent in the extent status\ntree for consistency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45985",
"url": "https://www.suse.com/security/cve/CVE-2026-45985"
},
{
"category": "external",
"summary": "SUSE Bug 1266700 for CVE-2026-45985",
"url": "https://bugzilla.suse.com/1266700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-45985"
},
{
"cve": "CVE-2026-46005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix a resource leak in xfs_alloc_buftarg()\n\nIn the error path, call fs_put_dax() to drop the DAX\ndevice reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46005",
"url": "https://www.suse.com/security/cve/CVE-2026-46005"
},
{
"category": "external",
"summary": "SUSE Bug 1267431 for CVE-2026-46005",
"url": "https://bugzilla.suse.com/1267431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46005"
},
{
"cve": "CVE-2026-46028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - snapshot IV for async AEAD requests\n\nAF_ALG AEAD AIO requests currently use the socket-wide IV buffer during\nrequest processing. For async requests, later socket activity can\nupdate that shared state before the original request has fully\ncompleted, which can lead to inconsistent IV handling.\n\nSnapshot the IV into per-request storage when preparing the AEAD\nrequest, so in-flight operations no longer depend on mutable socket\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46028",
"url": "https://www.suse.com/security/cve/CVE-2026-46028"
},
{
"category": "external",
"summary": "SUSE Bug 1267430 for CVE-2026-46028",
"url": "https://bugzilla.suse.com/1267430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46028"
},
{
"cve": "CVE-2026-46037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: icmp: validate reply type before using icmp_pointers\n\nExtended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type.\nThat value is outside the range covered by icmp_pointers[], which only\ndescribes the traditional ICMP types up to NR_ICMP_TYPES.\n\nAvoid consulting icmp_pointers[] for reply types outside that range, and\nuse array_index_nospec() for the remaining in-range lookup. Normal ICMP\nreplies keep their existing behavior unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46037",
"url": "https://www.suse.com/security/cve/CVE-2026-46037"
},
{
"category": "external",
"summary": "SUSE Bug 1267361 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "external",
"summary": "SUSE Bug 1267362 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46037"
},
{
"cve": "CVE-2026-46053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rds: fix MR cleanup on copy error\n\n__rds_rdma_map() hands sg/pages ownership to the transport after\nget_mr() succeeds. If copying the generated cookie back to user space\nfails after that point, the error path must not free those resources\nagain before dropping the MR reference.\n\nRemove the duplicate unpin/free from the put_user() failure branch so\nthat MR teardown is handled only through the existing final cleanup\npath.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46053",
"url": "https://www.suse.com/security/cve/CVE-2026-46053"
},
{
"category": "external",
"summary": "SUSE Bug 1267427 for CVE-2026-46053",
"url": "https://bugzilla.suse.com/1267427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46053"
},
{
"cve": "CVE-2026-46063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/shstk: Prevent deadlock during shstk sigreturn\n\nDuring sigreturn the shadow stack signal frame is popped. The kernel does\nthis by reading the shadow stack using normal read accesses. When it can\u0027t\nassume the memory is shadow stack, it takes extra steps to makes sure it is\nreading actual shadow stack memory and not other normal readable memory. It\ndoes this by holding the mmap read lock while doing the access and checking\nthe flags of the VMA.\n\nUnfortunately that is not safe. If the read of the shadow stack sigframe\nhits a page fault, the fault handler will try to recursively grab another\nmmap read lock. This normally works ok, but if a writer on another CPU is\nalso waiting, the second read lock could fail and cause a deadlock.\n\nFix this by not holding mmap lock during the read access to userspace.\n\nInstead use mmap_lock_speculate_...() to watch for changes between dropping\nmmap lock and the userspace access. Retry if anything grabbed an mmap write\nlock in between and could have changed the VMA.\n\nThese mmap_lock_speculate_...() helpers use mm::mm_lock_seq, which is only\navailable when PER_VMA_LOCK is configured. So make X86_USER_SHADOW_STACK\ndepend on it. On x86, PER_VMA_LOCK is a default configuration for SMP\nkernels. So drop support for the other configs under the assumption that\nthe !SMP shadow stack user base does not exist.\n\nCurrently there is a check that skips the lookup work when the SSP can be\nassumed to be on a shadow stack. While reorganizing the function, remove\nthe optimization to make the tricky code flows more common, such that\nissues like this cannot escape detection for so long.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46063",
"url": "https://www.suse.com/security/cve/CVE-2026-46063"
},
{
"category": "external",
"summary": "SUSE Bug 1267228 for CVE-2026-46063",
"url": "https://bugzilla.suse.com/1267228"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46063"
},
{
"cve": "CVE-2026-46065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info\n\nHold state of deferred I/O in struct fb_deferred_io_state. Allocate an\ninstance as part of initializing deferred I/O and remove it only after\nthe final mapping has been closed. If the fb_info and the contained\ndeferred I/O meanwhile goes away, clear struct fb_deferred_io_state.info\nto invalidate the mapping. Any access will then result in a SIGBUS\nsignal.\n\nFixes a long-standing problem, where a device hot-unplug happens while\nuser space still has an active mapping of the graphics memory. The hot-\nunplug frees the instance of struct fb_info. Accessing the memory will\noperate on undefined state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46065",
"url": "https://www.suse.com/security/cve/CVE-2026-46065"
},
{
"category": "external",
"summary": "SUSE Bug 1267458 for CVE-2026-46065",
"url": "https://bugzilla.suse.com/1267458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46065"
},
{
"cve": "CVE-2026-46069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()\n\nThe mwifiex_adapter_cleanup() function uses timer_delete()\n(non-synchronous) for the wakeup_timer before the adapter structure is\nfreed. This is incorrect because timer_delete() does not wait for any\nrunning timer callback to complete.\n\nIf the wakeup_timer callback (wakeup_timer_fn) is executing when\nmwifiex_adapter_cleanup() is called, the callback will continue to\naccess adapter fields (adapter-\u003ehw_status, adapter-\u003eif_ops.card_reset,\netc.) which may be freed by mwifiex_free_adapter() called later in the\nmwifiex_remove_card() path.\n\nUse timer_delete_sync() instead to ensure any running timer callback has\ncompleted before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46069",
"url": "https://www.suse.com/security/cve/CVE-2026-46069"
},
{
"category": "external",
"summary": "SUSE Bug 1267437 for CVE-2026-46069",
"url": "https://bugzilla.suse.com/1267437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46069"
},
{
"cve": "CVE-2026-46071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Avoid clearing VMCB_LBR in vmcb12\n\nsvm_copy_lbrs() always marks VMCB_LBR dirty in the destination VMCB.\nHowever, nested_svm_vmexit() uses it to copy LBRs to vmcb12, and\nclearing clean bits in vmcb12 is not architecturally defined.\n\nMove vmcb_mark_dirty() to callers and drop it for vmcb12.\n\nThis also facilitates incoming refactoring that does not pass the entire\nVMCB to svm_copy_lbrs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46071",
"url": "https://www.suse.com/security/cve/CVE-2026-46071"
},
{
"category": "external",
"summary": "SUSE Bug 1267591 for CVE-2026-46071",
"url": "https://bugzilla.suse.com/1267591"
},
{
"category": "external",
"summary": "SUSE Bug 1267896 for CVE-2026-46071",
"url": "https://bugzilla.suse.com/1267896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46071"
},
{
"cve": "CVE-2026-46076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Raise #UD if unhandled VMMCALL isn\u0027t intercepted by L1\n\nExplicitly synthesize a #UD for VMMCALL if L2 is active, L1 does NOT want\nto intercept VMMCALL, nested_svm_l2_tlb_flush_enabled() is true, and the\nhypercall is something other than one of the supported Hyper-V hypercalls.\nWhen all of the above conditions are met, KVM will intercept VMMCALL but\nnever forward it to L1, i.e. will let L2 make hypercalls as if it were L1.\n\nThe TLFS says a whole lot of nothing about this scenario, so go with the\narchitectural behavior, which says that VMMCALL #UDs if it\u0027s not\nintercepted.\n\nOpportunistically do a 2-for-1 stub trade by stub-ifying the new API\ninstead of the helpers it uses. The last remaining \"single\" stub will\nsoon be dropped as well.\n\n[sean: rewrite changelog and comment, tag for stable, remove defunct stubs]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46076",
"url": "https://www.suse.com/security/cve/CVE-2026-46076"
},
{
"category": "external",
"summary": "SUSE Bug 1267365 for CVE-2026-46076",
"url": "https://bugzilla.suse.com/1267365"
},
{
"category": "external",
"summary": "SUSE Bug 1267366 for CVE-2026-46076",
"url": "https://bugzilla.suse.com/1267366"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.9,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46076"
},
{
"cve": "CVE-2026-46101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: reject zero shift in nft_bitwise\n\nReject zero shift operands for nft_bitwise left and right shift\nexpressions during initialization.\n\nThe carry propagation logic computes the carry from the adjacent 32-bit\nword using BITS_PER_TYPE(u32) - shift. A zero shift operand turns this\ninto a 32-bit shift, which is undefined behaviour.\n\nReject zero shift operands in the control plane, alongside the existing\ncheck for values greater than or equal to 32, so malformed rules never\nreach the packet path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46101",
"url": "https://www.suse.com/security/cve/CVE-2026-46101"
},
{
"category": "external",
"summary": "SUSE Bug 1266878 for CVE-2026-46101",
"url": "https://bugzilla.suse.com/1266878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46101"
},
{
"cve": "CVE-2026-46112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix unlocked call to hns_roce_qp_remove()\n\nSashiko points out that hns_roce_qp_remove() requires the caller to hold\nlocks. The error flow in hns_roce_create_qp_common() doesn\u0027t hold those\nlocks for the error unwind so it risks corrupting memory.\n\nGrab the same locks the other two callers use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46112",
"url": "https://www.suse.com/security/cve/CVE-2026-46112"
},
{
"category": "external",
"summary": "SUSE Bug 1267582 for CVE-2026-46112",
"url": "https://bugzilla.suse.com/1267582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46112"
},
{
"cve": "CVE-2026-46116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: defensively unhash xfrm_state lists in __xfrm_state_delete\n\nKASAN reproduces a slab-use-after-free in __xfrm_state_delete()\u0027s\nhlist_del_rcu calls under syzkaller load on linux-6.12.y stable\n(reproduced on 6.12.47, also reachable via the same code path on\ntorvalds/master and on the ipsec tree). Nine unique signatures cluster\nin the xfrm_state lifecycle, the load-bearing one being:\n\n BUG: KASAN: slab-use-after-free in __hlist_del include/linux/list.h:990 [inline]\n BUG: KASAN: slab-use-after-free in hlist_del_rcu include/linux/rculist.h:516 [inline]\n BUG: KASAN: slab-use-after-free in __xfrm_state_delete net/xfrm/xfrm_state.c\n Write of size 8 at addr ffff8881198bcb70 by task kworker/u8:9/435\n\n Workqueue: netns cleanup_net\n Call Trace:\n __hlist_del / hlist_del_rcu\n __xfrm_state_delete\n xfrm_state_delete\n xfrm_state_flush\n xfrm_state_fini\n ops_exit_list\n cleanup_net\n\nThe other observed signatures hit the same slab object from\n__xfrm_state_lookup, xfrm_alloc_spi, __xfrm_state_insert and an OOB\nwrite variant of __xfrm_state_delete, all on the byseq/byspi\nhash chains.\n\n__xfrm_state_delete() guards its byseq and byspi unhashes with\nvalue-based predicates:\n\n\tif (x-\u003ekm.seq)\n\t\thlist_del_rcu(\u0026x-\u003ebyseq);\n\tif (x-\u003eid.spi)\n\t\thlist_del_rcu(\u0026x-\u003ebyspi);\n\nwhile everywhere else in the file (e.g. state_cache, state_cache_input)\nthe safer hlist_unhashed() check is used. xfrm_alloc_spi() sets\nx-\u003eid.spi = newspi inside xfrm_state_lock and then immediately inserts\ninto byspi, but a path that observes x-\u003eid.spi != 0 outside of\nxfrm_state_lock can still skip-or-hit the byspi unhash inconsistently\nwith whether x is actually on the list. The same holds for x-\u003ekm.seq\nversus byseq, and the bydst/bysrc unhashes have no predicate at all,\nso a second __xfrm_state_delete() on the same object writes through\nLIST_POISON pprev.\n\nThe defensive change here:\n\n - Use hlist_del_init_rcu() instead of hlist_del_rcu() on bydst,\n bysrc, byseq and byspi so a second deletion is a no-op rather\n than a write through LIST_POISON pprev. The byseq/byspi nodes\n are already initialised in xfrm_state_alloc().\n - Test hlist_unhashed() rather than the value predicate for\n byseq/byspi, so the unhash decision tracks list state rather than\n mutable scalar fields.\n\nEmpirical verification: applied this patch on top of v6.12.47, rebuilt,\nand re-ran the same syzkaller harness for 1h16m on a previously-crashy\nconfiguration that produced ~100 hits each of slab-use-after-free\nRead in xfrm_alloc_spi / Read in __xfrm_state_lookup / Write in\n__xfrm_state_delete. After the patch, 7.1M execs across 32 VMs at\n~1550 exec/sec produced zero xfrm_state UAF/OOB hits. /proc/slabinfo\nconfirms the xfrm_state slab is actively allocated and freed during\nthe run (~143 KiB resident), so the fuzzer is still exercising those\ncode paths -- they just no longer crash.\n\nReproduction:\n\n - Linux 6.12.47 x86_64 + KASAN_GENERIC + KASAN_INLINE + KCOV\n - syzkaller @ 746545b8b1e4c3a128db8652b340d3df90ce61db\n - 32 QEMU/KVM VMs x 2 vCPU on AWS c5.metal bare metal\n - 9 unique signatures collected in ~9h, all within xfrm_state\n lifecycle",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46116",
"url": "https://www.suse.com/security/cve/CVE-2026-46116"
},
{
"category": "external",
"summary": "SUSE Bug 1267369 for CVE-2026-46116",
"url": "https://bugzilla.suse.com/1267369"
},
{
"category": "external",
"summary": "SUSE Bug 1267370 for CVE-2026-46116",
"url": "https://bugzilla.suse.com/1267370"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46116"
},
{
"cve": "CVE-2026-46119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix slab-out-of-bounds access in auth message processing\n\nIf a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY\ncontains a positive value in its result field, it is treated as an\nerror code by ceph_handle_auth_reply() and returned to\nhandle_auth_reply(). Thereafter, an attempt is made to send the\npreallocated message of type CEPH_MSG_AUTH, where the returned value is\ninterpreted as the size of the front segment to send. If the result\nvalue in the message is greater than the size of the memory buffer\nallocated for the front segment, an out-of-bounds access occurs, and\nthe content of the memory region beyond this buffer is sent out.\n\nThis patch fixes the issue by treating only negative values in the\nresult field as errors. Positive values are therefore treated as success\nin the same way as a zero value. Additionally, a BUG_ON is added to\n__send_prepared_auth_request() comparing the len parameter to\nfront_alloc_len to prevent sending the message if it exceeds the bounds\nof the allocation and to make it easier to catch any logic flaws leading\nto this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46119",
"url": "https://www.suse.com/security/cve/CVE-2026-46119"
},
{
"category": "external",
"summary": "SUSE Bug 1267628 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "external",
"summary": "SUSE Bug 1267894 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46119"
},
{
"cve": "CVE-2026-46120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: Use cached t-\u003enet in ip6erspan_changelink().\n\nAfter commit 5e72ce3e3980 (\"net: ipv6: Use link netns in newlink() of\nrtnl_link_ops\"), ip6erspan_newlink() correctly resolves the per-netns\nip6gre hash via link_net. ip6erspan_changelink() was not converted in\nthat series and still uses dev_net(dev), which diverges from the\ndevice\u0027s creation netns after IFLA_NET_NS_FD migration.\n\nThis re-inserts the tunnel into the wrong per-netns hash. The\noriginal netns keeps a stale entry. When that netns is later\ndestroyed, ip6gre_exit_rtnl_net() walks the stale entry, producing a\nslab-use-after-free reported by KASAN, followed by a kernel BUG at\nnet/core/dev.c (LIST_POISON1) in unregister_netdevice_many_notify().\n\nReachable from an unprivileged user namespace (unshare --user\n--map-root-user --net).\n\nip6gre_changelink() earlier in the same file already uses the cached\nt-\u003enet; only ip6erspan_changelink() has the wrong shape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46120",
"url": "https://www.suse.com/security/cve/CVE-2026-46120"
},
{
"category": "external",
"summary": "SUSE Bug 1267640 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "external",
"summary": "SUSE Bug 1267893 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46120"
},
{
"cve": "CVE-2026-46123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: virtio_bt: clamp rx length before skb_put\n\nvirtbt_rx_work() calls skb_put(skb, len) where len comes directly\nfrom virtqueue_get_buf() with no validation against the buffer we\nposted to the device. The RX skb is allocated in virtbt_add_inbuf()\nand exposed to virtio as exactly 1000 bytes via sg_init_one().\n\nChecking len against skb_tailroom(skb) is not sufficient because\nalloc_skb() can leave more tailroom than the 1000 bytes actually\nhanded to the device. A malicious or buggy backend can therefore\nreport used.len between 1001 and skb_tailroom(skb), causing skb_put()\nto include uninitialized kernel heap bytes that were never written by\nthe device.\n\nThe same path also accepts len == 0, in which case skb_put(skb, 0)\nleaves the skb empty but virtbt_rx_handle() still reads the pkt_type\nbyte from skb-\u003edata, consuming uninitialized memory.\n\nDefine VIRTBT_RX_BUF_SIZE once and reuse it in alloc_skb() and\nsg_init_one(), and gate virtbt_rx_work() on that same constant so\nthe bound checked matches the buffer actually exposed to the device.\nReject used.len == 0 in the same gate so an empty completion can\nno longer reach virtbt_rx_handle().\n\nUse bt_dev_err_ratelimited() because the length value comes from an\nuntrusted backend that can otherwise flood the kernel log.\n\nSame class of bug as commit c04db81cd028 (\"net/9p: Fix buffer\noverflow in USB transport layer\"), which hardened the USB 9p\ntransport against unchecked device-reported length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46123",
"url": "https://www.suse.com/security/cve/CVE-2026-46123"
},
{
"category": "external",
"summary": "SUSE Bug 1267621 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "external",
"summary": "SUSE Bug 1267622 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46123"
},
{
"cve": "CVE-2026-46124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: validate block number from NFS file handle in isofs_export_iget\n\nisofs_fh_to_dentry() and isofs_fh_to_parent() pass an attacker-\ncontrolled block number (ifid-\u003eblock or ifid-\u003eparent_block) from\nthe NFS file handle to isofs_export_iget(), which only rejects\nblock == 0 before calling isofs_iget() and ultimately sb_bread().\nA crafted file handle with fh_len sufficient to pass the check\nadded by commit 0405d4b63d08 (\"isofs: Prevent the use of too small\nfid\") can still drive the server to read any in-range block on the\nbacking device as if it were an iso_directory_record. That earlier\nfix was assigned CVE-2025-37780.\n\nsb_bread() on an out-of-range block returns NULL cleanly via the\nEIO path, so there is no memory-safety violation. For in-range\nreads of adjacent-partition data on the same block device, the\nunrelated bytes end up in iso_inode_info fields that reach the NFS\nclient as dentry metadata. The deployment surface (isofs exported\nover NFS from loop-mounted images) is narrow and requires an\nauthenticated NFS peer, but the malformed-file-handle class is\nreportable as hardening next to the existing CVE-2025-37780 fix.\n\nReject block \u003e= ISOFS_SB(sb)-\u003es_nzones in isofs_export_iget() so\nthe check covers both isofs_fh_to_dentry() and isofs_fh_to_parent()\ncall sites with a single line.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46124",
"url": "https://www.suse.com/security/cve/CVE-2026-46124"
},
{
"category": "external",
"summary": "SUSE Bug 1266847 for CVE-2026-46124",
"url": "https://bugzilla.suse.com/1266847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46124"
},
{
"cve": "CVE-2026-46133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Reject unknown opcodes before ICRC processing\n\nEven after applying commit 7244491dab34 (\"RDMA/rxe: Validate pad and ICRC\nbefore payload_size() in rxe_rcv\"), a single unauthenticated UDP packet\ncan still trigger panic. That patch handled payload_size() underflow only\nfor valid opcodes with short packets, not for packets carrying an unknown\nopcode. The unknown-opcode OOB read described below predates that commit\nand reaches back to the initial Soft RoCE driver.\n\nThe check added there reads\n\n pkt-\u003epaylen \u003c header_size(pkt) + bth_pad(pkt) + RXE_ICRC_SIZE\n\nwhere header_size(pkt) expands to rxe_opcode[pkt-\u003eopcode].length. The\nrxe_opcode[] array has 256 entries but is only populated for defined IB\nopcodes; any other entry (for example opcode 0xff) is zero-initialized, so\nlength == 0 and the check degenerates to\n\n pkt-\u003epaylen \u003c 0 + bth_pad(pkt) + RXE_ICRC_SIZE\n\nwhich does not constrain pkt-\u003epaylen enough. rxe_icrc_hdr() then computes\n\n rxe_opcode[pkt-\u003eopcode].length - RXE_BTH_BYTES\n\nwhich underflows when length == 0 and passes a huge value to rxe_crc32(),\ncausing an out-of-bounds read of the skb payload.\n\nReproduced on v7.0-rc7 with that fix applied, QEMU/KVM with\nCONFIG_RDMA_RXE=y and CONFIG_KASAN=y, after\n\n rdma link add rxe0 type rxe netdev eth0\n\nA single 48-byte UDP packet to port 4791 with BTH opcode=0xff and\nQPN=IB_MULTICAST_QPN triggers:\n\n BUG: KASAN: slab-out-of-bounds in crc32_le+0x115/0x170\n Read of size 1 at addr ...\n The buggy address is located 0 bytes to the right of\n allocated 704-byte region\n Call Trace:\n crc32_le+0x115/0x170\n rxe_icrc_hdr.isra.0+0x226/0x300\n rxe_icrc_check+0x13f/0x3a0\n rxe_rcv+0x6e1/0x16e0\n rxe_udp_encap_recv+0x20a/0x320\n udp_queue_rcv_one_skb+0x7ed/0x12c0\n\nSubsequent packets with the same shape fault on unmapped memory and panic\nthe kernel. The trigger requires only module load and \"rdma link add\"; no\nQP, no connection, and no authentication.\n\nFix this by rejecting packets whose opcode has no rxe_opcode[] entry,\ndetected via the zero mask or zero length, before any length arithmetic\nruns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46133",
"url": "https://www.suse.com/security/cve/CVE-2026-46133"
},
{
"category": "external",
"summary": "SUSE Bug 1266928 for CVE-2026-46133",
"url": "https://bugzilla.suse.com/1266928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46133"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix double free in ice_sf_eth_activate() error path\n\nWhen auxiliary_device_add() fails, ice_sf_eth_activate() jumps to\naux_dev_uninit and calls auxiliary_device_uninit(\u0026sf_dev-\u003eadev).\n\nThe device release callback ice_sf_dev_release() frees sf_dev, but\nthe current error path falls through to sf_dev_free and calls\nkfree(sf_dev) again, causing a double free.\n\nKeep kfree(sf_dev) for the auxiliary_device_init() failure path, but\navoid falling through to sf_dev_free after auxiliary_device_uninit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46162",
"url": "https://www.suse.com/security/cve/CVE-2026-46162"
},
{
"category": "external",
"summary": "SUSE Bug 1266840 for CVE-2026-46162",
"url": "https://bugzilla.suse.com/1266840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46162"
},
{
"cve": "CVE-2026-46172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: xfrm6: release dst on error in xfrm6_rcv_encap()\n\nxfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not\nalready have a dst attached. ip6_route_input_lookup() returns a\nreferenced dst entry even when the lookup resolves to an error route.\n\nIf dst-\u003eerror is set, xfrm6_rcv_encap() drops the skb without attaching\nthe dst to the skb and without releasing the reference returned by the\nlookup. Repeated packets hitting this path therefore leak dst entries.\n\nRelease the dst before jumping to the drop path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46172",
"url": "https://www.suse.com/security/cve/CVE-2026-46172"
},
{
"category": "external",
"summary": "SUSE Bug 1266903 for CVE-2026-46172",
"url": "https://bugzilla.suse.com/1266903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46172"
},
{
"cve": "CVE-2026-46173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexit: prevent preemption of oopsing TASK_DEAD task\n\nWhen an already-exiting task oopses, make_task_dead() currently calls\ndo_task_dead() with preemption enabled. That is forbidden:\ndo_task_dead() calls __schedule(), which has a comment saying \"WARNING:\nmust be called with preemption disabled!\".\n\nIf an oopsing task is preempted in do_task_dead(), between becoming\nTASK_DEAD and entering the scheduler explicitly, bad things happen:\nfinish_task_switch() assumes that once the scheduler has switched away\nfrom a TASK_DEAD task, the task can never run again and its stack is no\nlonger needed; but that assumption apparently doesn\u0027t hold if the dead\ntask was preempted (the SM_PREEMPT case).\n\nThis means that the scheduler ends up repeatedly dropping references on\nthe dead task\u0027s stack, which can lead to use-after-free or double-free\nof the entire task stack; in other words, two tasks can end up running\non the same stack, resulting in various kinds of memory corruption.\n\n(This does not just affect \"recursively oopsing\" tasks; it is enough to\noops once during task exit, for example in a file_operations::release\nhandler)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46173",
"url": "https://www.suse.com/security/cve/CVE-2026-46173"
},
{
"category": "external",
"summary": "SUSE Bug 1267722 for CVE-2026-46173",
"url": "https://bugzilla.suse.com/1267722"
},
{
"category": "external",
"summary": "SUSE Bug 1267723 for CVE-2026-46173",
"url": "https://bugzilla.suse.com/1267723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46173"
},
{
"cve": "CVE-2026-46185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb/client: fix out-of-bounds read in symlink_data()\n\nSince smb2_check_message() returns success without length validation for\nthe symlink error response, in symlink_data() it is possible for\niov-\u003eiov_len to be smaller than sizeof(struct smb2_err_rsp). If the buffer\nonly contains the base SMB2 header (64 bytes), accessing\nerr-\u003eErrorContextCount (at offset 66) or err-\u003eByteCount later in\nsymlink_data() will cause an out-of-bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46185",
"url": "https://www.suse.com/security/cve/CVE-2026-46185"
},
{
"category": "external",
"summary": "SUSE Bug 1266830 for CVE-2026-46185",
"url": "https://bugzilla.suse.com/1266830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46185"
},
{
"cve": "CVE-2026-46197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: validate SVM ioctl nattr against buffer size\n\nValidate nattr field against the buffer size, preventing\nout-of-bounds buffer access via user-controlled attribute count.\n\n(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46197",
"url": "https://www.suse.com/security/cve/CVE-2026-46197"
},
{
"category": "external",
"summary": "SUSE Bug 1267381 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "external",
"summary": "SUSE Bug 1267382 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46197"
},
{
"cve": "CVE-2026-46214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46214"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: fix accept queue count leak on transport mismatch\n\nvirtio_transport_recv_listen() calls sk_acceptq_added() before\nvsock_assign_transport(). If vsock_assign_transport() fails or\nselects a different transport, the error path returns without\ncalling sk_acceptq_removed(), permanently incrementing\nsk_ack_backlog.\n\nAfter approximately backlog+1 such failures, sk_acceptq_is_full()\nreturns true, causing the listener to reject all new connections.\n\nFix by moving sk_acceptq_added() to after the transport validation,\nmatching the pattern used by vmci_transport and hyperv_transport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46214",
"url": "https://www.suse.com/security/cve/CVE-2026-46214"
},
{
"category": "external",
"summary": "SUSE Bug 1267717 for CVE-2026-46214",
"url": "https://bugzilla.suse.com/1267717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46214"
},
{
"cve": "CVE-2026-46227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep-\u003easocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs. The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep-\u003easocs), and optionally close the new socket which frees the\nassociation via kfree_rcu(). The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc-\u003ebase.sk\" and \"asoc-\u003ebase.dead\" checks, but nothing\nrevalidates @tmp. After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint\u0027s list head (type\nconfusion of \u0026newep-\u003easocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched-\u003einit_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns. @asoc is known to still be on ep-\u003easocs at that point: the\nonly callers that list_del an association from ep-\u003easocs are\nsctp_association_free() (which sets asoc-\u003ebase.dead) and\nsctp_assoc_migrate() (which changes asoc-\u003ebase.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err \u003c 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits \u0027continue\u0027 before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46227",
"url": "https://www.suse.com/security/cve/CVE-2026-46227"
},
{
"category": "external",
"summary": "SUSE Bug 1267697 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "external",
"summary": "SUSE Bug 1267698 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46227"
},
{
"cve": "CVE-2026-46229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46229"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Clear VRAM on allocation to prevent stale data exposure\n\nKFD VRAM allocations set AMDGPU_GEM_CREATE_VRAM_WIPE_ON_RELEASE\nbut not AMDGPU_GEM_CREATE_VRAM_CLEARED, leaving freshly allocated\nVRAM with stale data from prior use observable by compute kernels.\n\nThe GEM ioctl path already sets VRAM_CLEARED for all userspace\nallocations via amdgpu_gem_create_ioctl() and\namdgpu_mode_dumb_create(). The KFD path was missing this flag,\nallowing stale page table remnants to leak into user buffers.\n\nThis causes crashes in RCCL P2P transport where non-zero data in\nptrExchange/head/tail fields corrupts the protocol handshake.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46229",
"url": "https://www.suse.com/security/cve/CVE-2026-46229"
},
{
"category": "external",
"summary": "SUSE Bug 1267567 for CVE-2026-46229",
"url": "https://bugzilla.suse.com/1267567"
},
{
"category": "external",
"summary": "SUSE Bug 1267568 for CVE-2026-46229",
"url": "https://bugzilla.suse.com/1267568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46229"
},
{
"cve": "CVE-2026-46244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong - points to extension header start) and l4proto\n(correct - e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()\u0027s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()\u0027s calculated transport header offset is\npreserved, thereby fixing the desynchronization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46244",
"url": "https://www.suse.com/security/cve/CVE-2026-46244"
},
{
"category": "external",
"summary": "SUSE Bug 1267654 for CVE-2026-46244",
"url": "https://bugzilla.suse.com/1267654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46253"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/ram: fix buffer overflow in persistent_ram_save_old()\n\npersistent_ram_save_old() can be called multiple times for the same\npersistent_ram_zone (e.g., via ramoops_pstore_read -\u003e ramoops_get_next_prz\nfor PSTORE_TYPE_DMESG records).\n\nCurrently, the function only allocates prz-\u003eold_log when it is NULL,\nbut it unconditionally updates prz-\u003eold_log_size to the current buffer\nsize and then performs memcpy_fromio() using this new size. If the\nbuffer size has grown since the first allocation (which can happen\nacross different kernel boot cycles), this leads to:\n\n1. A heap buffer overflow (OOB write) in the memcpy_fromio() calls\n2. A subsequent OOB read when ramoops_pstore_read() accesses the buffer\n using the incorrect (larger) old_log_size\n\nThe KASAN splat would look similar to:\n BUG: KASAN: slab-out-of-bounds in ramoops_pstore_read+0x...\n Read of size N at addr ... by task ...\n\nThe conditions are likely extremely hard to hit:\n\n 0. Crash with a ramoops write of less-than-record-max-size bytes.\n 1. Reboot: ramoops registers, pstore_get_records(0) reads old crash,\n allocates old_log with size X\n 2. Crash handler registered, timer started (if pstore_update_ms \u003e= 0)\n 3. Oops happens (non-fatal, system continues)\n 4. pstore_dump() writes oops via ramoops_pstore_write() size Y (\u003eX)\n 5. pstore_new_entry = 1, pstore_timer_kick() called\n 6. System continues running (not a panic oops)\n 7. Timer fires after pstore_update_ms milliseconds\n 8. pstore_timefunc() -\u003e schedule_work() -\u003e pstore_dowork() -\u003e pstore_get_records(1)\n 9. ramoops_get_next_prz() -\u003e persistent_ram_save_old()\n 10. buffer_size() returns Y, but old_log is X bytes\n 11. Y \u003e X: memcpy_fromio() overflows heap\n\n Requirements:\n - a prior crash record exists that did not fill the record size\n (almost impossible since the crash handler writes as much as it\n can possibly fit into the record, capped by max record size and\n the kmsg buffer almost always exceeds the max record size)\n - pstore_update_ms \u003e= 0 (disabled by default)\n - Non-fatal oops (system survives)\n\nFree and reallocate the buffer when the new size differs from the\npreviously allocated size. This ensures old_log always has sufficient\nspace for the data being copied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46253",
"url": "https://www.suse.com/security/cve/CVE-2026-46253"
},
{
"category": "external",
"summary": "SUSE Bug 1267635 for CVE-2026-46253",
"url": "https://bugzilla.suse.com/1267635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46253"
},
{
"cve": "CVE-2026-46254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46254"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nAppArmor: Allow apparmor to handle unaligned dfa tables\n\nThe dfa tables can originate from kernel or userspace and 8-byte alignment\nisn\u0027t always guaranteed and as such may trigger unaligned memory accesses\non various architectures. Resulting in the following\n\n[ 73.901376] WARNING: CPU: 0 PID: 341 at security/apparmor/match.c:316 aa_dfa_unpack+0x6cc/0x720\n[ 74.015867] Modules linked in: binfmt_misc evdev flash sg drm drm_panel_orientation_quirks backlight i2c_core configfs nfnetlink autofs4 ext4 crc16 mbcache jbd2 hid_generic usbhid sr_mod hid cdrom\nsd_mod ata_generic ohci_pci ehci_pci ehci_hcd ohci_hcd pata_ali libata sym53c8xx scsi_transport_spi tg3 scsi_mod usbcore libphy scsi_common mdio_bus usb_common\n[ 74.428977] CPU: 0 UID: 0 PID: 341 Comm: apparmor_parser Not tainted 6.18.0-rc6+ #9 NONE\n[ 74.536543] Call Trace:\n[ 74.568561] [\u003c0000000000434c24\u003e] dump_stack+0x8/0x18\n[ 74.633757] [\u003c0000000000476438\u003e] __warn+0xd8/0x100\n[ 74.696664] [\u003c00000000004296d4\u003e] warn_slowpath_fmt+0x34/0x74\n[ 74.771006] [\u003c00000000008db28c\u003e] aa_dfa_unpack+0x6cc/0x720\n[ 74.843062] [\u003c00000000008e643c\u003e] unpack_pdb+0xbc/0x7e0\n[ 74.910545] [\u003c00000000008e7740\u003e] unpack_profile+0xbe0/0x1300\n[ 74.984888] [\u003c00000000008e82e0\u003e] aa_unpack+0xe0/0x6a0\n[ 75.051226] [\u003c00000000008e3ec4\u003e] aa_replace_profiles+0x64/0x1160\n[ 75.130144] [\u003c00000000008d4d90\u003e] policy_update+0xf0/0x280\n[ 75.201057] [\u003c00000000008d4fc8\u003e] profile_replace+0xa8/0x100\n[ 75.274258] [\u003c0000000000766bd0\u003e] vfs_write+0x90/0x420\n[ 75.340594] [\u003c00000000007670cc\u003e] ksys_write+0x4c/0xe0\n[ 75.406932] [\u003c0000000000767174\u003e] sys_write+0x14/0x40\n[ 75.472126] [\u003c0000000000406174\u003e] linux_sparc_syscall+0x34/0x44\n[ 75.548802] ---[ end trace 0000000000000000 ]---\n[ 75.609503] dfa blob stream 0xfff0000008926b96 not aligned.\n[ 75.682695] Kernel unaligned access at TPC[8db2a8] aa_dfa_unpack+0x6e8/0x720\n\nWork around it by using the get_unaligned_xx() helpers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46254",
"url": "https://www.suse.com/security/cve/CVE-2026-46254"
},
{
"category": "external",
"summary": "SUSE Bug 1267637 for CVE-2026-46254",
"url": "https://bugzilla.suse.com/1267637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46254"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46266"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP\n\nYizhou Zhao reported that simply having one RAW socket on protocol\nIPPROTO_RAW (255) was dangerous.\n\n socket(AF_INET, SOCK_RAW, 255);\n\nA malicious incoming ICMP packet can set the protocol field to 255\nand match this socket, leading to FNHE cache changes.\n\ninner = IP(src=\"192.168.2.1\", dst=\"8.8.8.8\", proto=255)/Raw(\"TEST\")\npkt = IP(src=\"192.168.1.1\", dst=\"192.168.2.1\")/ICMP(type=3, code=4, nexthopmtu=576)/inner\n\n\"man 7 raw\" states:\n\n A protocol of IPPROTO_RAW implies enabled IP_HDRINCL and is able\n to send any IP protocol that is specified in the passed header.\n Receiving of all IP protocols via IPPROTO_RAW is not possible\n using raw sockets.\n\nMake sure we drop these malicious packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46266",
"url": "https://www.suse.com/security/cve/CVE-2026-46266"
},
{
"category": "external",
"summary": "SUSE Bug 1267684 for CVE-2026-46266",
"url": "https://bugzilla.suse.com/1267684"
},
{
"category": "external",
"summary": "SUSE Bug 1267888 for CVE-2026-46266",
"url": "https://bugzilla.suse.com/1267888"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46266"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
},
{
"cve": "CVE-2026-46274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46274"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio-wq: check that the predecessor is hashed in io_wq_remove_pending()\n\nio_wq_remove_pending() needs to fix up wq-\u003ehash_tail[] if the cancelled\nwork was the tail of its hash bucket. When doing this, it checks whether\nthe preceding entry in acct-\u003ework_list has the same hash value, but\nnever checks that the predecessor is hashed at all. io_get_work_hash()\nis simply atomic_read(\u0026work-\u003eflags) \u003e\u003e IO_WQ_HASH_SHIFT, and the hash\nbits are never set for non-hashed work, so it returns 0. Thus, when a\nhashed bucket-0 work is cancelled while a non-hashed work is its list\npredecessor, the check spuriously passes and a pointer to the non-hashed\nio_kiocb is stored in wq-\u003ehash_tail[0].\n\nBecause non-hashed work is dequeued via the fast path in\nio_get_next_work(), which never touches hash_tail[], the stale pointer\nis never cleared. Therefore, after the non-hashed io_kiocb completes and\nis freed back to req_cachep, wq-\u003ehash_tail[0] is a dangling pointer. The\nio_wq is per-task (tctx-\u003eio_wq) and survives ring open/close, so the\ndangling pointer persists for the lifetime of the task; the next hashed\nbucket-0 enqueue dereferences it in io_wq_insert_work() and\nwq_list_add_after() writes through freed memory.\n\nAdd the missing io_wq_is_hashed() check so a non-hashed predecessor\nnever inherits a hash_tail[] slot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46274",
"url": "https://www.suse.com/security/cve/CVE-2026-46274"
},
{
"category": "external",
"summary": "SUSE Bug 1267918 for CVE-2026-46274",
"url": "https://bugzilla.suse.com/1267918"
},
{
"category": "external",
"summary": "SUSE Bug 1268624 for CVE-2026-46274",
"url": "https://bugzilla.suse.com/1268624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46274"
},
{
"cve": "CVE-2026-46289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46289"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/scatterlist: fix length calculations in extract_kvec_to_sg\n\nPatch series \"Fix bugs in extract_iter_to_sg()\", v3.\n\nFix bugs in the kvec and user variants of extract_iter_to_sg. This series\nis growing due to useful remarks made by sashiko.dev.\n\nThe main bugs are:\n- The length for an sglist entry when extracting from\n a kvec can exceed the number of bytes in the page. This\n is obviously not intended.\n- When extracting a user buffer the sglist is temporarily\n used as a scratch buffer for extracted page pointers.\n If the sglist already contains some elements this scratch\n buffer could overlap with existing entries in the sglist.\n\nThe series adds test cases to the kunit_iov_iter test that demonstrate all\nof these bugs. Additionally, there is a memory leak fix for the test\nitself.\n\nThe bugs were orignally introduced into kernel v6.3 where the function\nlived in fs/netfs/iterator.c. It was later moved to lib/scatterlist.c in\nv6.5. Thus the actual fix is only marked for backports to v6.5+.\n\n\nThis patch (of 5):\n\nWhen extracting from a kvec to a scatterlist, do not cross page\nboundaries. The required length was already calculated but not used as\nintended.\n\nAdjust the copied length if the loop runs out of sglist entries without\nextracting everything.\n\nWhile there, return immediately from extract_iter_to_sg if there are no\nsglist entries at all.\n\nA subsequent commit will add kunit test cases that demonstrate that the\npatch is necessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46289",
"url": "https://www.suse.com/security/cve/CVE-2026-46289"
},
{
"category": "external",
"summary": "SUSE Bug 1267966 for CVE-2026-46289",
"url": "https://bugzilla.suse.com/1267966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46289"
},
{
"cve": "CVE-2026-46291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46291"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: caam - guard HMAC key hex dumps in hash_digest_key\n\nUse print_hex_dump_devel() for dumping sensitive HMAC key bytes in\nhash_digest_key() to avoid leaking secrets at runtime when\nCONFIG_DYNAMIC_DEBUG is enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46291",
"url": "https://www.suse.com/security/cve/CVE-2026-46291"
},
{
"category": "external",
"summary": "SUSE Bug 1267937 for CVE-2026-46291",
"url": "https://bugzilla.suse.com/1267937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46291"
},
{
"cve": "CVE-2026-46315",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46315"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/waitid: clear waitid info before copying it to userspace\n\nIORING_OP_WAITID stores its result fields in struct io_waitid::info and\nlater copies them to userspace siginfo. The prep path initializes the\nrequest arguments, but it does not initialize info itself.\n\nIf the wait operation completes without reporting a child event, the common\nwait code can return without writing wo_info. In that case io_waitid_finish()\nstill copies iw-\u003einfo to userspace, exposing stale bytes from the reused\nio_kiocb command storage.\n\nClear the result storage during prep so the io_uring path matches the\nregular waitid syscall, which uses a zero-initialized struct waitid_info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46315",
"url": "https://www.suse.com/security/cve/CVE-2026-46315"
},
{
"category": "external",
"summary": "SUSE Bug 1267953 for CVE-2026-46315",
"url": "https://bugzilla.suse.com/1267953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46315"
},
{
"cve": "CVE-2026-46319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46319"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ct: Only release RCU read lock after ct_ft\n\nWhen looking up a flow table in act_ct in tcf_ct_flow_table_get(),\nrhashtable_lookup_fast() internally opens and closes an RCU read critical\nsection before returning ct_ft.\nThe tcf_ct_flow_table_cleanup_work() can complete before refcount_inc_not_zero()\nis invoked on the returned ct_ft resulting in a UAF on the already freed ct_ft\nobject. This vulnerability can lead to privilege escalation.\n\nAnalysis from zdi-disclosures@trendmicro.com:\nWhen initializing act_ct, tcf_ct_init() is called, which internally triggers\ntcf_ct_flow_table_get().\n\nstatic int tcf_ct_flow_table_get(struct net *net, struct tcf_ct_params *params)\n\n{\n struct zones_ht_key key = { .net = net, .zone = params-\u003ezone };\n struct tcf_ct_flow_table *ct_ft;\n int err = -ENOMEM;\n\n mutex_lock(\u0026zones_mutex);\n ct_ft = rhashtable_lookup_fast(\u0026zones_ht, \u0026key, zones_params); // [1]\n if (ct_ft \u0026\u0026 refcount_inc_not_zero(\u0026ct_ft-\u003eref)) // [2]\n goto out_unlock;\n ...\n}\n\nstatic __always_inline void *rhashtable_lookup_fast(\n struct rhashtable *ht, const void *key,\n const struct rhashtable_params params)\n{\n void *obj;\n\n rcu_read_lock();\n obj = rhashtable_lookup(ht, key, params);\n rcu_read_unlock();\n\n return obj;\n}\n\nAt [1], rhashtable_lookup_fast() looks up and returns the corresponding ct_ft\nfrom zones_ht . The lookup is performed within an RCU read critical section\nthrough rcu_read_lock() / rcu_read_unlock(), which prevents the object from\nbeing freed. However, at the point of function return, rcu_read_unlock() has\nalready been called, and there is nothing preventing ct_ft from being freed\nbefore reaching refcount_inc_not_zero(\u0026ct_ft-\u003eref) at [2]. This interval becomes\nthe race window, during which ct_ft can be freed.\n\nFree Process:\n\ntcf_ct_flow_table_put() is executed through the path tcf_ct_cleanup() call_rcu()\ntcf_ct_params_free_rcu() tcf_ct_params_free() tcf_ct_flow_table_put().\n\nstatic void tcf_ct_flow_table_put(struct tcf_ct_flow_table *ct_ft)\n{\n if (refcount_dec_and_test(\u0026ct_ft-\u003eref)) {\n rhashtable_remove_fast(\u0026zones_ht, \u0026ct_ft-\u003enode, zones_params);\n INIT_RCU_WORK(\u0026ct_ft-\u003erwork, tcf_ct_flow_table_cleanup_work); // [3]\n queue_rcu_work(act_ct_wq, \u0026ct_ft-\u003erwork);\n }\n}\n\nAt [3], tcf_ct_flow_table_cleanup_work() is scheduled as RCU work\n\nstatic void tcf_ct_flow_table_cleanup_work(struct work_struct *work)\n\n{\n struct tcf_ct_flow_table *ct_ft;\n struct flow_block *block;\n\n ct_ft = container_of(to_rcu_work(work), struct tcf_ct_flow_table,\n rwork);\n nf_flow_table_free(\u0026ct_ft-\u003enf_ft);\n block = \u0026ct_ft-\u003enf_ft.flow_block;\n down_write(\u0026ct_ft-\u003enf_ft.flow_block_lock);\n WARN_ON(!list_empty(\u0026block-\u003ecb_list));\n up_write(\u0026ct_ft-\u003enf_ft.flow_block_lock);\n kfree(ct_ft); // [4]\n\n module_put(THIS_MODULE);\n}\n\ntcf_ct_flow_table_cleanup_work() frees ct_ft at [4]. When this function executes\nbetween [1] and [2], UAF occurs.\n\nThis race condition has a very short race window, making it generally\ndifficult to trigger. Therefore, to trigger the vulnerability an msleep(100) was\ninserted after[1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46319",
"url": "https://www.suse.com/security/cve/CVE-2026-46319"
},
{
"category": "external",
"summary": "SUSE Bug 1268022 for CVE-2026-46319",
"url": "https://bugzilla.suse.com/1268022"
},
{
"category": "external",
"summary": "SUSE Bug 1268281 for CVE-2026-46319",
"url": "https://bugzilla.suse.com/1268281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46319"
},
{
"cve": "CVE-2026-46320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46320"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntap: free page on error paths in tap_get_user_xdp()\n\ntap_get_user_xdp() rejects a frame shorter than ETH_HLEN with -EINVAL,\nand returns -ENOMEM when build_skb() fails. Both paths jump to the err\nlabel without freeing the page that vhost_net_build_xdp() allocated for\nthe frame. tap_sendmsg() discards the per-buffer return value and always\nreturns 0, so vhost_tx_batch() takes the success path and never frees\nthe page; each rejected frame in a batch leaks one page-frag chunk.\n\nFree the page on both error paths, before the skb is built. This is the\ntap counterpart of the same leak in tun_xdp_one().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46320",
"url": "https://www.suse.com/security/cve/CVE-2026-46320"
},
{
"category": "external",
"summary": "SUSE Bug 1267993 for CVE-2026-46320",
"url": "https://bugzilla.suse.com/1267993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "low"
}
],
"title": "CVE-2026-46320"
},
{
"cve": "CVE-2026-46328",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46328"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix rlimit for posix cpu timers\n\nPosix cpu timers requires an additional step beyond setting the rlimit.\nRefactor the code so its clear when what code is setting the\nlimit and conditionally update the posix cpu timers when appropriate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46328",
"url": "https://www.suse.com/security/cve/CVE-2026-46328"
},
{
"category": "external",
"summary": "SUSE Bug 1268037 for CVE-2026-46328",
"url": "https://bugzilla.suse.com/1268037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-46328"
},
{
"cve": "CVE-2026-46331",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46331"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix pedit partial COW leading to page cache corruption\n\ntcf_pedit_act() computes the COW range for skb_ensure_writable()\nonce before the key loop using tcfp_off_max_hint, but the hint does\nnot account for the runtime header offset added by typed keys. This\ncan leave part of the write region un-COW\u0027d.\n\nFix by moving skb_ensure_writable() inside the per-key loop where\nthe actual write offset is known, and add overflow checking on the\noffset arithmetic. For negative offsets (e.g. Ethernet header edits\nat ingress), use skb_cow() to COW the headroom instead. Guard\noffset_valid() against INT_MIN, where negation is undefined.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46331",
"url": "https://www.suse.com/security/cve/CVE-2026-46331"
},
{
"category": "external",
"summary": "SUSE Bug 1265421 for CVE-2026-46331",
"url": "https://bugzilla.suse.com/1265421"
},
{
"category": "external",
"summary": "SUSE Bug 1268335 for CVE-2026-46331",
"url": "https://bugzilla.suse.com/1268335"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-46331"
},
{
"cve": "CVE-2026-52908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: During rereg_mr ensure that REREG_ACCESS is compatible\n\nIf IB_MR_REREG_ACCESS changes from RO to RW then the umem has to be\nre-evaluated to ensure it is properly pinned as RW. Since the umem is\nhidden inside each driver\u0027s mr struct add a ib_umem_check_rereg() function\nthat each driver has to call before processing IB_MR_REREG_ACCESS.\n\nmlx4 has to retain its duplicate ib_access_writable check because it\nimplements IB_MR_REREG_ACCESS | IB_MR_REREG_TRANS by changing both items\nin place sequentially while the MR is live, so it will continue to not\nsupport this combination.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52908",
"url": "https://www.suse.com/security/cve/CVE-2026-52908"
},
{
"category": "external",
"summary": "SUSE Bug 1268661 for CVE-2026-52908",
"url": "https://bugzilla.suse.com/1268661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-52908"
},
{
"cve": "CVE-2026-52909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_vti: set netns_immutable on the fallback device.\n\njohn1988 and Noam Rathaus reported that vti6_init_net() does not set the\nnetns_immutable flag on the per-netns fallback tunnel device (ip6_vti0).\n\nOther similar tunnel drivers (like ip6_tunnel, sit, ip6_gre, and ip_tunnel)\ncorrectly set this flag during their fallback device initialization to\nprevent them from being moved to another network namespace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52909",
"url": "https://www.suse.com/security/cve/CVE-2026-52909"
},
{
"category": "external",
"summary": "SUSE Bug 1268660 for CVE-2026-52909",
"url": "https://bugzilla.suse.com/1268660"
},
{
"category": "external",
"summary": "SUSE Bug 1268662 for CVE-2026-52909",
"url": "https://bugzilla.suse.com/1268662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-52909"
},
{
"cve": "CVE-2026-52918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: serialize accept_q access\n\nbt_sock_poll() walks the accept queue without synchronization, while\nchild teardown can unlink the same socket and drop its last reference.\nThe unsynchronized accept queue walk has existed since the initial\nBluetooth import.\n\nProtect accept_q with a dedicated lock for queue updates and polling.\nAlso rework bt_accept_dequeue() to take temporary child references under\nthe queue lock before dropping it and locking the child socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52918",
"url": "https://www.suse.com/security/cve/CVE-2026-52918"
},
{
"category": "external",
"summary": "SUSE Bug 1269100 for CVE-2026-52918",
"url": "https://bugzilla.suse.com/1269100"
},
{
"category": "external",
"summary": "SUSE Bug 1269102 for CVE-2026-52918",
"url": "https://bugzilla.suse.com/1269102"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-52918"
},
{
"cve": "CVE-2026-52923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipc: limit next_id allocation to the valid ID range\n\nThe checkpoint/restore sysctl path can request the next SysV IPC id\nthrough ids-\u003enext_id. ipc_idr_alloc() currently forwards that request to\nidr_alloc() with an open-ended upper bound.\n\nIf the valid tail of the SysV IPC id space is full, the allocation can\nspill beyond ipc_mni. The returned SysV IPC id still uses the normal\nindex encoding, so later lookup and removal can target the wrong slot. \nThis leaves the real IDR entry behind and breaks the IDR state for the\nobject.\n\nThe bug is in ipc_idr_alloc() in the checkpoint/restore path.\n\n1. ids-\u003enext_id is passed to:\n\n idr_alloc(\u0026ids-\u003eipcs_idr, new, ipcid_to_idx(next_id), 0, ...)\n\n2. The zero upper bound makes the allocation effectively open-ended.\n Once the valid SysV IPC tail is occupied, idr_alloc() can spill past\n ipc_mni and allocate an entry beyond the valid IPC id range.\n\n3. The new object id is still encoded with the narrower SysV IPC index\n width:\n\n new-\u003eid = (new-\u003eseq \u003c\u003c ipcmni_seq_shift()) + idx\n\n4. Later removal goes through ipc_rmid(), which uses:\n\n ipcid_to_idx(ipcp-\u003eid)\n\n That truncates the real IDR index. An object actually stored at a\n high index can then be removed as if it lived at a low in-range\n index.\n\n5. For shared memory, shm_destroy() frees the current object anyway, but\n the real high IDR slot is left behind as a dangling pointer.\n\n6. A subsequent walk of /proc/sysvipc/shm reaches the stale IDR entry\n and dereferences freed memory.\n\nPrevent this by bounding the requested allocation to ipc_mni so the\ncheckpoint/restore path fails once the valid range is exhausted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52923",
"url": "https://www.suse.com/security/cve/CVE-2026-52923"
},
{
"category": "external",
"summary": "SUSE Bug 1269033 for CVE-2026-52923",
"url": "https://bugzilla.suse.com/1269033"
},
{
"category": "external",
"summary": "SUSE Bug 1269034 for CVE-2026-52923",
"url": "https://bugzilla.suse.com/1269034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-52923"
},
{
"cve": "CVE-2026-52943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: fix missing zerocopy reference in pskb_carve helpers\n\npskb_carve_inside_header() and pskb_carve_inside_nonlinear() both copy\nthe old skb_shared_info header into a new buffer via memcpy(), which\nincludes the destructor_arg pointer (uarg) for MSG_ZEROCOPY skbs.\nNeither function calls net_zcopy_get() for the new shinfo, creating an\nunaccounted holder: every skb_shared_info with destructor_arg set will\ncall skb_zcopy_clear() once when freed, but the corresponding\nnet_zcopy_get() was never called for the new copy. Repeated calls\ndrive uarg-\u003erefcnt to zero prematurely, freeing ubuf_info_msgzc while\nTX skbs still hold live destructor_arg pointers.\n\nKASAN reports use-after-free on a freed ubuf_info_msgzc:\n\n BUG: KASAN: slab-use-after-free in skb_release_data+0x77b/0x810\n Read of size 8 at addr ffff88801574d3e8 by task poc/220\n\n Call Trace:\n skb_release_data+0x77b/0x810\n kfree_skb_list_reason+0x13e/0x610\n skb_release_data+0x4cd/0x810\n sk_skb_reason_drop+0xf3/0x340\n skb_queue_purge_reason+0x282/0x440\n rds_tcp_inc_free+0x1e/0x30\n rds_recvmsg+0x354/0x1780\n __sys_recvmsg+0xdf/0x180\n\n Allocated by task 219:\n msg_zerocopy_realloc+0x157/0x7b0\n tcp_sendmsg_locked+0x2892/0x3ba0\n\n Freed by task 219:\n ip_recv_error+0x74a/0xb10\n tcp_recvmsg+0x475/0x530\n\nThe skb consuming the late access still referenced the same uarg via\nshinfo-\u003edestructor_arg copied by pskb_carve_inside_nonlinear() without\na refcount bump. This has been verified to be reliably exploitable: a\nworking proof-of-concept achieves full root privilege escalation from\nan unprivileged local user on a default kernel configuration.\n\nThe fix follows the pattern of pskb_expand_head() which has the same\nmemcpy/cloned structure. For pskb_carve_inside_header(), net_zcopy_get()\nis placed after skb_orphan_frags() succeeds, so the orphan error path\nneeds no cleanup. For pskb_carve_inside_nonlinear(), net_zcopy_get() is\nplaced after all failure points and just before skb_release_data(), so\nno error path needs cleanup at all -- matching pskb_expand_head() more\nclosely and avoiding the need for a balancing net_zcopy_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52943",
"url": "https://www.suse.com/security/cve/CVE-2026-52943"
},
{
"category": "external",
"summary": "SUSE Bug 1269022 for CVE-2026-52943",
"url": "https://bugzilla.suse.com/1269022"
},
{
"category": "external",
"summary": "SUSE Bug 1269023 for CVE-2026-52943",
"url": "https://bugzilla.suse.com/1269023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-52943"
},
{
"cve": "CVE-2026-52954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: handle rbtree insertion error in decode_choose_args()\n\nA message of type CEPH_MSG_OSD_MAP contains an OSD map that itself\ncontains a CRUSH map. The received CRUSH map may optionally contain\nchoose_args that get decoded in decode_choose_args(). In this function,\nnum_choose_arg_maps is read from the message, and a corresponding number\nof crush_choose_arg_maps gets decoded afterwards. Each\ncrush_choose_arg_map has a choose_args_index, which serves as the key\nwhen inserting it into the choose_args rbtree of the decoded crush_map.\nIf a (potentially corrupted) message contains two crush_choose_arg_maps\nwith the same index, the assertion in insert_choose_arg_map() triggers a\nkernel BUG when trying to insert the second crush_choose_arg_map.\n\nThis patch fixes the issue by switching to the non-asserting rbtree\ninsertion function and rejecting the message if the insertion fails.\n\n[ idryomov: changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52954",
"url": "https://www.suse.com/security/cve/CVE-2026-52954"
},
{
"category": "external",
"summary": "SUSE Bug 1269137 for CVE-2026-52954",
"url": "https://bugzilla.suse.com/1269137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-52954"
},
{
"cve": "CVE-2026-52957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix potential null-ptr-deref in decode_choose_args()\n\nA message of type CEPH_MSG_OSD_MAP contains an OSD map that itself\ncontains a CRUSH map. When decoding this CRUSH map in crush_decode(), an\narray of max_buckets CRUSH buckets is decoded, where some indices may\nnot refer to actual buckets and are therefore set to NULL. The received\nCRUSH map may optionally contain choose_args that get decoded in\ndecode_choose_args(). When decoding a crush_choose_arg_map, a series of\nchoose_args for different buckets is decoded, with the bucket_index\nbeing read from the incoming message. It is only checked that the bucket\nindex does not exceed max_buckets, but not that it doesn\u0027t point to an\nindex with a NULL bucket. If a (potentially corrupted) message contains\na crush_choose_arg_map including such a bucket_index, a null pointer\ndereference may occur in the subsequent processing when attempting to\naccess the bucket with the given index.\n\nThis patch fixes the issue by extending the affected check. Now, it is\nonly attempted to access the bucket if it is not NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52957",
"url": "https://www.suse.com/security/cve/CVE-2026-52957"
},
{
"category": "external",
"summary": "SUSE Bug 1269103 for CVE-2026-52957",
"url": "https://bugzilla.suse.com/1269103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-52957"
},
{
"cve": "CVE-2026-52962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: fix a buffer leak in __ceph_setxattr()\n\nThe old_blob in __ceph_setxattr() can store\nci-\u003ei_xattrs.prealloc_blob value during the retry.\nHowever, it is never called the ceph_buffer_put()\nfor the old_blob object. This patch fixes the issue of\nthe buffer leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52962",
"url": "https://www.suse.com/security/cve/CVE-2026-52962"
},
{
"category": "external",
"summary": "SUSE Bug 1269135 for CVE-2026-52962",
"url": "https://bugzilla.suse.com/1269135"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "low"
}
],
"title": "CVE-2026-52962"
},
{
"cve": "CVE-2026-52969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Reject wrapped offset in kvm_reset_dirty_gfn()\n\nkvm_reset_dirty_gfn() guards the gfn range with\n\n\tif (!memslot || (offset + __fls(mask)) \u003e= memslot-\u003enpages)\n\t\treturn;\n\nbut offset is u64 and the addition is unchecked. The check can be\nsilently bypassed by a u64 wrap.\n\nThe dirty ring backing those entries is MAP_SHARED at\nKVM_DIRTY_LOG_PAGE_OFFSET of the vcpu fd, so the VMM can rewrite the\nslot and offset fields of any entry between when the kernel pushes\nthem and when KVM_RESET_DIRTY_RINGS consumes them. On reset,\nkvm_dirty_ring_reset() re-reads the values via READ_ONCE() and feeds\nthem straight back into this check; only the flags handshake is\ntreated as the handover, the slot/offset payload is taken on trust.\n\nCrafting two entries\n\n\tentry[i].offset = 0xffffffffffffffc1\n\tentry[i+1].offset = 0\n\nmakes the coalescing loop in kvm_dirty_ring_reset() compute\n\n\tdelta = (s64)(0 - 0xffffffffffffffc1) = 63\n\nwhich falls in [0, BITS_PER_LONG), so it folds entry[i+1] into the\nexisting mask by setting bit 63. The trailing kvm_reset_dirty_gfn()\ncall then sees offset = 0xffffffffffffffc1 and __fls(mask) = 63;\nthe sum is 0 in u64 and the bounds check passes.\n\nThat offset propagates into kvm_arch_mmu_enable_log_dirty_pt_masked()\nunchanged. On the legacy MMU path -- kvm_memslots_have_rmaps() ==\ntrue, i.e. shadow paging, any VM that has allocated shadow roots, or\na write-tracked slot -- it reaches gfn_to_rmap(), which indexes\nslot-\u003earch.rmap[0][] with a near-U64_MAX gfn. That is an\nout-of-bounds load of a kvm_rmap_head, followed by a conditional\nclear of PT_WRITABLE_MASK in whatever the loaded pointer points at.\nThe path is reachable from any process holding /dev/kvm.\n\nRange-check offset on its own first, so the addition cannot wrap.\nmemslot-\u003enpages is bounded well below U64_MAX, so once offset \u003c\nnpages holds, offset + __fls(mask) (with __fls(mask) \u003c BITS_PER_LONG)\nstays in range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52969",
"url": "https://www.suse.com/security/cve/CVE-2026-52969"
},
{
"category": "external",
"summary": "SUSE Bug 1269184 for CVE-2026-52969",
"url": "https://bugzilla.suse.com/1269184"
},
{
"category": "external",
"summary": "SUSE Bug 1270385 for CVE-2026-52969",
"url": "https://bugzilla.suse.com/1270385"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-52969"
},
{
"cve": "CVE-2026-52972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-52972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Cap AEAD AD length to 0x80000000\n\nIn order to prevent arithmetic overflows when checking the TX\nbuffer size, cap the associated data length to 0x80000000.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-52972",
"url": "https://www.suse.com/security/cve/CVE-2026-52972"
},
{
"category": "external",
"summary": "SUSE Bug 1269195 for CVE-2026-52972",
"url": "https://bugzilla.suse.com/1269195"
},
{
"category": "external",
"summary": "SUSE Bug 1269196 for CVE-2026-52972",
"url": "https://bugzilla.suse.com/1269196"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-52972"
},
{
"cve": "CVE-2026-53016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp - copy IV using skcipher ivsize\n\nAF_ALG rfc3686-ctr-aes-ccp requests pass an 8-byte IV to the driver.\n\nccp_aes_complete() restores AES_BLOCK_SIZE bytes into the caller\u0027s IV\nbuffer while RFC3686 skciphers expose an 8-byte IV, so the restore\noverruns the provided buffer.\n\nUse crypto_skcipher_ivsize() to copy only the algorithm\u0027s IV length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53016",
"url": "https://www.suse.com/security/cve/CVE-2026-53016"
},
{
"category": "external",
"summary": "SUSE Bug 1269090 for CVE-2026-53016",
"url": "https://bugzilla.suse.com/1269090"
},
{
"category": "external",
"summary": "SUSE Bug 1269766 for CVE-2026-53016",
"url": "https://bugzilla.suse.com/1269766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53016"
},
{
"cve": "CVE-2026-53040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: validate bg_bits during freefrag scan\n\n[BUG]\nA crafted filesystem can trigger an out-of-bounds bitmap walk when\nOCFS2_IOC_INFO is issued with OCFS2_INFO_FL_NON_COHERENT.\n\nBUG: KASAN: use-after-free in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: use-after-free in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: use-after-free in test_bit_le include/asm-generic/bitops/le.h:21 [inline]\nBUG: KASAN: use-after-free in ocfs2_info_freefrag_scan_chain fs/ocfs2/ioctl.c:495 [inline]\nBUG: KASAN: use-after-free in ocfs2_info_freefrag_scan_bitmap fs/ocfs2/ioctl.c:588 [inline]\nBUG: KASAN: use-after-free in ocfs2_info_handle_freefrag fs/ocfs2/ioctl.c:662 [inline]\nBUG: KASAN: use-after-free in ocfs2_info_handle_request+0x1c66/0x3370 fs/ocfs2/ioctl.c:754\nRead of size 8 at addr ffff888031bce000 by task syz.0.636/1435\nCall Trace:\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbe/0x130 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xd1/0x650 mm/kasan/report.c:482\n kasan_report+0xfb/0x140 mm/kasan/report.c:595\n check_region_inline mm/kasan/generic.c:186 [inline]\n kasan_check_range+0x11c/0x200 mm/kasan/generic.c:200\n __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n test_bit_le include/asm-generic/bitops/le.h:21 [inline]\n ocfs2_info_freefrag_scan_chain fs/ocfs2/ioctl.c:495 [inline]\n ocfs2_info_freefrag_scan_bitmap fs/ocfs2/ioctl.c:588 [inline]\n ocfs2_info_handle_freefrag fs/ocfs2/ioctl.c:662 [inline]\n ocfs2_info_handle_request+0x1c66/0x3370 fs/ocfs2/ioctl.c:754\n ocfs2_info_handle+0x18d/0x2a0 fs/ocfs2/ioctl.c:828\n ocfs2_ioctl+0x632/0x6e0 fs/ocfs2/ioctl.c:913\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x197/0x1e0 fs/ioctl.c:583\n ...\n\n[CAUSE]\nocfs2_info_freefrag_scan_chain() uses on-disk bg_bits directly as the\nbitmap scan limit. The coherent path reads group descriptors through\nocfs2_read_group_descriptor(), which validates the descriptor before\nuse. The non-coherent path uses ocfs2_read_blocks_sync() instead and\nskips that validation, so an impossible bg_bits value can drive the\nbitmap walk past the end of the block.\n\n[FIX]\nCompute the bitmap capacity from the filesystem format with\nocfs2_group_bitmap_size(), report descriptors whose bg_bits exceeds\nthat limit, and clamp the scan to the computed capacity. This keeps the\nfreefrag report going while avoiding reads beyond the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53040",
"url": "https://www.suse.com/security/cve/CVE-2026-53040"
},
{
"category": "external",
"summary": "SUSE Bug 1269397 for CVE-2026-53040",
"url": "https://bugzilla.suse.com/1269397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-53040"
},
{
"cve": "CVE-2026-53041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53041"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix listxattr handling when the buffer is full\n\n[BUG]\nIf an OCFS2 inode has both inline and block-based xattrs, listxattr()\ncan return a size larger than the caller\u0027s buffer when the inline names\nconsume that buffer exactly.\n\nkernel BUG at mm/usercopy.c:102!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nRIP: 0010:usercopy_abort+0xb7/0xd0 mm/usercopy.c:102\nCall Trace:\n __check_heap_object+0xe3/0x120 mm/slub.c:8243\n check_heap_object mm/usercopy.c:196 [inline]\n __check_object_size mm/usercopy.c:250 [inline]\n __check_object_size+0x5c5/0x780 mm/usercopy.c:215\n check_object_size include/linux/ucopysize.h:22 [inline]\n check_copy_size include/linux/ucopysize.h:59 [inline]\n copy_to_user include/linux/uaccess.h:219 [inline]\n listxattr+0xb0/0x170 fs/xattr.c:926\n filename_listxattr fs/xattr.c:958 [inline]\n path_listxattrat+0x137/0x320 fs/xattr.c:988\n __do_sys_listxattr fs/xattr.c:1001 [inline]\n __se_sys_listxattr fs/xattr.c:998 [inline]\n __x64_sys_listxattr+0x7f/0xd0 fs/xattr.c:998\n ...\n\n[CAUSE]\nCommit 936b8834366e (\"ocfs2: Refactor xattr list and remove\nocfs2_xattr_handler().\") replaced the old per-handler list accounting\nwith ocfs2_xattr_list_entry(), but it kept using size == 0 to detect\nprobe mode.\n\nThat assumption stops being true once ocfs2_listxattr() finishes the\ninline-xattr pass. If the inline names fill the caller buffer exactly,\nthe block-xattr pass runs with a non-NULL buffer and a remaining size of\nzero. ocfs2_xattr_list_entry() then skips the bounds check, keeps\ncounting block names, and returns a positive size larger than the\nsupplied buffer.\n\n[FIX]\nDetect probe mode by testing whether the destination buffer pointer is\nNULL instead of whether the remaining size is zero.\n\nThat restores the pre-refactor behavior and matches the OCFS2 getxattr\nhelpers. Once the remaining buffer reaches zero while more names are\nleft, the block-xattr pass now returns -ERANGE instead of reporting a\nsize larger than the allocated list buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53041",
"url": "https://www.suse.com/security/cve/CVE-2026-53041"
},
{
"category": "external",
"summary": "SUSE Bug 1269398 for CVE-2026-53041",
"url": "https://bugzilla.suse.com/1269398"
},
{
"category": "external",
"summary": "SUSE Bug 1270379 for CVE-2026-53041",
"url": "https://bugzilla.suse.com/1270379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53041"
},
{
"cve": "CVE-2026-53052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: qdsp6: topology: check widget type before accessing data\n\nCheck widget type before accessing the private data, as this could a\nvirtual widget which is no associated with a dsp graph, container and\nmodule. Accessing witout check could lead to incorrect memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53052",
"url": "https://www.suse.com/security/cve/CVE-2026-53052"
},
{
"category": "external",
"summary": "SUSE Bug 1269314 for CVE-2026-53052",
"url": "https://bugzilla.suse.com/1269314"
},
{
"category": "external",
"summary": "SUSE Bug 1269315 for CVE-2026-53052",
"url": "https://bugzilla.suse.com/1269315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53052"
},
{
"cve": "CVE-2026-53053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix clone_alias() to use the original device\u0027s devid\n\nCurrently clone_alias() assumes first argument (pdev) is always the\noriginal device pointer. This function is called by\npci_for_each_dma_alias() which based on topology decides to send\noriginal or alias device details in first argument.\n\nThis meant that the source devid used to look up and copy the DTE\nmay be incorrect, leading to wrong or stale DTE entries being\npropagated to alias device.\n\nFix this by passing the original pdev as the opaque data argument to\nboth the direct clone_alias() call and pci_for_each_dma_alias(). Inside\nclone_alias(), retrieve the original device from data and compute devid\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53053",
"url": "https://www.suse.com/security/cve/CVE-2026-53053"
},
{
"category": "external",
"summary": "SUSE Bug 1269310 for CVE-2026-53053",
"url": "https://bugzilla.suse.com/1269310"
},
{
"category": "external",
"summary": "SUSE Bug 1269311 for CVE-2026-53053",
"url": "https://bugzilla.suse.com/1269311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53053"
},
{
"cve": "CVE-2026-53071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp\n\nl2cap_ecred_reconf_rsp() calls l2cap_chan_del() without holding\nl2cap_chan_lock(). Every other l2cap_chan_del() caller in the file\nacquires the lock first. A remote BLE device can send a crafted\nL2CAP ECRED reconfiguration response to corrupt the channel list\nwhile another thread is iterating it.\n\nAdd l2cap_chan_hold() and l2cap_chan_lock() before l2cap_chan_del(),\nand l2cap_chan_unlock() and l2cap_chan_put() after, matching the\npattern used in l2cap_ecred_conn_rsp() and l2cap_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53071",
"url": "https://www.suse.com/security/cve/CVE-2026-53071"
},
{
"category": "external",
"summary": "SUSE Bug 1269678 for CVE-2026-53071",
"url": "https://bugzilla.suse.com/1269678"
},
{
"category": "external",
"summary": "SUSE Bug 1270375 for CVE-2026-53071",
"url": "https://bugzilla.suse.com/1270375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53071"
},
{
"cve": "CVE-2026-53072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER\n\nWhen protocol sets HCI_PROTO_DEFER, hci_conn_request_evt() calls\nhci_connect_cfm(conn) without hdev-\u003elock. Generally hci_connect_cfm()\nassumes it is held, and if conn is deleted concurrently -\u003e UAF.\n\nOnly SCO and ISO set HCI_PROTO_DEFER and only for defer setup listen,\nand HCI_EV_CONN_REQUEST is not generated for ISO. In the non-deferred\nlistening socket code paths, hci_connect_cfm(conn) is called with\nhdev-\u003elock held.\n\nFix by holding the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53072",
"url": "https://www.suse.com/security/cve/CVE-2026-53072"
},
{
"category": "external",
"summary": "SUSE Bug 1269681 for CVE-2026-53072",
"url": "https://bugzilla.suse.com/1269681"
},
{
"category": "external",
"summary": "SUSE Bug 1270374 for CVE-2026-53072",
"url": "https://bugzilla.suse.com/1270374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53072"
},
{
"cve": "CVE-2026-53122",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53122"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix deadlock between reflink and transaction commit when using flushoncommit\n\nWhen using the flushoncommit mount option, we can have a deadlock between\na transaction commit and a reflink operation that copied an inline extent\nto an offset beyond the current i_size of the destination node.\n\nThe deadlock happens like this:\n\n1) Task A clones an inline extent from inode X to an offset of inode Y\n that is beyond Y\u0027s current i_size. This means we copied the inline\n extent\u0027s data to a folio of inode Y that is beyond its EOF, using a\n call to copy_inline_to_page();\n\n2) Task B starts a transaction commit and calls\n btrfs_start_delalloc_flush() to flush delalloc;\n\n3) The delalloc flushing sees the new dirty folio of inode Y and when it\n attempts to flush it, it ends up at extent_writepage() and sees that\n the offset of the folio is beyond the i_size of inode Y, so it attempts\n to invalidate the folio by calling folio_invalidate(), which ends up at\n btrfs\u0027 folio invalidate callback - btrfs_invalidate_folio(). There it\n tries to lock the folio\u0027s range in inode Y\u0027s extent io tree, but it\n blocks since it\u0027s currently locked by task A - during a reflink we lock\n the inodes and the source and destination ranges after flushing all\n delalloc and waiting for ordered extent completion - after that we\n don\u0027t expect to have dirty folios in the ranges, the exception is if\n we have to copy an inline extent\u0027s data (because the destination offset\n is not zero);\n\n4) Task A then attempts to start a transaction to update the inode item,\n and then it\u0027s blocked since the current transaction is in the\n TRANS_STATE_COMMIT_START state. Therefore task A has to wait for the\n current transaction to become unblocked (its state \u003e=\n TRANS_STATE_UNBLOCKED).\n\n So task A is waiting for the transaction commit done by task B, and\n the later waiting on the extent lock of inode Y that is currently\n held by task A.\n\nSyzbot recently reported this with the following stack traces:\n\n INFO: task kworker/u8:7:1053 blocked for more than 143 seconds.\n Not tainted syzkaller #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u8:7 state:D stack:23520 pid:1053 tgid:1053 ppid:2 task_flags:0x4208060 flags:0x00080000\n Workqueue: writeback wb_workfn (flush-btrfs-46)\n Call Trace:\n \u003cTASK\u003e\n context_switch kernel/sched/core.c:5298 [inline]\n __schedule+0x1553/0x5240 kernel/sched/core.c:6911\n __schedule_loop kernel/sched/core.c:6993 [inline]\n schedule+0x164/0x360 kernel/sched/core.c:7008\n wait_extent_bit fs/btrfs/extent-io-tree.c:811 [inline]\n btrfs_lock_extent_bits+0x59c/0x700 fs/btrfs/extent-io-tree.c:1914\n btrfs_lock_extent fs/btrfs/extent-io-tree.h:152 [inline]\n btrfs_invalidate_folio+0x43d/0xc40 fs/btrfs/inode.c:7704\n extent_writepage fs/btrfs/extent_io.c:1852 [inline]\n extent_write_cache_pages fs/btrfs/extent_io.c:2580 [inline]\n btrfs_writepages+0x12ff/0x2440 fs/btrfs/extent_io.c:2713\n do_writepages+0x32e/0x550 mm/page-writeback.c:2554\n __writeback_single_inode+0x133/0x11a0 fs/fs-writeback.c:1750\n writeback_sb_inodes+0x995/0x19d0 fs/fs-writeback.c:2042\n wb_writeback+0x456/0xb70 fs/fs-writeback.c:2227\n wb_do_writeback fs/fs-writeback.c:2374 [inline]\n wb_workfn+0x41a/0xf60 fs/fs-writeback.c:2414\n process_one_work kernel/workqueue.c:3276 [inline]\n process_scheduled_works+0xb6e/0x18c0 kernel/workqueue.c:3359\n worker_thread+0xa53/0xfc0 kernel/workqueue.c:3440\n kthread+0x388/0x470 kernel/kthread.c:436\n ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n INFO: task syz.4.64:6910 blocked for more than 143 seconds.\n Not tainted syzkaller #0\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:syz.4.64 state:D stack:22752 pid:6910 tgid:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53122",
"url": "https://www.suse.com/security/cve/CVE-2026-53122"
},
{
"category": "external",
"summary": "SUSE Bug 1269418 for CVE-2026-53122",
"url": "https://bugzilla.suse.com/1269418"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-53122"
},
{
"cve": "CVE-2026-53133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umem: Fix truncation for block sizes \u003e= 4G\n\nWhen the iommu is used the linearization of the mapping can give a single\nblock that is very large split across multiple SG entries.\n\nWhen __rdma_block_iter_next() reassembles the split SG entries it is\noverflowing the 32 bit stack values and computed the wrong DMA addresses\nfor blocks after the truncation.\n\nUse the right types to hold DMA addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53133",
"url": "https://www.suse.com/security/cve/CVE-2026-53133"
},
{
"category": "external",
"summary": "SUSE Bug 1269821 for CVE-2026-53133",
"url": "https://bugzilla.suse.com/1269821"
},
{
"category": "external",
"summary": "SUSE Bug 1269822 for CVE-2026-53133",
"url": "https://bugzilla.suse.com/1269822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53133"
},
{
"cve": "CVE-2026-53138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Bound VBIOS record-chain walk loops\n\n[Why \u0026 How]\nAll record-chain walk loops in bios_parser.c and bios_parser2.c use\nfor(;;) and only terminate on a 0xFF record_type sentinel or zero\nrecord_size. A malformed VBIOS image missing the terminator record\ncauses unbounded iteration at probe time, potentially hundreds of\nthousands of iterations with record_size=1. In the final iterations\nnear the BIOS image boundary, struct casts beyond the 2-byte header\nvalidated by GET_IMAGE can also read out of bounds.\n\nCap all 14 record-chain walk loops to BIOS_MAX_NUM_RECORD (256)\niterations. The atombios.h defines up to 22 distinct record types\nand atomfirmware.h has 13. Assuming an average of less than 10\nrecords per type (which is reasonable since most are connector-\nbased) 256 is a generous upper bound.\n\n(cherry picked from commit 95700a3d660287ed657d6892f7be9ffc0e294a93)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53138",
"url": "https://www.suse.com/security/cve/CVE-2026-53138"
},
{
"category": "external",
"summary": "SUSE Bug 1269281 for CVE-2026-53138",
"url": "https://bugzilla.suse.com/1269281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-53138"
},
{
"cve": "CVE-2026-53182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53182"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject oversized EMA RNR lists\n\nnl80211_parse_rnr_elems() stores the parsed element count in a\nu8-backed cfg80211_rnr_elems::cnt field and uses that count to size\nthe flexible array allocation.\n\nReject nested NL80211_ATTR_EMA_RNR_ELEMS input once the count reaches\n255, before incrementing it again. This keeps the parser aligned with\nthe data structure it fills and matches the existing bound check used\nby nl80211_parse_mbssid_elems().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53182",
"url": "https://www.suse.com/security/cve/CVE-2026-53182"
},
{
"category": "external",
"summary": "SUSE Bug 1269884 for CVE-2026-53182",
"url": "https://bugzilla.suse.com/1269884"
},
{
"category": "external",
"summary": "SUSE Bug 1269885 for CVE-2026-53182",
"url": "https://bugzilla.suse.com/1269885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53182"
},
{
"cve": "CVE-2026-53253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53253"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: reject short frames before parsing\n\nA BNEP peer can send a short BNEP SDU. bnep_rx_frame() reads the\npacket type byte immediately and, for control packets, reads the control\nopcode and setup UUID-size byte before proving that those bytes are\npresent. bnep_rx_control() also dereferences the control opcode without\nrejecting an empty control payload.\n\nUse skb_pull_data() for the fixed fields in bnep_rx_frame() so a NULL\nreturn gates each dereference. Split the control handler so the frame\npath can pass an opcode that has already been pulled, and keep the\nbyte-buffer wrapper for extension control payloads.\n\nFor BNEP_SETUP_CONN_REQ, name the UUID-size byte before pulling the\nsetup payload. struct bnep_setup_conn_req carries destination and source\nservice UUIDs after that byte, each uuid_size bytes, so the parser now\ndocuments that tuple explicitly instead of leaving the pull length as an\nopaque multiplication.\n\nValidation reproduced this kernel report:\nKASAN slab-out-of-bounds in bnep_rx_frame.isra.0+0x130c/0x1790\nThe buggy address belongs to the object at ffff88800c0f7908 which belongs\nto the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes to the right of allocated 1-byte\nregion [ffff88800c0f7908, ffff88800c0f7909)\nRead of size 1\nCall trace:\n dump_stack_lvl+0xb3/0x140 (?:?)\n print_address_description+0x57/0x3a0 (?:?)\n bnep_rx_frame+0x130c/0x1790 (net/bluetooth/bnep/core.c:306)\n print_report+0xb9/0x2b0 (?:?)\n __virt_addr_valid+0x1ba/0x3a0 (?:?)\n srso_alias_return_thunk+0x5/0xfbef5 (?:?)\n kasan_addr_to_slab+0x21/0x60 (?:?)\n kasan_report+0xe0/0x110 (?:?)\n process_one_work+0xfce/0x17e0 (kernel/workqueue.c:3200)\n worker_thread+0x65c/0xe40 (?:?)\n __kthread_parkme+0x184/0x230 (?:?)\n kthread+0x35e/0x470 (?:?)\n _raw_spin_unlock_irq+0x28/0x50 (?:?)\n ret_from_fork+0x586/0x870 (?:?)\n __switch_to+0x74f/0xdc0 (?:?)\n ret_from_fork_asm+0x1a/0x30 (?:?)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53253",
"url": "https://www.suse.com/security/cve/CVE-2026-53253"
},
{
"category": "external",
"summary": "SUSE Bug 1269574 for CVE-2026-53253",
"url": "https://bugzilla.suse.com/1269574"
},
{
"category": "external",
"summary": "SUSE Bug 1269575 for CVE-2026-53253",
"url": "https://bugzilla.suse.com/1269575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53253"
},
{
"cve": "CVE-2026-53266",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53266"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: make ebt_snat ARP rewrite writable\n\nThe ebtables SNAT target keeps the Ethernet source address rewrite\nbehind skb_ensure_writable(skb, 0). This is intentional: at the bridge\nebtables hooks the Ethernet header is addressed through\nskb_mac_header()/eth_hdr(), while skb-\u003edata points at the Ethernet\npayload. Asking skb_ensure_writable() for ETH_HLEN bytes would check\nthe payload, not the Ethernet header, and would reintroduce the small\npacket regression fixed by commit 63137bc5882a.\n\nHowever, the optional ARP sender hardware address rewrite is different.\nIt writes through skb_store_bits() at an offset relative to skb-\u003edata:\n\n skb_store_bits(skb, sizeof(struct arphdr), info-\u003emac, ETH_ALEN)\n\nskb_header_pointer() only safely reads the ARP header; it does not make\nthe later sender hardware address range writable. If that range is\nstill held in a nonlinear skb fragment backed by a splice-imported file\npage, skb_store_bits() maps the frag page and copies the new MAC address\ndirectly into it.\n\nEnsure the ARP SHA range is writable before reading the ARP header and\nbefore calling skb_store_bits().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53266",
"url": "https://www.suse.com/security/cve/CVE-2026-53266"
},
{
"category": "external",
"summary": "SUSE Bug 1269136 for CVE-2026-53266",
"url": "https://bugzilla.suse.com/1269136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-53266"
},
{
"cve": "CVE-2026-53281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Avoid NULL pointer dereference or refcount corruption\n\nCommit 60f030f7418d (\"iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE\")\nfixed a NULL pointer dereference in an unlikely situation partly.\n\nIf dev_pasid is not found in the dev_pasids list, it remains NULL.\nHowever, the teardown operations are executed unconditionally, this lead\nto a NULL pointer dereference or refcount corruption.\n\nIf the domain was never attached to this IOMMU, info will be NULL, which\nwould cause an immediate dereference when checking --info-\u003erefcnt.\n\nEven if info is not NULL, decrementing the refcount without having removed\na valid PASID might unbalance the count. This could lead to premature\ndropping of the refcount to 0, potentially causing a use-after-free for the\nremaining active devices sharing the domain.\n\nFix it by returning early if dev_pasid is NULL, before executing the\nteardown operations.\n\nIssue found by AI review and suggested by Kevin Tian.\nhttps://sashiko.dev/#/patchset/20260421031347.1408890-1-zhenzhong.duan%40intel.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53281",
"url": "https://www.suse.com/security/cve/CVE-2026-53281"
},
{
"category": "external",
"summary": "SUSE Bug 1269519 for CVE-2026-53281",
"url": "https://bugzilla.suse.com/1269519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-53281"
},
{
"cve": "CVE-2026-53287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53287"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naudit: fix incorrect inheritable capability in CAPSET records\n\n__audit_log_capset() records the effective capability set into the\ninheritable field due to a copy-paste error. Every CAPSET audit\nrecord therefore reports cap_pi (process inheritable) with the value\nof cap_effective instead of cap_inheritable.\n\nThis silently corrupts audit data used for compliance and forensic\nanalysis: an attacker who modifies inheritable capabilities to\nprepare for a privilege-escalating exec would have the change masked\nin the audit trail.\n\nThe bug has been present since the original introduction of CAPSET\naudit records in 2008.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53287",
"url": "https://www.suse.com/security/cve/CVE-2026-53287"
},
{
"category": "external",
"summary": "SUSE Bug 1269506 for CVE-2026-53287",
"url": "https://bugzilla.suse.com/1269506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-53287"
},
{
"cve": "CVE-2026-53359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Fix shadow paging use-after-free due to unexpected role\n\nCommit 0cb2af2ea66ad (\"KVM: x86: Fix shadow paging use-after-free due\nto unexpected GFN\") fixed a shadow paging mismatch between stored and\ncomputed GFNs; the bug could be triggered by changing a PDE mapping from\noutside the guest, and then deleting a memslot. The rmap_remove()\ncall would miss entries created after the PDE change because the GFN\nof the leaf SPTE does not match the GFN of the struct kvm_mmu_page.\n\nA similar hole however remains if the modified PDE points to a non-leaf\npage. In this case the gfn can be made to match, but the role does not\nmatch: the original large 2MB page creates a kvm_mmu_page with direct=1,\nwhile the new 4KB needs a kvm_mmu_page with direct=0. However,\nkvm_mmu_get_child_sp() does not compare the role, and therefore reuses\nthe page.\n\nThe next step is installing a leaf (4KB) SPTE on the new path which\nrecords an rmap entry under the gfn resolved by the walk. But when\nthat child is zapped its parent kvm_mmu_page has direct=1 and\nkvm_mmu_page_get_gfn() computes the gfn for the 4KB page as\nsp-\u003egfn + index instead of using sp-\u003eshadowed_translation[] (or sp-\u003egfns[]\nin older kernels). It therefore fails to remove the recorded entry.\n\nWhen the memslot is dropped the shadow page is freed but the rmap\nentry survives, as in the scenario that was already fixed. Code that\nlater walks that gfn (dirty logging, MMU notifier invalidation, and\nso on) dereferences an sptep that lies in the freed page, causing the\nuse-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53359",
"url": "https://www.suse.com/security/cve/CVE-2026-53359"
},
{
"category": "external",
"summary": "SUSE Bug 1270059 for CVE-2026-53359",
"url": "https://bugzilla.suse.com/1270059"
},
{
"category": "external",
"summary": "SUSE Bug 1270060 for CVE-2026-53359",
"url": "https://bugzilla.suse.com/1270060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53359"
},
{
"cve": "CVE-2026-53362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-53362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: account for fraggap on the paged allocation path\n\nIn __ip6_append_data(), when the paged-allocation branch is taken\n(MSG_MORE / NETIF_F_SG / large fraglen), alloclen and pagedlen are\ncomputed as\n\n\talloclen = fragheaderlen + transhdrlen;\n\tpagedlen = datalen - transhdrlen;\n\ndatalen already includes fraggap (datalen = length + fraggap). When\nfraggap is non-zero, this is not the first skb and transhdrlen is zero.\nThe fraggap bytes carried over from the previous skb are copied just past\nthe fragment headers in the new skb\u0027s linear area. The linear area is\ntherefore undersized by fraggap bytes while pagedlen is overstated by the\nsame amount, and the copy writes past skb-\u003eend into the trailing\nskb_shared_info.\n\nAn unprivileged user can trigger this via a UDPv6 socket using\nMSG_MORE together with MSG_SPLICE_PAGES.\n\nThe bad accounting was introduced by commit 773ba4fe9104 (\"ipv6:\navoid partial copy for zc\"). Before commit ce650a166335 (\"udp6: Fix\n__ip6_append_data()\u0027s handling of MSG_SPLICE_PAGES\"), the negative\ncopy value caused -EINVAL to be returned. That later commit allowed\nMSG_SPLICE_PAGES to proceed in this case, making the corruption\ntriggerable.\n\nThe non-paged branch sets alloclen to fraglen, which already accounts\nfor fraggap because datalen does. Bring the paged branch in line by\nadding fraggap to alloclen and subtracting it from pagedlen.\n\nAfter this adjustment, copy no longer collapses to -fraggap on the\npaged path, so remove the stale comment describing that old arithmetic.\nSince a negative copy is no longer expected for a valid MSG_SPLICE_PAGES\ncase, remove the MSG_SPLICE_PAGES exception from the negative copy check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-53362",
"url": "https://www.suse.com/security/cve/CVE-2026-53362"
},
{
"category": "external",
"summary": "SUSE Bug 1269493 for CVE-2026-53362",
"url": "https://bugzilla.suse.com/1269493"
},
{
"category": "external",
"summary": "SUSE Bug 1269495 for CVE-2026-53362",
"url": "https://bugzilla.suse.com/1269495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_7_62-rt-1-150700.1.3.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Linux Enterprise Real Time 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:cluster-md-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:dlm-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:gfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-devel-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-rt-devel-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:kernel-source-rt-6.4.0-150700.7.62.1.noarch",
"SUSE Real Time Module 15 SP7:kernel-syms-rt-6.4.0-150700.7.62.1.x86_64",
"SUSE Real Time Module 15 SP7:ocfs2-kmp-rt-6.4.0-150700.7.62.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-08T14:58:16Z",
"details": "important"
}
],
"title": "CVE-2026-53362"
}
]
}
ubuntu-cve-2026-31664
Vulnerability from osv_ubuntu
In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears the trailing padding bytes of struct xfrm_user_expire after setting the hard field via memset_after(), but the analogous function build_polexpire() does not do this for struct xfrm_user_polexpire. The padding bytes after the __u8 hard field are left uninitialized from the heap allocation, and are then sent to userspace via netlink multicast to XFRMNLGRP_EXPIRE listeners, leaking kernel heap memory contents. Add the missing memset_after() call, matching build_expire().
{
"affected": [
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "crypto-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "fat-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "fb-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "firewire-core-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "floppy-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "fs-core-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "fs-secondary-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "input-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "ipmi-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "irda-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "kernel-image-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-buildinfo-3.13.0-214-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-buildinfo-3.13.0-214-lowlatency",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-cloud-tools-3.13.0-214",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-cloud-tools-3.13.0-214-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-cloud-tools-3.13.0-214-lowlatency",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-cloud-tools-common",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-headers-3.13.0-214",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-headers-3.13.0-214-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-headers-3.13.0-214-lowlatency",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-image-unsigned-3.13.0-214-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-image-unsigned-3.13.0-214-lowlatency",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-modules-3.13.0-214-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-modules-3.13.0-214-lowlatency",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-modules-extra-3.13.0-214-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-source-3.13.0",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-tools-3.13.0-214",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-tools-3.13.0-214-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-tools-3.13.0-214-lowlatency",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-tools-common",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "linux-udebs-generic",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "md-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "message-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "mouse-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "multipath-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "nfs-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "nic-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "nic-pcmcia-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "nic-shared-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "nic-usb-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "parport-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "pata-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "pcmcia-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "pcmcia-storage-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "plip-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "ppp-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "sata-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "scsi-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "serial-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "speakup-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "squashfs-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "storage-core-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "usb-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "virtio-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
},
{
"binary_name": "vlan-modules-3.13.0-214-generic-di",
"binary_version": "3.13.0-214.265"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "linux",
"purl": "pkg:deb/ubuntu/linux@3.13.0-214.265?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"3.11.0-12.19",
"3.12.0-1.3",
"3.12.0-2.5",
"3.12.0-2.7",
"3.12.0-3.8",
"3.12.0-3.9",
"3.12.0-4.10",
"3.12.0-4.12",
"3.12.0-5.13",
"3.12.0-7.15",
"3.13.0-1.16",
"3.13.0-2.17",
"3.13.0-3.18",
"3.13.0-4.19",
"3.13.0-5.20",
"3.13.0-6.23",
"3.13.0-7.25",
"3.13.0-7.26",
"3.13.0-8.27",
"3.13.0-8.28",
"3.13.0-10.30",
"3.13.0-11.31",
"3.13.0-12.32",
"3.13.0-13.33",
"3.13.0-14.34",
"3.13.0-15.35",
"3.13.0-16.36",
"3.13.0-17.37",
"3.13.0-18.38",
"3.13.0-19.39",
"3.13.0-19.40",
"3.13.0-20.42",
"3.13.0-21.43",
"3.13.0-22.44",
"3.13.0-23.45",
"3.13.0-24.46",
"3.13.0-24.47",
"3.13.0-27.50",
"3.13.0-29.53",
"3.13.0-30.54",
"3.13.0-30.55",
"3.13.0-32.57",
"3.13.0-33.58",
"3.13.0-34.60",
"3.13.0-35.62",
"3.13.0-36.63",
"3.13.0-37.64",
"3.13.0-39.66",
"3.13.0-40.69",
"3.13.0-41.70",
"3.13.0-43.72",
"3.13.0-44.73",
"3.13.0-45.74",
"3.13.0-46.75",
"3.13.0-46.76",
"3.13.0-46.77",
"3.13.0-46.79",
"3.13.0-48.80",
"3.13.0-49.81",
"3.13.0-49.83",
"3.13.0-51.84",
"3.13.0-52.85",
"3.13.0-52.86",
"3.13.0-53.88",
"3.13.0-53.89",
"3.13.0-54.91",
"3.13.0-55.92",
"3.13.0-55.94",
"3.13.0-57.95",
"3.13.0-58.97",
"3.13.0-59.98",
"3.13.0-61.100",
"3.13.0-62.102",
"3.13.0-63.103",
"3.13.0-65.105",
"3.13.0-65.106",
"3.13.0-66.108",
"3.13.0-67.110",
"3.13.0-68.111",
"3.13.0-70.113",
"3.13.0-71.114",
"3.13.0-73.116",
"3.13.0-74.118",
"3.13.0-76.120",
"3.13.0-77.121",
"3.13.0-79.123",
"3.13.0-83.127",
"3.13.0-85.129",
"3.13.0-86.130",
"3.13.0-86.131",
"3.13.0-87.133",
"3.13.0-88.135",
"3.13.0-91.138",
"3.13.0-92.139",
"3.13.0-93.140",
"3.13.0-95.142",
"3.13.0-96.143",
"3.13.0-98.145",
"3.13.0-100.147",
"3.13.0-101.148",
"3.13.0-103.150",
"3.13.0-105.152",
"3.13.0-106.153",
"3.13.0-107.154",
"3.13.0-108.155",
"3.13.0-109.156",
"3.13.0-110.157",
"3.13.0-111.158",
"3.13.0-112.159",
"3.13.0-113.160",
"3.13.0-115.162",
"3.13.0-116.163",
"3.13.0-117.164",
"3.13.0-119.166",
"3.13.0-121.170",
"3.13.0-123.172",
"3.13.0-125.174",
"3.13.0-126.175",
"3.13.0-128.177",
"3.13.0-129.178",
"3.13.0-132.181",
"3.13.0-133.182",
"3.13.0-135.184",
"3.13.0-137.186",
"3.13.0-139.188",
"3.13.0-141.190",
"3.13.0-142.191",
"3.13.0-143.192",
"3.13.0-144.193",
"3.13.0-145.194",
"3.13.0-147.196",
"3.13.0-149.199",
"3.13.0-151.201",
"3.13.0-153.203",
"3.13.0-155.205",
"3.13.0-156.206",
"3.13.0-157.207",
"3.13.0-158.208",
"3.13.0-160.210",
"3.13.0-161.211",
"3.13.0-162.212",
"3.13.0-163.213",
"3.13.0-164.214",
"3.13.0-165.215",
"3.13.0-166.216",
"3.13.0-167.217",
"3.13.0-168.218",
"3.13.0-169.219",
"3.13.0-170.220",
"3.13.0-171.222",
"3.13.0-172.223",
"3.13.0-173.224",
"3.13.0-174.225",
"3.13.0-175.226",
"3.13.0-176.227",
"3.13.0-180.231",
"3.13.0-181.232",
"3.13.0-182.233",
"3.13.0-183.234",
"3.13.0-184.235",
"3.13.0-185.236",
"3.13.0-186.237",
"3.13.0-187.238",
"3.13.0-188.239",
"3.13.0-189.240",
"3.13.0-190.241",
"3.13.0-191.242",
"3.13.0-192.243",
"3.13.0-193.244",
"3.13.0-194.245",
"3.13.0-195.246",
"3.13.0-196.247",
"3.13.0-197.248",
"3.13.0-198.249",
"3.13.0-199.250",
"3.13.0-200.251",
"3.13.0-201.252",
"3.13.0-202.253",
"3.13.0-203.254",
"3.13.0-204.255",
"3.13.0-205.256",
"3.13.0-206.257",
"3.13.0-207.258",
"3.13.0-208.259",
"3.13.0-209.260",
"3.13.0-210.261",
"3.13.0-211.262",
"3.13.0-212.263",
"3.13.0-214.265"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-4.4.0-1156",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-aws-headers-4.4.0-1156",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-aws-tools-4.4.0-1156",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-buildinfo-4.4.0-1156-aws",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-cloud-tools-4.4.0-1156-aws",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-headers-4.4.0-1156-aws",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-image-4.4.0-1156-aws",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-modules-4.4.0-1156-aws",
"binary_version": "4.4.0-1156.162"
},
{
"binary_name": "linux-tools-4.4.0-1156-aws",
"binary_version": "4.4.0-1156.162"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@4.4.0-1156.162?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.4.0-1002.2",
"4.4.0-1003.3",
"4.4.0-1005.5",
"4.4.0-1006.6",
"4.4.0-1009.9",
"4.4.0-1010.10",
"4.4.0-1011.11",
"4.4.0-1012.12",
"4.4.0-1014.14",
"4.4.0-1016.16",
"4.4.0-1017.17",
"4.4.0-1019.19",
"4.4.0-1022.22",
"4.4.0-1023.23",
"4.4.0-1024.25",
"4.4.0-1025.26",
"4.4.0-1027.30",
"4.4.0-1028.31",
"4.4.0-1029.32",
"4.4.0-1031.34",
"4.4.0-1032.35",
"4.4.0-1034.37",
"4.4.0-1036.39",
"4.4.0-1037.40",
"4.4.0-1038.41",
"4.4.0-1039.42",
"4.4.0-1040.43",
"4.4.0-1042.45",
"4.4.0-1044.47",
"4.4.0-1045.48",
"4.4.0-1046.50",
"4.4.0-1048.52",
"4.4.0-1050.54",
"4.4.0-1052.56",
"4.4.0-1054.58",
"4.4.0-1055.59",
"4.4.0-1056.60",
"4.4.0-1058.62",
"4.4.0-1059.63",
"4.4.0-1060.64",
"4.4.0-1061.65",
"4.4.0-1062.66",
"4.4.0-1064.68",
"4.4.0-1065.69",
"4.4.0-1066.70",
"4.4.0-1067.71",
"4.4.0-1073.77",
"4.4.0-1074.78",
"4.4.0-1075.79",
"4.4.0-1076.80",
"4.4.0-1077.81",
"4.4.0-1078.82",
"4.4.0-1081.85",
"4.4.0-1082.86",
"4.4.0-1083.87",
"4.4.0-1085.89",
"4.4.0-1086.90",
"4.4.0-1087.91",
"4.4.0-1088.92",
"4.4.0-1090.94",
"4.4.0-1091.95",
"4.4.0-1092.96",
"4.4.0-1093.97",
"4.4.0-1094.99",
"4.4.0-1095.100",
"4.4.0-1096.101",
"4.4.0-1097.102",
"4.4.0-1098.103",
"4.4.0-1099.104",
"4.4.0-1101.106",
"4.4.0-1102.107",
"4.4.0-1103.108",
"4.4.0-1104.109",
"4.4.0-1107.113",
"4.4.0-1109.115",
"4.4.0-1110.116",
"4.4.0-1111.117",
"4.4.0-1112.118",
"4.4.0-1113.119",
"4.4.0-1114.120",
"4.4.0-1115.121",
"4.4.0-1116.122",
"4.4.0-1117.123",
"4.4.0-1118.124",
"4.4.0-1119.125",
"4.4.0-1120.126",
"4.4.0-1121.127",
"4.4.0-1122.128",
"4.4.0-1123.129",
"4.4.0-1124.130",
"4.4.0-1125.131",
"4.4.0-1127.133",
"4.4.0-1128.134",
"4.4.0-1129.135",
"4.4.0-1130.136",
"4.4.0-1131.137",
"4.4.0-1133.139",
"4.4.0-1134.140",
"4.4.0-1135.141",
"4.4.0-1136.142",
"4.4.0-1137.143",
"4.4.0-1138.144",
"4.4.0-1139.145",
"4.4.0-1140.146",
"4.4.0-1141.147",
"4.4.0-1142.148",
"4.4.0-1143.149",
"4.4.0-1144.150",
"4.4.0-1145.151",
"4.4.0-1146.152",
"4.4.0-1147.153",
"4.4.0-1148.154",
"4.4.0-1149.155",
"4.4.0-1150.156",
"4.4.0-1151.157",
"4.4.0-1152.158",
"4.4.0-1153.159",
"4.4.0-1154.160",
"4.4.0-1155.161",
"4.4.0-1156.162"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-4.15.0-1202",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-azure-headers-4.15.0-1202",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-azure-tools-4.15.0-1202",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-buildinfo-4.15.0-1202-azure",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1202-azure",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-headers-4.15.0-1202-azure",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1202-azure",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-modules-4.15.0-1202-azure",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-1202-azure",
"binary_version": "4.15.0-1202.217~14.04.1"
},
{
"binary_name": "linux-tools-4.15.0-1202-azure",
"binary_version": "4.15.0-1202.217~14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@4.15.0-1202.217~14.04.1?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1023.24~14.04.1",
"4.15.0-1030.31~14.04.1",
"4.15.0-1031.32~14.04.1",
"4.15.0-1032.33~14.04.2",
"4.15.0-1035.36~14.04.2",
"4.15.0-1036.38~14.04.2",
"4.15.0-1037.39~14.04.2",
"4.15.0-1039.41~14.04.2",
"4.15.0-1040.44~14.04.1",
"4.15.0-1041.45~14.04.1",
"4.15.0-1042.46~14.04.1",
"4.15.0-1045.49~14.04.1",
"4.15.0-1046.50~14.04.1",
"4.15.0-1047.51~14.04.1",
"4.15.0-1049.54~14.04.1",
"4.15.0-1050.55~14.04.1",
"4.15.0-1051.56~14.04.1",
"4.15.0-1052.57~14.04.1",
"4.15.0-1055.60~14.04.1",
"4.15.0-1056.61~14.04.1",
"4.15.0-1057.62~14.04.1",
"4.15.0-1059.64~14.04.1",
"4.15.0-1060.65~14.04.1",
"4.15.0-1061.66~14.04.1",
"4.15.0-1063.68~14.04.1",
"4.15.0-1064.69~14.04.1",
"4.15.0-1066.71~14.04.1",
"4.15.0-1067.72~14.04.1",
"4.15.0-1069.74~14.04.1",
"4.15.0-1071.76~14.04.1",
"4.15.0-1074.79~14.04.1",
"4.15.0-1077.82~14.04.1",
"4.15.0-1082.92~14.04.1",
"4.15.0-1083.93~14.04.1",
"4.15.0-1089.99~14.04.1",
"4.15.0-1091.101~14.04.1",
"4.15.0-1092.102~14.04.1",
"4.15.0-1093.103~14.04.1",
"4.15.0-1095.105~14.04.1",
"4.15.0-1096.106~14.04.1",
"4.15.0-1098.109~14.04.1",
"4.15.0-1100.111~14.04.1",
"4.15.0-1102.113~14.04.1",
"4.15.0-1103.114~14.04.1",
"4.15.0-1106.118~14.04.1",
"4.15.0-1108.120~14.04.1",
"4.15.0-1109.121~14.04.1",
"4.15.0-1110.122~14.04.1",
"4.15.0-1111.123~14.04.1",
"4.15.0-1112.124~14.04.1",
"4.15.0-1113.126~14.04.1",
"4.15.0-1114.127~14.04.1",
"4.15.0-1115.128~14.04.1",
"4.15.0-1118.131~14.04.1",
"4.15.0-1121.134~14.04.1",
"4.15.0-1122.135~14.04.1",
"4.15.0-1123.136~14.04.1",
"4.15.0-1124.137~14.04.1",
"4.15.0-1125.138~14.04.1",
"4.15.0-1126.139~14.04.1",
"4.15.0-1127.140~14.04.1",
"4.15.0-1129.142~14.04.1",
"4.15.0-1130.143~14.04.1",
"4.15.0-1131.144~14.04.1",
"4.15.0-1133.146~14.04.1",
"4.15.0-1134.147~14.04.1",
"4.15.0-1136.149~14.04.1",
"4.15.0-1137.150~14.04.1",
"4.15.0-1138.151~14.04.1",
"4.15.0-1139.152~14.04.1",
"4.15.0-1142.156~14.04.1",
"4.15.0-1145.160~14.04.1",
"4.15.0-1146.161~14.04.1",
"4.15.0-1149.164~14.04.1",
"4.15.0-1150.165~14.04.1",
"4.15.0-1151.166~14.04.1",
"4.15.0-1153.168~14.04.1",
"4.15.0-1157.172~14.04.2",
"4.15.0-1158.173~14.04.1",
"4.15.0-1159.174~14.04.1",
"4.15.0-1162.177~14.04.1",
"4.15.0-1163.178~14.04.1",
"4.15.0-1164.179~14.04.1",
"4.15.0-1165.180~14.04.1",
"4.15.0-1166.181~14.04.1",
"4.15.0-1167.182~14.04.1",
"4.15.0-1168.183~14.04.1",
"4.15.0-1169.184~14.04.1",
"4.15.0-1170.185~14.04.1",
"4.15.0-1171.186~14.04.1",
"4.15.0-1172.187~14.04.1",
"4.15.0-1173.188~14.04.1",
"4.15.0-1174.189~14.04.1",
"4.15.0-1175.190~14.04.1",
"4.15.0-1176.191~14.04.1",
"4.15.0-1177.192~14.04.1",
"4.15.0-1178.193~14.04.1",
"4.15.0-1179.194~14.04.1",
"4.15.0-1180.195~14.04.1",
"4.15.0-1181.196~14.04.1",
"4.15.0-1182.197~14.04.1",
"4.15.0-1183.198~14.04.1",
"4.15.0-1184.199~14.04.1",
"4.15.0-1185.200~14.04.1",
"4.15.0-1186.201~14.04.1",
"4.15.0-1187.202~14.04.1",
"4.15.0-1188.203~14.04.1",
"4.15.0-1189.204~14.04.1",
"4.15.0-1190.205~14.04.1",
"4.15.0-1191.206~14.04.1",
"4.15.0-1192.207~14.04.1",
"4.15.0-1193.208~14.04.1",
"4.15.0-1194.209~14.04.1",
"4.15.0-1195.210~14.04.1",
"4.15.0-1196.211~14.04.1",
"4.15.0-1197.212~14.04.1",
"4.15.0-1199.214~14.04.1",
"4.15.0-1200.215~14.04.1",
"4.15.0-1201.216~14.04.1",
"4.15.0-1202.217~14.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "crypto-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "fat-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "fb-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "firewire-core-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "floppy-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "fs-core-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "fs-secondary-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "input-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "ipmi-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "irda-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "kernel-image-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-buildinfo-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-buildinfo-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-cloud-tools-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-cloud-tools-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-headers-4.4.0-283",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-headers-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-headers-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-image-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-image-unsigned-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-image-unsigned-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-lts-xenial-cloud-tools-4.4.0-283",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-lts-xenial-tools-4.4.0-283",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-lts-xenial-udebs-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-modules-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-modules-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-modules-extra-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-tools-4.4.0-283-generic",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "linux-tools-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "md-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "message-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "mouse-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "multipath-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "nfs-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "nic-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "nic-pcmcia-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "nic-shared-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "nic-usb-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "parport-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "pata-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "pcmcia-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "pcmcia-storage-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "plip-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "ppp-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "sata-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "scsi-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "serial-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "speakup-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "storage-core-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "usb-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "virtio-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
},
{
"binary_name": "vlan-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317~14.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:14.04:LTS",
"name": "linux-lts-xenial",
"purl": "pkg:deb/ubuntu/linux-lts-xenial@4.4.0-283.317~14.04.1?arch=source\u0026distro=esm-infra-legacy/trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.4.0-13.29~14.04.1",
"4.4.0-14.30~14.04.2",
"4.4.0-15.31~14.04.1",
"4.4.0-18.34~14.04.1",
"4.4.0-21.37~14.04.1",
"4.4.0-22.39~14.04.1",
"4.4.0-22.40~14.04.1",
"4.4.0-24.43~14.04.1",
"4.4.0-28.47~14.04.1",
"4.4.0-31.50~14.04.1",
"4.4.0-34.53~14.04.1",
"4.4.0-36.55~14.04.1",
"4.4.0-38.57~14.04.1",
"4.4.0-42.62~14.04.1",
"4.4.0-45.66~14.04.1",
"4.4.0-47.68~14.04.1",
"4.4.0-51.72~14.04.1",
"4.4.0-53.74~14.04.1",
"4.4.0-57.78~14.04.1",
"4.4.0-59.80~14.04.1",
"4.4.0-62.83~14.04.1",
"4.4.0-63.84~14.04.2",
"4.4.0-64.85~14.04.1",
"4.4.0-66.87~14.04.1",
"4.4.0-67.88~14.04.1",
"4.4.0-70.91~14.04.1",
"4.4.0-71.92~14.04.1",
"4.4.0-72.93~14.04.1",
"4.4.0-75.96~14.04.1",
"4.4.0-78.99~14.04.2",
"4.4.0-79.100~14.04.1",
"4.4.0-81.104~14.04.1",
"4.4.0-83.106~14.04.1",
"4.4.0-87.110~14.04.1",
"4.4.0-89.112~14.04.1",
"4.4.0-91.114~14.04.1",
"4.4.0-92.115~14.04.1",
"4.4.0-93.116~14.04.1",
"4.4.0-96.119~14.04.1",
"4.4.0-97.120~14.04.1",
"4.4.0-98.121~14.04.1",
"4.4.0-101.124~14.04.1",
"4.4.0-103.126~14.04.1",
"4.4.0-104.127~14.04.1",
"4.4.0-108.131~14.04.1",
"4.4.0-109.132~14.04.1",
"4.4.0-111.134~14.04.1",
"4.4.0-112.135~14.04.1",
"4.4.0-116.140~14.04.1",
"4.4.0-119.143~14.04.1",
"4.4.0-121.145~14.04.1",
"4.4.0-124.148~14.04.1",
"4.4.0-127.153~14.04.1",
"4.4.0-128.154~14.04.1",
"4.4.0-130.156~14.04.1",
"4.4.0-131.157~14.04.1",
"4.4.0-133.159~14.04.1",
"4.4.0-134.160~14.04.1",
"4.4.0-135.161~14.04.1",
"4.4.0-137.163~14.04.1",
"4.4.0-138.164~14.04.1",
"4.4.0-139.165~14.04.1",
"4.4.0-140.166~14.04.1",
"4.4.0-141.167~14.04.1",
"4.4.0-142.168~14.04.1",
"4.4.0-143.169~14.04.2",
"4.4.0-144.170~14.04.1",
"4.4.0-146.172~14.04.1",
"4.4.0-148.174~14.04.1",
"4.4.0-150.176~14.04.1",
"4.4.0-151.178~14.04.1",
"4.4.0-154.181~14.04.1",
"4.4.0-157.185~14.04.1",
"4.4.0-159.187~14.04.1",
"4.4.0-161.189~14.04.1",
"4.4.0-164.192~14.04.1",
"4.4.0-165.193~14.04.1",
"4.4.0-166.195~14.04.1",
"4.4.0-168.197~14.04.1",
"4.4.0-169.198~14.04.1",
"4.4.0-170.199~14.04.1",
"4.4.0-171.200~14.04.1",
"4.4.0-173.203~14.04.1",
"4.4.0-174.204~14.04.1",
"4.4.0-176.206~14.04.1",
"4.4.0-177.207~14.04.1",
"4.4.0-178.208~14.04.1",
"4.4.0-179.209~14.04.1",
"4.4.0-184.214~14.04.1",
"4.4.0-185.215~14.04.1",
"4.4.0-186.216~14.04.1",
"4.4.0-187.217~14.04.1",
"4.4.0-189.219~14.04.1",
"4.4.0-190.220~14.04.1",
"4.4.0-193.224~14.04.1",
"4.4.0-194.226~14.04.1",
"4.4.0-197.229~14.04.1",
"4.4.0-198.230~14.04.1",
"4.4.0-200.232~14.04.1",
"4.4.0-201.233~14.04.1",
"4.4.0-203.235~14.04.1",
"4.4.0-204.236~14.04.1",
"4.4.0-206.238~14.04.1",
"4.4.0-208.240~14.04.1",
"4.4.0-209.241~14.04.1",
"4.4.0-210.242~14.04.1",
"4.4.0-211.243~14.04.1",
"4.4.0-212.244~14.04.1",
"4.4.0-213.245~14.04.1",
"4.4.0-214.246~14.04.1",
"4.4.0-215.247~14.04.1",
"4.4.0-218.251~14.04.1",
"4.4.0-219.252~14.04.1",
"4.4.0-221.254~14.04.1",
"4.4.0-222.255~14.04.1",
"4.4.0-223.256~14.04.1",
"4.4.0-224.257~14.04.1",
"4.4.0-227.261~14.04.1",
"4.4.0-229.263~14.04.1",
"4.4.0-230.264~14.04.1",
"4.4.0-231.265~14.04.1",
"4.4.0-233.267~14.04.1",
"4.4.0-234.268~14.04.1",
"4.4.0-235.269~14.04.1",
"4.4.0-236.270~14.04.1",
"4.4.0-237.271~14.04.1",
"4.4.0-239.273~14.04.1",
"4.4.0-240.274~14.04.1",
"4.4.0-241.275~14.04.1",
"4.4.0-242.276~14.04.1",
"4.4.0-243.277~14.04.1",
"4.4.0-244.278~14.04.1",
"4.4.0-245.279~14.04.1",
"4.4.0-246.280~14.04.1",
"4.4.0-248.282~14.04.1",
"4.4.0-250.284~14.04.1",
"4.4.0-251.285~14.04.1",
"4.4.0-252.286~14.04.1",
"4.4.0-253.287~14.04.1",
"4.4.0-254.288~14.04.1",
"4.4.0-256.290~14.04.1",
"4.4.0-257.291~14.04.1",
"4.4.0-258.292~14.04.2",
"4.4.0-259.293~14.04.1",
"4.4.0-260.294~14.04.1",
"4.4.0-261.295~14.04.1",
"4.4.0-262.296~14.04.1",
"4.4.0-263.297~14.04.1",
"4.4.0-264.298~14.04.1",
"4.4.0-266.300~14.04.1",
"4.4.0-267.301~14.04.1",
"4.4.0-268.302~14.04.1",
"4.4.0-269.303~14.04.1",
"4.4.0-270.304~14.04.1",
"4.4.0-271.305~14.04.1",
"4.4.0-272.306~14.04.1",
"4.4.0-273.307~14.04.1",
"4.4.0-274.308~14.04.1",
"4.4.0-276.310~14.04.1",
"4.4.0-277.311~14.04.1",
"4.4.0-278.312~14.04.1",
"4.4.0-279.313~14.04.1",
"4.4.0-280.314~14.04.1",
"4.4.0-281.315~14.04.1",
"4.4.0-283.317~14.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "crypto-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "dasd-extra-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "dasd-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "fat-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "fb-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "firewire-core-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "floppy-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "fs-core-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "fs-secondary-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "input-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "ipmi-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "irda-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "kernel-image-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-buildinfo-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-buildinfo-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-cloud-tools-4.4.0-283",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-cloud-tools-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-cloud-tools-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-cloud-tools-common",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-headers-4.4.0-283",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-headers-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-headers-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-image-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-image-unsigned-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-image-unsigned-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-modules-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-modules-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-modules-extra-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-source-4.4.0",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-tools-4.4.0-283",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-tools-4.4.0-283-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-tools-4.4.0-283-lowlatency",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-tools-common",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-tools-host",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "linux-udebs-generic",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "md-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "message-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "mouse-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "multipath-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "nfs-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "nic-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "nic-pcmcia-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "nic-shared-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "nic-usb-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "parport-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "pata-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "pcmcia-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "pcmcia-storage-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "plip-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "ppp-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "sata-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "scsi-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "serial-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "speakup-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "storage-core-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "usb-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "virtio-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
},
{
"binary_name": "vlan-modules-4.4.0-283-generic-di",
"binary_version": "4.4.0-283.317"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux",
"purl": "pkg:deb/ubuntu/linux@4.4.0-283.317?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.2.0-16.19",
"4.2.0-17.21",
"4.2.0-19.23",
"4.3.0-1.10",
"4.3.0-2.11",
"4.3.0-5.16",
"4.3.0-6.17",
"4.3.0-7.18",
"4.4.0-2.16",
"4.4.0-4.19",
"4.4.0-6.21",
"4.4.0-7.22",
"4.4.0-8.23",
"4.4.0-9.24",
"4.4.0-10.25",
"4.4.0-11.26",
"4.4.0-12.28",
"4.4.0-13.29",
"4.4.0-14.30",
"4.4.0-15.31",
"4.4.0-16.32",
"4.4.0-17.33",
"4.4.0-18.34",
"4.4.0-21.37",
"4.4.0-22.39",
"4.4.0-22.40",
"4.4.0-24.43",
"4.4.0-28.47",
"4.4.0-31.50",
"4.4.0-34.53",
"4.4.0-36.55",
"4.4.0-38.57",
"4.4.0-42.62",
"4.4.0-43.63",
"4.4.0-45.66",
"4.4.0-47.68",
"4.4.0-51.72",
"4.4.0-53.74",
"4.4.0-57.78",
"4.4.0-59.80",
"4.4.0-62.83",
"4.4.0-63.84",
"4.4.0-64.85",
"4.4.0-65.86",
"4.4.0-66.87",
"4.4.0-67.88",
"4.4.0-70.91",
"4.4.0-71.92",
"4.4.0-72.93",
"4.4.0-75.96",
"4.4.0-77.98",
"4.4.0-78.99",
"4.4.0-79.100",
"4.4.0-81.104",
"4.4.0-83.106",
"4.4.0-87.110",
"4.4.0-89.112",
"4.4.0-91.114",
"4.4.0-92.115",
"4.4.0-93.116",
"4.4.0-96.119",
"4.4.0-97.120",
"4.4.0-98.121",
"4.4.0-101.124",
"4.4.0-103.126",
"4.4.0-104.127",
"4.4.0-108.131",
"4.4.0-109.132",
"4.4.0-112.135",
"4.4.0-116.140",
"4.4.0-119.143",
"4.4.0-121.145",
"4.4.0-122.146",
"4.4.0-124.148",
"4.4.0-127.153",
"4.4.0-128.154",
"4.4.0-130.156",
"4.4.0-131.157",
"4.4.0-133.159",
"4.4.0-134.160",
"4.4.0-135.161",
"4.4.0-137.163",
"4.4.0-138.164",
"4.4.0-139.165",
"4.4.0-140.166",
"4.4.0-141.167",
"4.4.0-142.168",
"4.4.0-143.169",
"4.4.0-145.171",
"4.4.0-146.172",
"4.4.0-148.174",
"4.4.0-150.176",
"4.4.0-151.178",
"4.4.0-154.181",
"4.4.0-157.185",
"4.4.0-159.187",
"4.4.0-161.189",
"4.4.0-164.192",
"4.4.0-165.193",
"4.4.0-166.195",
"4.4.0-168.197",
"4.4.0-169.198",
"4.4.0-170.199",
"4.4.0-171.200",
"4.4.0-173.203",
"4.4.0-174.204",
"4.4.0-176.206",
"4.4.0-177.207",
"4.4.0-178.208",
"4.4.0-179.209",
"4.4.0-184.214",
"4.4.0-185.215",
"4.4.0-186.216",
"4.4.0-187.217",
"4.4.0-189.219",
"4.4.0-190.220",
"4.4.0-193.224",
"4.4.0-194.226",
"4.4.0-197.229",
"4.4.0-198.230",
"4.4.0-200.232",
"4.4.0-201.233",
"4.4.0-203.235",
"4.4.0-204.236",
"4.4.0-206.238",
"4.4.0-208.240",
"4.4.0-209.241",
"4.4.0-210.242",
"4.4.0-211.243",
"4.4.0-212.244",
"4.4.0-213.245",
"4.4.0-214.246",
"4.4.0-216.249",
"4.4.0-217.250",
"4.4.0-218.251",
"4.4.0-219.252",
"4.4.0-221.254",
"4.4.0-222.255",
"4.4.0-223.256",
"4.4.0-224.257",
"4.4.0-227.261",
"4.4.0-229.263",
"4.4.0-230.264",
"4.4.0-231.265",
"4.4.0-233.267",
"4.4.0-234.268",
"4.4.0-235.269",
"4.4.0-236.270",
"4.4.0-237.271",
"4.4.0-239.273",
"4.4.0-240.274",
"4.4.0-241.275",
"4.4.0-242.276",
"4.4.0-243.277",
"4.4.0-244.278",
"4.4.0-245.279",
"4.4.0-246.280",
"4.4.0-248.282",
"4.4.0-250.284",
"4.4.0-251.285",
"4.4.0-252.286",
"4.4.0-253.287",
"4.4.0-254.288",
"4.4.0-256.290",
"4.4.0-257.291",
"4.4.0-258.292",
"4.4.0-259.293",
"4.4.0-260.294",
"4.4.0-261.295",
"4.4.0-262.296",
"4.4.0-263.297",
"4.4.0-264.298",
"4.4.0-266.300",
"4.4.0-267.301",
"4.4.0-268.302",
"4.4.0-269.303",
"4.4.0-270.304",
"4.4.0-271.305",
"4.4.0-272.306",
"4.4.0-273.307",
"4.4.0-274.308",
"4.4.0-276.310",
"4.4.0-277.311",
"4.4.0-278.312",
"4.4.0-279.313",
"4.4.0-280.314",
"4.4.0-283.317"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-4.4.0-1194",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-aws-headers-4.4.0-1194",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-aws-tools-4.4.0-1194",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-buildinfo-4.4.0-1194-aws",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-cloud-tools-4.4.0-1194-aws",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-headers-4.4.0-1194-aws",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-image-4.4.0-1194-aws",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-modules-4.4.0-1194-aws",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-modules-extra-4.4.0-1194-aws",
"binary_version": "4.4.0-1194.209"
},
{
"binary_name": "linux-tools-4.4.0-1194-aws",
"binary_version": "4.4.0-1194.209"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@4.4.0-1194.209?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.4.0-1001.10",
"4.4.0-1003.12",
"4.4.0-1004.13",
"4.4.0-1007.16",
"4.4.0-1009.18",
"4.4.0-1011.20",
"4.4.0-1012.21",
"4.4.0-1013.22",
"4.4.0-1016.25",
"4.4.0-1017.26",
"4.4.0-1018.27",
"4.4.0-1020.29",
"4.4.0-1022.31",
"4.4.0-1026.35",
"4.4.0-1028.37",
"4.4.0-1030.39",
"4.4.0-1031.40",
"4.4.0-1032.41",
"4.4.0-1035.44",
"4.4.0-1037.46",
"4.4.0-1038.47",
"4.4.0-1039.48",
"4.4.0-1041.50",
"4.4.0-1043.52",
"4.4.0-1044.53",
"4.4.0-1047.56",
"4.4.0-1048.57",
"4.4.0-1049.58",
"4.4.0-1050.59",
"4.4.0-1052.61",
"4.4.0-1054.63",
"4.4.0-1055.64",
"4.4.0-1057.66",
"4.4.0-1060.69",
"4.4.0-1061.70",
"4.4.0-1062.71",
"4.4.0-1063.72",
"4.4.0-1065.75",
"4.4.0-1066.76",
"4.4.0-1067.77",
"4.4.0-1069.79",
"4.4.0-1070.80",
"4.4.0-1072.82",
"4.4.0-1073.83",
"4.4.0-1074.84",
"4.4.0-1075.85",
"4.4.0-1077.87",
"4.4.0-1079.89",
"4.4.0-1081.91",
"4.4.0-1083.93",
"4.4.0-1084.94",
"4.4.0-1085.96",
"4.4.0-1087.98",
"4.4.0-1088.99",
"4.4.0-1090.101",
"4.4.0-1092.103",
"4.4.0-1094.105",
"4.4.0-1095.106",
"4.4.0-1096.107",
"4.4.0-1098.109",
"4.4.0-1099.110",
"4.4.0-1100.111",
"4.4.0-1101.112",
"4.4.0-1102.113",
"4.4.0-1104.115",
"4.4.0-1105.116",
"4.4.0-1106.117",
"4.4.0-1107.118",
"4.4.0-1109.120",
"4.4.0-1110.121",
"4.4.0-1111.123",
"4.4.0-1112.124",
"4.4.0-1113.126",
"4.4.0-1114.127",
"4.4.0-1117.131",
"4.4.0-1118.132",
"4.4.0-1119.133",
"4.4.0-1121.135",
"4.4.0-1122.136",
"4.4.0-1123.137",
"4.4.0-1124.138",
"4.4.0-1126.140",
"4.4.0-1127.141",
"4.4.0-1128.142",
"4.4.0-1129.143",
"4.4.0-1130.144",
"4.4.0-1131.145",
"4.4.0-1132.146",
"4.4.0-1133.147",
"4.4.0-1134.148",
"4.4.0-1135.149",
"4.4.0-1137.151",
"4.4.0-1138.152",
"4.4.0-1139.153",
"4.4.0-1140.154",
"4.4.0-1143.158",
"4.4.0-1145.160",
"4.4.0-1146.161",
"4.4.0-1147.162",
"4.4.0-1148.163",
"4.4.0-1150.165",
"4.4.0-1151.166",
"4.4.0-1152.167",
"4.4.0-1153.168",
"4.4.0-1154.169",
"4.4.0-1155.170",
"4.4.0-1156.171",
"4.4.0-1157.172",
"4.4.0-1158.173",
"4.4.0-1159.174",
"4.4.0-1160.175",
"4.4.0-1161.176",
"4.4.0-1162.177",
"4.4.0-1163.178",
"4.4.0-1164.179",
"4.4.0-1165.180",
"4.4.0-1166.181",
"4.4.0-1167.182",
"4.4.0-1168.183",
"4.4.0-1169.184",
"4.4.0-1171.186",
"4.4.0-1172.187",
"4.4.0-1173.188",
"4.4.0-1174.189",
"4.4.0-1175.190",
"4.4.0-1176.191",
"4.4.0-1177.192",
"4.4.0-1178.193",
"4.4.0-1179.194",
"4.4.0-1180.195",
"4.4.0-1181.196",
"4.4.0-1182.197",
"4.4.0-1183.198",
"4.4.0-1184.199",
"4.4.0-1185.200",
"4.4.0-1186.201",
"4.4.0-1187.202",
"4.4.0-1188.203",
"4.4.0-1189.204",
"4.4.0-1190.205",
"4.4.0-1191.206",
"4.4.0-1192.207",
"4.4.0-1194.209"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-headers-4.15.0-1194",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-aws-hwe-cloud-tools-4.15.0-1194",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-aws-hwe-tools-4.15.0-1194",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-buildinfo-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux-aws-hwe",
"purl": "pkg:deb/ubuntu/linux-aws-hwe@4.15.0-1194.207~16.04.1?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1030.31~16.04.1",
"4.15.0-1031.33~16.04.1",
"4.15.0-1032.34~16.04.1",
"4.15.0-1033.35~16.04.1",
"4.15.0-1035.37~16.04.1",
"4.15.0-1036.38~16.04.1",
"4.15.0-1039.41~16.04.1",
"4.15.0-1040.42~16.04.1",
"4.15.0-1041.43~16.04.1",
"4.15.0-1043.45~16.04.1",
"4.15.0-1044.46~16.04.1",
"4.15.0-1045.47~16.04.1",
"4.15.0-1047.49~16.04.1",
"4.15.0-1048.50~16.04.1",
"4.15.0-1050.52~16.04.1",
"4.15.0-1051.53~16.04.1",
"4.15.0-1052.54~16.04.1",
"4.15.0-1054.56~16.04.1",
"4.15.0-1056.58~16.04.1",
"4.15.0-1057.59~16.04.1",
"4.15.0-1058.60~16.04.1",
"4.15.0-1060.62~16.04.1",
"4.15.0-1063.67~16.04.1",
"4.15.0-1065.69~16.04.1",
"4.15.0-1066.70~16.04.1",
"4.15.0-1067.71~16.04.1",
"4.15.0-1073.77~16.04.1",
"4.15.0-1074.78~16.04.1",
"4.15.0-1079.83~16.04.1",
"4.15.0-1080.84~16.04.1",
"4.15.0-1082.86~16.04.1",
"4.15.0-1083.87~16.04.1",
"4.15.0-1085.90~16.04.1",
"4.15.0-1088.93~16.04.1",
"4.15.0-1090.95~16.04.1",
"4.15.0-1091.96~16.04.1",
"4.15.0-1093.99~16.04.1",
"4.15.0-1094.101~16.04.1",
"4.15.0-1095.102~16.04.1",
"4.15.0-1096.103~16.04.1",
"4.15.0-1097.104~16.04.1",
"4.15.0-1098.105~16.04.1",
"4.15.0-1099.106~16.04.1",
"4.15.0-1102.109~16.04.1",
"4.15.0-1103.110~16.04.1",
"4.15.0-1106.113~16.04.1",
"4.15.0-1109.116~16.04.1",
"4.15.0-1110.117~16.04.1",
"4.15.0-1111.118~16.04.1",
"4.15.0-1112.119~16.04.1",
"4.15.0-1113.120~16.04.1",
"4.15.0-1115.122~16.04.1",
"4.15.0-1116.123~16.04.1",
"4.15.0-1118.125~16.04.1",
"4.15.0-1119.126~16.04.2",
"4.15.0-1120.128~16.04.1",
"4.15.0-1123.132~16.04.1",
"4.15.0-1124.133~16.04.1",
"4.15.0-1126.135~16.04.2",
"4.15.0-1127.136~16.04.1",
"4.15.0-1128.137~16.04.1",
"4.15.0-1130.139~16.04.1",
"4.15.0-1133.143~16.04.1",
"4.15.0-1136.147~16.04.1",
"4.15.0-1137.148~16.04.1",
"4.15.0-1139.150~16.04.1",
"4.15.0-1140.151~16.04.1",
"4.15.0-1141.152~16.04.1",
"4.15.0-1142.154~16.04.1",
"4.15.0-1143.155~16.04.1",
"4.15.0-1146.158~16.04.2",
"4.15.0-1147.159~16.04.1",
"4.15.0-1148.160~16.04.1",
"4.15.0-1151.164~16.04.1",
"4.15.0-1153.166~16.04.1",
"4.15.0-1154.167~16.04.1",
"4.15.0-1155.168~16.04.1",
"4.15.0-1156.169~16.04.1",
"4.15.0-1157.170~16.04.1",
"4.15.0-1158.171~16.04.1",
"4.15.0-1159.172~16.04.1",
"4.15.0-1160.173~16.04.1",
"4.15.0-1161.174~16.04.1",
"4.15.0-1162.175~16.04.1",
"4.15.0-1163.176~16.04.1",
"4.15.0-1164.177~16.04.1",
"4.15.0-1165.178~16.04.1",
"4.15.0-1166.179~16.04.1",
"4.15.0-1167.180~16.04.1",
"4.15.0-1168.181~16.04.1",
"4.15.0-1169.182~16.04.1",
"4.15.0-1170.183~16.04.1",
"4.15.0-1172.185~16.04.1",
"4.15.0-1173.186~16.04.1",
"4.15.0-1174.187~16.04.1",
"4.15.0-1175.188~16.04.1",
"4.15.0-1176.189~16.04.1",
"4.15.0-1177.190~16.04.1",
"4.15.0-1178.191~16.04.1",
"4.15.0-1179.192~16.04.1",
"4.15.0-1180.193~16.04.1",
"4.15.0-1181.194~16.04.1",
"4.15.0-1182.195~16.04.1",
"4.15.0-1183.196~16.04.1",
"4.15.0-1184.197~16.04.1",
"4.15.0-1185.198~16.04.1",
"4.15.0-1186.199~16.04.1",
"4.15.0-1187.200~16.04.1",
"4.15.0-1188.201~16.04.1",
"4.15.0-1189.202~16.04.1",
"4.15.0-1190.203~16.04.1",
"4.15.0-1191.204~16.04.1",
"4.15.0-1194.207~16.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-4.15.0-1204",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-azure-headers-4.15.0-1204",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-azure-tools-4.15.0-1204",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-buildinfo-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@4.15.0-1204.219~16.04.1?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.11.0-1009.9",
"4.11.0-1011.11",
"4.11.0-1013.13",
"4.11.0-1014.14",
"4.11.0-1015.15",
"4.11.0-1016.16",
"4.13.0-1005.7",
"4.13.0-1006.8",
"4.13.0-1007.9",
"4.13.0-1009.12",
"4.13.0-1011.14",
"4.13.0-1012.15",
"4.13.0-1014.17",
"4.13.0-1016.19",
"4.13.0-1018.21",
"4.15.0-1013.13~16.04.2",
"4.15.0-1014.14~16.04.1",
"4.15.0-1018.18~16.04.1",
"4.15.0-1019.19~16.04.1",
"4.15.0-1021.21~16.04.1",
"4.15.0-1022.22~16.04.1",
"4.15.0-1023.24~16.04.1",
"4.15.0-1025.26~16.04.1",
"4.15.0-1028.29~16.04.1",
"4.15.0-1030.31~16.04.1",
"4.15.0-1031.32~16.04.1",
"4.15.0-1032.33~16.04.1",
"4.15.0-1035.36~16.04.1",
"4.15.0-1036.38~16.04.1",
"4.15.0-1037.39~16.04.1",
"4.15.0-1039.43",
"4.15.0-1040.44",
"4.15.0-1041.45",
"4.15.0-1042.46",
"4.15.0-1045.49",
"4.15.0-1046.50",
"4.15.0-1047.51",
"4.15.0-1049.54",
"4.15.0-1050.55",
"4.15.0-1051.56",
"4.15.0-1052.57",
"4.15.0-1055.60",
"4.15.0-1056.61",
"4.15.0-1057.62",
"4.15.0-1059.64",
"4.15.0-1060.65",
"4.15.0-1061.66",
"4.15.0-1063.68",
"4.15.0-1064.69",
"4.15.0-1066.71",
"4.15.0-1067.72",
"4.15.0-1069.74",
"4.15.0-1071.76",
"4.15.0-1075.80",
"4.15.0-1077.82",
"4.15.0-1082.92~16.04.1",
"4.15.0-1083.93~16.04.1",
"4.15.0-1089.99~16.04.1",
"4.15.0-1091.101~16.04.1",
"4.15.0-1092.102~16.04.1",
"4.15.0-1093.103~16.04.1",
"4.15.0-1095.105~16.04.1",
"4.15.0-1096.106~16.04.1",
"4.15.0-1098.109~16.04.1",
"4.15.0-1100.111~16.04.1",
"4.15.0-1102.113~16.04.1",
"4.15.0-1103.114~16.04.1",
"4.15.0-1106.118~16.04.1",
"4.15.0-1108.120~16.04.1",
"4.15.0-1109.121~16.04.1",
"4.15.0-1110.122~16.04.1",
"4.15.0-1111.123~16.04.1",
"4.15.0-1112.124~16.04.1",
"4.15.0-1113.126~16.04.1",
"4.15.0-1114.127~16.04.1",
"4.15.0-1115.128~16.04.1",
"4.15.0-1118.131~16.04.1",
"4.15.0-1121.134~16.04.1",
"4.15.0-1122.135~16.04.1",
"4.15.0-1123.136~16.04.1",
"4.15.0-1124.137~16.04.1",
"4.15.0-1125.138~16.04.1",
"4.15.0-1126.139~16.04.1",
"4.15.0-1127.140~16.04.1",
"4.15.0-1129.142~16.04.1",
"4.15.0-1130.143~16.04.1",
"4.15.0-1131.144~16.04.1",
"4.15.0-1133.146~16.04.1",
"4.15.0-1134.147~16.04.1",
"4.15.0-1136.149~16.04.1",
"4.15.0-1137.150~16.04.1",
"4.15.0-1138.151~16.04.1",
"4.15.0-1139.152~16.04.1",
"4.15.0-1142.156~16.04.1",
"4.15.0-1145.160~16.04.1",
"4.15.0-1146.161~16.04.1",
"4.15.0-1149.164~16.04.1",
"4.15.0-1150.165~16.04.1",
"4.15.0-1151.166~16.04.1",
"4.15.0-1153.168~16.04.1",
"4.15.0-1159.174~16.04.1",
"4.15.0-1162.177~16.04.1",
"4.15.0-1163.178~16.04.1",
"4.15.0-1164.179~16.04.1",
"4.15.0-1165.180~16.04.1",
"4.15.0-1166.181~16.04.1",
"4.15.0-1167.182~16.04.1",
"4.15.0-1168.183~16.04.1",
"4.15.0-1169.184~16.04.1",
"4.15.0-1170.185~16.04.1",
"4.15.0-1171.186~16.04.1",
"4.15.0-1172.187~16.04.1",
"4.15.0-1173.188~16.04.1",
"4.15.0-1174.189~16.04.1",
"4.15.0-1175.190~16.04.1",
"4.15.0-1176.191~16.04.1",
"4.15.0-1177.192~16.04.1",
"4.15.0-1178.193~16.04.1",
"4.15.0-1179.194~16.04.1",
"4.15.0-1180.195~16.04.1",
"4.15.0-1181.196~16.04.1",
"4.15.0-1182.197~16.04.1",
"4.15.0-1183.198~16.04.1",
"4.15.0-1184.199~16.04.1",
"4.15.0-1185.200~16.04.1",
"4.15.0-1186.201~16.04.1",
"4.15.0-1187.202~16.04.1",
"4.15.0-1188.203~16.04.1",
"4.15.0-1189.204~16.04.1",
"4.15.0-1190.205~16.04.1",
"4.15.0-1191.206~16.04.1",
"4.15.0-1192.207~16.04.1",
"4.15.0-1193.208~16.04.1",
"4.15.0-1194.209~16.04.1",
"4.15.0-1195.210~16.04.1",
"4.15.0-1196.211~16.04.1",
"4.15.0-1197.212~16.04.1",
"4.15.0-1200.215~16.04.1",
"4.15.0-1204.219~16.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204~16.04.1"
},
{
"binary_name": "linux-gcp-headers-4.15.0-1187",
"binary_version": "4.15.0-1187.204~16.04.1"
},
{
"binary_name": "linux-gcp-tools-4.15.0-1187",
"binary_version": "4.15.0-1187.204~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux-gcp",
"purl": "pkg:deb/ubuntu/linux-gcp@4.15.0-1187.204~16.04.1?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.10.0-1004.4",
"4.10.0-1006.6",
"4.10.0-1007.7",
"4.10.0-1008.8",
"4.10.0-1009.9",
"4.13.0-1002.5",
"4.13.0-1006.9",
"4.13.0-1007.10",
"4.13.0-1008.11",
"4.13.0-1011.15",
"4.13.0-1012.16",
"4.13.0-1013.17",
"4.13.0-1015.19",
"4.13.0-1017.21",
"4.13.0-1019.23",
"4.15.0-1014.14~16.04.1",
"4.15.0-1015.15~16.04.1",
"4.15.0-1017.18~16.04.1",
"4.15.0-1018.19~16.04.2",
"4.15.0-1019.20~16.04.1",
"4.15.0-1021.22~16.04.1",
"4.15.0-1023.24~16.04.1",
"4.15.0-1024.25~16.04.2",
"4.15.0-1025.26~16.04.1",
"4.15.0-1026.27~16.04.1",
"4.15.0-1027.28~16.04.1",
"4.15.0-1028.29~16.04.1",
"4.15.0-1029.31~16.04.1",
"4.15.0-1030.32~16.04.1",
"4.15.0-1032.34~16.04.1",
"4.15.0-1033.35~16.04.1",
"4.15.0-1034.36~16.04.1",
"4.15.0-1036.38~16.04.1",
"4.15.0-1037.39~16.04.1",
"4.15.0-1040.42~16.04.1",
"4.15.0-1041.43",
"4.15.0-1042.44",
"4.15.0-1044.46",
"4.15.0-1046.49",
"4.15.0-1047.50",
"4.15.0-1049.52",
"4.15.0-1050.53",
"4.15.0-1052.56",
"4.15.0-1055.59",
"4.15.0-1058.62",
"4.15.0-1060.64",
"4.15.0-1061.65",
"4.15.0-1071.81~16.04.1",
"4.15.0-1077.87~16.04.1",
"4.15.0-1078.88~16.04.1",
"4.15.0-1080.90~16.04.1",
"4.15.0-1081.92~16.04.1",
"4.15.0-1083.94~16.04.1",
"4.15.0-1084.95~16.04.1",
"4.15.0-1086.98~16.04.1",
"4.15.0-1087.100~16.04.1",
"4.15.0-1088.101~16.04.1",
"4.15.0-1090.103~16.04.1",
"4.15.0-1091.104~16.04.1",
"4.15.0-1092.105~16.04.1",
"4.15.0-1093.106~16.04.1",
"4.15.0-1094.107~16.04.1",
"4.15.0-1095.108~16.04.1",
"4.15.0-1096.109~16.04.1",
"4.15.0-1097.110~16.04.1",
"4.15.0-1098.111~16.04.1",
"4.15.0-1099.112~16.04.1",
"4.15.0-1100.113~16.04.1",
"4.15.0-1103.116~16.04.1",
"4.15.0-1106.120~16.04.1",
"4.15.0-1107.121~16.04.1",
"4.15.0-1108.122~16.04.1",
"4.15.0-1109.123~16.04.1",
"4.15.0-1110.124~16.04.1",
"4.15.0-1111.125~16.04.1",
"4.15.0-1112.126~16.04.1",
"4.15.0-1114.128~16.04.1",
"4.15.0-1115.129~16.04.1",
"4.15.0-1116.130~16.04.1",
"4.15.0-1118.132~16.04.1",
"4.15.0-1119.133~16.04.1",
"4.15.0-1120.134~16.04.1",
"4.15.0-1121.135~16.04.1",
"4.15.0-1122.136~16.04.1",
"4.15.0-1124.138~16.04.1",
"4.15.0-1127.142~16.04.1",
"4.15.0-1130.146~16.04.1",
"4.15.0-1131.147~16.04.1",
"4.15.0-1134.150~16.04.2",
"4.15.0-1135.151~16.04.2",
"4.15.0-1136.152~16.04.1",
"4.15.0-1137.153~16.04.1",
"4.15.0-1138.154~16.04.1",
"4.15.0-1141.157~16.04.2",
"4.15.0-1142.158~16.04.1",
"4.15.0-1143.159~16.04.1",
"4.15.0-1146.162~16.04.1",
"4.15.0-1147.163~16.04.1",
"4.15.0-1148.164~16.04.1",
"4.15.0-1149.165~16.04.1",
"4.15.0-1150.166~16.04.1",
"4.15.0-1151.167~16.04.1",
"4.15.0-1152.168~16.04.1",
"4.15.0-1153.170~16.04.1",
"4.15.0-1154.171~16.04.1",
"4.15.0-1155.172~16.04.1",
"4.15.0-1156.173~16.04.1",
"4.15.0-1157.174~16.04.1",
"4.15.0-1158.175~16.04.1",
"4.15.0-1159.176~16.04.1",
"4.15.0-1160.177~16.04.1",
"4.15.0-1161.178~16.04.1",
"4.15.0-1162.179~16.04.1",
"4.15.0-1163.180~16.04.1",
"4.15.0-1164.181~16.04.1",
"4.15.0-1165.182~16.04.1",
"4.15.0-1166.183~16.04.1",
"4.15.0-1167.184~16.04.2",
"4.15.0-1168.185~16.04.1",
"4.15.0-1169.186~16.04.1",
"4.15.0-1170.187~16.04.1",
"4.15.0-1171.188~16.04.1",
"4.15.0-1172.189~16.04.1",
"4.15.0-1173.190~16.04.1",
"4.15.0-1174.191~16.04.1",
"4.15.0-1175.192~16.04.1",
"4.15.0-1176.193~16.04.1",
"4.15.0-1177.194~16.04.1",
"4.15.0-1178.195~16.04.1",
"4.15.0-1179.196~16.04.1",
"4.15.0-1180.197~16.04.1",
"4.15.0-1181.198~16.04.1",
"4.15.0-1182.199~16.04.1",
"4.15.0-1183.200~16.04.2",
"4.15.0-1184.201~16.04.1",
"4.15.0-1187.204~16.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "crypto-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "dasd-extra-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "dasd-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "fat-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "fb-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "firewire-core-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "floppy-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "fs-core-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "input-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "ipmi-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "irda-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "kernel-image-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-buildinfo-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-buildinfo-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-253",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-hwe-cloud-tools-4.15.0-253",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-hwe-tools-4.15.0-253",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-hwe-udebs-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-image-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-253-generic",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "md-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "message-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "mouse-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "multipath-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "nfs-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "nic-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "nic-pcmcia-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "parport-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "pata-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "pcmcia-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "pcmcia-storage-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "plip-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "ppp-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "sata-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "scsi-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "serial-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "storage-core-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "usb-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "virtio-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
},
{
"binary_name": "vlan-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux-hwe",
"purl": "pkg:deb/ubuntu/linux-hwe@4.15.0-253.265~16.04.1?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.8.0-36.36~16.04.1",
"4.8.0-39.42~16.04.1",
"4.8.0-41.44~16.04.1",
"4.8.0-42.45~16.04.1",
"4.8.0-44.47~16.04.1",
"4.8.0-45.48~16.04.1",
"4.8.0-46.49~16.04.1",
"4.8.0-49.52~16.04.1",
"4.8.0-51.54~16.04.1",
"4.8.0-52.55~16.04.1",
"4.8.0-53.56~16.04.1",
"4.8.0-54.57~16.04.1",
"4.8.0-56.61~16.04.1",
"4.8.0-58.63~16.04.1",
"4.10.0-27.30~16.04.2",
"4.10.0-28.32~16.04.2",
"4.10.0-30.34~16.04.1",
"4.10.0-32.36~16.04.1",
"4.10.0-33.37~16.04.1",
"4.10.0-35.39~16.04.1",
"4.10.0-37.41~16.04.1",
"4.10.0-38.42~16.04.1",
"4.10.0-40.44~16.04.1",
"4.10.0-42.46~16.04.1",
"4.13.0-26.29~16.04.2",
"4.13.0-31.34~16.04.1",
"4.13.0-32.35~16.04.1",
"4.13.0-36.40~16.04.1",
"4.13.0-37.42~16.04.1",
"4.13.0-38.43~16.04.1",
"4.13.0-39.44~16.04.1",
"4.13.0-41.46~16.04.1",
"4.13.0-43.48~16.04.1",
"4.13.0-45.50~16.04.1",
"4.15.0-24.26~16.04.1",
"4.15.0-29.31~16.04.1",
"4.15.0-30.32~16.04.1",
"4.15.0-32.35~16.04.1",
"4.15.0-33.36~16.04.1",
"4.15.0-34.37~16.04.1",
"4.15.0-36.39~16.04.1",
"4.15.0-38.41~16.04.1",
"4.15.0-39.42~16.04.1",
"4.15.0-42.45~16.04.1",
"4.15.0-43.46~16.04.1",
"4.15.0-45.48~16.04.1",
"4.15.0-46.49~16.04.1",
"4.15.0-47.50~16.04.1",
"4.15.0-48.51~16.04.1",
"4.15.0-50.54~16.04.1",
"4.15.0-51.55~16.04.1",
"4.15.0-52.56~16.04.1",
"4.15.0-54.58~16.04.1",
"4.15.0-55.60~16.04.2",
"4.15.0-58.64~16.04.1",
"4.15.0-60.67~16.04.1",
"4.15.0-62.69~16.04.1",
"4.15.0-64.73~16.04.1",
"4.15.0-65.74~16.04.1",
"4.15.0-66.75~16.04.1",
"4.15.0-69.78~16.04.1",
"4.15.0-70.79~16.04.1",
"4.15.0-72.81~16.04.1",
"4.15.0-74.83~16.04.1",
"4.15.0-76.86~16.04.1",
"4.15.0-88.88~16.04.1",
"4.15.0-91.92~16.04.1",
"4.15.0-96.97~16.04.1",
"4.15.0-99.100~16.04.1",
"4.15.0-101.102~16.04.1",
"4.15.0-106.107~16.04.1",
"4.15.0-107.108~16.04.1",
"4.15.0-112.113~16.04.1",
"4.15.0-115.116~16.04.1",
"4.15.0-117.118~16.04.1",
"4.15.0-118.119~16.04.1",
"4.15.0-120.122~16.04.1",
"4.15.0-122.124~16.04.1",
"4.15.0-123.126~16.04.1",
"4.15.0-126.129~16.04.1",
"4.15.0-128.131~16.04.1",
"4.15.0-129.132~16.04.1",
"4.15.0-132.136~16.04.1",
"4.15.0-133.137~16.04.1",
"4.15.0-136.140~16.04.1",
"4.15.0-137.141~16.04.1",
"4.15.0-139.143~16.04.1",
"4.15.0-140.144~16.04.1",
"4.15.0-142.146~16.04.1",
"4.15.0-143.147~16.04.3",
"4.15.0-144.148~16.04.1",
"4.15.0-147.151~16.04.1",
"4.15.0-151.157~16.04.1",
"4.15.0-153.160~16.04.1",
"4.15.0-154.161~16.04.1",
"4.15.0-156.163~16.04.1",
"4.15.0-158.166~16.04.1",
"4.15.0-159.167~16.04.1",
"4.15.0-161.169~16.04.1",
"4.15.0-162.170~16.04.1",
"4.15.0-163.171~16.04.1",
"4.15.0-166.174~16.04.1",
"4.15.0-167.175~16.04.1",
"4.15.0-169.177~16.04.1",
"4.15.0-171.180~16.04.1",
"4.15.0-173.182~16.04.1",
"4.15.0-175.184~16.04.1",
"4.15.0-176.185~16.04.1",
"4.15.0-177.186~16.04.1",
"4.15.0-180.189~16.04.1",
"4.15.0-184.194~16.04.1",
"4.15.0-187.198~16.04.1",
"4.15.0-188.199~16.04.1",
"4.15.0-189.200~16.04.1",
"4.15.0-191.202~16.04.1",
"4.15.0-192.203~16.04.1",
"4.15.0-193.204~16.04.1",
"4.15.0-194.205~16.04.1",
"4.15.0-196.207~16.04.1",
"4.15.0-197.208~16.04.1",
"4.15.0-200.211~16.04.2",
"4.15.0-201.212~16.04.1",
"4.15.0-202.213~16.04.1",
"4.15.0-206.217~16.04.1",
"4.15.0-208.219~16.04.1",
"4.15.0-209.220~16.04.1",
"4.15.0-210.221~16.04.1",
"4.15.0-211.222~16.04.1",
"4.15.0-212.223~16.04.1",
"4.15.0-213.224~16.04.1",
"4.15.0-214.225~16.04.1",
"4.15.0-216.227~16.04.1",
"4.15.0-218.229~16.04.1",
"4.15.0-219.230~16.04.1",
"4.15.0-220.231~16.04.1",
"4.15.0-221.232~16.04.1",
"4.15.0-222.233~16.04.1",
"4.15.0-223.235~16.04.1",
"4.15.0-224.236~16.04.1",
"4.15.0-225.237~16.04.1",
"4.15.0-226.238~16.04.1",
"4.15.0-227.239~16.04.1",
"4.15.0-228.240~16.04.1",
"4.15.0-229.241~16.04.1",
"4.15.0-230.242~16.04.1",
"4.15.0-231.243~16.04.1",
"4.15.0-232.244~16.04.1",
"4.15.0-233.245~16.04.1",
"4.15.0-234.246~16.04.1",
"4.15.0-235.247~16.04.1",
"4.15.0-236.248~16.04.1",
"4.15.0-237.249~16.04.1",
"4.15.0-238.250~16.04.1",
"4.15.0-239.251~16.04.1",
"4.15.0-240.252~16.04.1",
"4.15.0-241.253~16.04.1",
"4.15.0-242.254~16.04.1",
"4.15.0-243.255~16.04.1",
"4.15.0-245.257~16.04.1",
"4.15.0-246.258~16.04.1",
"4.15.0-247.259~16.04.1",
"4.15.0-248.260~16.04.1",
"4.15.0-249.261~16.04.1",
"4.15.0-253.265~16.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "block-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "crypto-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "crypto-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "dasd-extra-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "dasd-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "fat-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "fat-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "fb-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "firewire-core-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "floppy-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "fs-core-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "fs-core-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "input-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "input-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "ipmi-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "ipmi-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "irda-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "irda-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "kernel-image-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "kernel-image-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-23-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-23-lowlatency",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-23",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-23-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-23-generic-lpae",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-23-lowlatency",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-hwe-edge-cloud-tools-4.15.0-23",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-hwe-edge-tools-4.15.0-23",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-hwe-edge-udebs-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-hwe-edge-udebs-generic-lpae",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-image-4.15.0-23-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-image-4.15.0-23-generic-lpae",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-image-4.15.0-23-lowlatency",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-23-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-23-lowlatency",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-23-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-23-generic-lpae",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-23-lowlatency",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-23-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-source-4.15.0",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-23-generic",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-23-generic-lpae",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-23-lowlatency",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "md-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "md-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "message-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "mouse-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "mouse-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "multipath-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "multipath-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nfs-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nfs-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nic-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nic-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nic-pcmcia-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "parport-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "parport-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "pata-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "pcmcia-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "pcmcia-storage-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "plip-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "plip-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "ppp-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "ppp-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "sata-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "sata-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "scsi-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "scsi-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "serial-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "storage-core-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "storage-core-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "usb-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "usb-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "virtio-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "vlan-modules-4.15.0-23-generic-di",
"binary_version": "4.15.0-23.25~16.04.1"
},
{
"binary_name": "vlan-modules-4.15.0-23-generic-lpae-di",
"binary_version": "4.15.0-23.25~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "linux-hwe-edge",
"purl": "pkg:deb/ubuntu/linux-hwe-edge@4.15.0-23.25~16.04.1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.8.0-28.30~16.04.1",
"4.8.0-30.32~16.04.1",
"4.8.0-32.34~16.04.1",
"4.8.0-34.36~16.04.1",
"4.10.0-14.16~16.04.1",
"4.10.0-19.21~16.04.1",
"4.10.0-20.22~16.04.1",
"4.10.0-21.23~16.04.1",
"4.10.0-22.24~16.04.1",
"4.10.0-24.28~16.04.1",
"4.10.0-26.30~16.04.1",
"4.11.0-13.19~16.04.1",
"4.11.0-14.20~16.04.1",
"4.13.0-16.19~16.04.3",
"4.13.0-17.20~16.04.1",
"4.13.0-19.22~16.04.1",
"4.13.0-21.24~16.04.1",
"4.13.0-25.29~16.04.2",
"4.15.0-13.14~16.04.1",
"4.15.0-15.16~16.04.1",
"4.15.0-20.21~16.04.1",
"4.15.0-22.24~16.04.1",
"4.15.0-23.25~16.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.4.0-1157-kvm",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-cloud-tools-4.4.0-1157-kvm",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-headers-4.4.0-1157-kvm",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-image-4.4.0-1157-kvm",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-kvm-cloud-tools-4.4.0-1157",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-kvm-headers-4.4.0-1157",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-kvm-tools-4.4.0-1157",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-modules-4.4.0-1157-kvm",
"binary_version": "4.4.0-1157.168"
},
{
"binary_name": "linux-tools-4.4.0-1157-kvm",
"binary_version": "4.4.0-1157.168"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux-kvm",
"purl": "pkg:deb/ubuntu/linux-kvm@4.4.0-1157.168?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.4.0-1004.9",
"4.4.0-1007.12",
"4.4.0-1008.13",
"4.4.0-1009.14",
"4.4.0-1010.15",
"4.4.0-1012.17",
"4.4.0-1013.18",
"4.4.0-1015.20",
"4.4.0-1017.22",
"4.4.0-1019.24",
"4.4.0-1020.25",
"4.4.0-1021.26",
"4.4.0-1023.28",
"4.4.0-1026.31",
"4.4.0-1027.32",
"4.4.0-1029.34",
"4.4.0-1031.37",
"4.4.0-1032.38",
"4.4.0-1033.39",
"4.4.0-1035.41",
"4.4.0-1036.42",
"4.4.0-1037.43",
"4.4.0-1038.44",
"4.4.0-1039.45",
"4.4.0-1040.46",
"4.4.0-1041.47",
"4.4.0-1043.49",
"4.4.0-1044.50",
"4.4.0-1046.52",
"4.4.0-1047.53",
"4.4.0-1048.55",
"4.4.0-1051.58",
"4.4.0-1052.59",
"4.4.0-1054.61",
"4.4.0-1056.63",
"4.4.0-1058.65",
"4.4.0-1059.66",
"4.4.0-1060.67",
"4.4.0-1062.69",
"4.4.0-1063.70",
"4.4.0-1064.71",
"4.4.0-1065.72",
"4.4.0-1066.73",
"4.4.0-1068.75",
"4.4.0-1069.76",
"4.4.0-1070.77",
"4.4.0-1071.78",
"4.4.0-1075.82",
"4.4.0-1076.83",
"4.4.0-1077.84",
"4.4.0-1078.85",
"4.4.0-1079.86",
"4.4.0-1080.87",
"4.4.0-1082.91",
"4.4.0-1084.93",
"4.4.0-1085.94",
"4.4.0-1087.96",
"4.4.0-1088.97",
"4.4.0-1089.98",
"4.4.0-1090.99",
"4.4.0-1091.100",
"4.4.0-1092.101",
"4.4.0-1093.102",
"4.4.0-1094.103",
"4.4.0-1095.104",
"4.4.0-1096.105",
"4.4.0-1097.106",
"4.4.0-1098.107",
"4.4.0-1099.108",
"4.4.0-1100.109",
"4.4.0-1102.111",
"4.4.0-1103.112",
"4.4.0-1104.113",
"4.4.0-1105.114",
"4.4.0-1108.118",
"4.4.0-1110.120",
"4.4.0-1111.121",
"4.4.0-1112.122",
"4.4.0-1113.123",
"4.4.0-1114.124",
"4.4.0-1115.125",
"4.4.0-1116.126",
"4.4.0-1117.127",
"4.4.0-1118.128",
"4.4.0-1119.129",
"4.4.0-1120.130",
"4.4.0-1121.131",
"4.4.0-1122.132",
"4.4.0-1123.133",
"4.4.0-1124.134",
"4.4.0-1125.135",
"4.4.0-1126.136",
"4.4.0-1128.138",
"4.4.0-1129.139",
"4.4.0-1130.140",
"4.4.0-1131.141",
"4.4.0-1132.142",
"4.4.0-1134.144",
"4.4.0-1135.145",
"4.4.0-1136.146",
"4.4.0-1137.147",
"4.4.0-1138.148",
"4.4.0-1139.149",
"4.4.0-1140.151",
"4.4.0-1141.152",
"4.4.0-1142.153",
"4.4.0-1143.154",
"4.4.0-1144.155",
"4.4.0-1145.156",
"4.4.0-1146.157",
"4.4.0-1147.158",
"4.4.0-1148.159",
"4.4.0-1149.160",
"4.4.0-1150.161",
"4.4.0-1151.162",
"4.4.0-1152.163",
"4.4.0-1153.164",
"4.4.0-1154.165",
"4.4.0-1155.166",
"4.4.0-1157.168"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167~16.04.1"
},
{
"binary_name": "linux-oracle-headers-4.15.0-1156",
"binary_version": "4.15.0-1156.167~16.04.1"
},
{
"binary_name": "linux-oracle-tools-4.15.0-1156",
"binary_version": "4.15.0-1156.167~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:16.04:LTS",
"name": "linux-oracle",
"purl": "pkg:deb/ubuntu/linux-oracle@4.15.0-1156.167~16.04.1?arch=source\u0026distro=esm-infra-legacy/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1007.9~16.04.1",
"4.15.0-1008.10~16.04.1",
"4.15.0-1009.11~16.04.1",
"4.15.0-1010.12~16.04.1",
"4.15.0-1011.13~16.04.1",
"4.15.0-1013.15~16.04.1",
"4.15.0-1014.16~16.04.1",
"4.15.0-1015.17~16.04.1",
"4.15.0-1017.19~16.04.2",
"4.15.0-1018.20~16.04.1",
"4.15.0-1021.23~16.04.1",
"4.15.0-1022.25~16.04.1",
"4.15.0-1023.26~16.04.1",
"4.15.0-1025.28~16.04.1",
"4.15.0-1026.29~16.04.1",
"4.15.0-1027.30~16.04.1",
"4.15.0-1029.32~16.04.1",
"4.15.0-1030.33~16.04.1",
"4.15.0-1031.34~16.04.1",
"4.15.0-1033.36~16.04.1",
"4.15.0-1035.38~16.04.1",
"4.15.0-1037.41~16.04.1",
"4.15.0-1038.42~16.04.1",
"4.15.0-1039.43~16.04.1",
"4.15.0-1045.49~16.04.1",
"4.15.0-1046.50~16.04.1",
"4.15.0-1050.54~16.04.1",
"4.15.0-1051.55~16.04.1",
"4.15.0-1053.57~16.04.1",
"4.15.0-1054.58~16.04.1",
"4.15.0-1056.61~16.04.1",
"4.15.0-1058.64~16.04.1",
"4.15.0-1059.65~16.04.1",
"4.15.0-1061.67~16.04.1",
"4.15.0-1062.68~16.04.1",
"4.15.0-1064.71~16.04.1",
"4.15.0-1065.73~16.04.1",
"4.15.0-1066.74~16.04.1",
"4.15.0-1067.75~16.04.1",
"4.15.0-1068.76~16.04.1",
"4.15.0-1069.77~16.04.1",
"4.15.0-1070.78~16.04.1",
"4.15.0-1071.79~16.04.1",
"4.15.0-1072.80~16.04.1",
"4.15.0-1075.83~16.04.1",
"4.15.0-1078.86~16.04.1",
"4.15.0-1079.87~16.04.1",
"4.15.0-1080.88~16.04.1",
"4.15.0-1081.89~16.04.1",
"4.15.0-1082.90~16.04.1",
"4.15.0-1083.91~16.04.1",
"4.15.0-1084.92~16.04.1",
"4.15.0-1085.93~16.04.1",
"4.15.0-1086.94~16.04.1",
"4.15.0-1087.95~16.04.1",
"4.15.0-1089.98~16.04.1",
"4.15.0-1090.99~16.04.1",
"4.15.0-1091.100~16.04.1",
"4.15.0-1092.101~16.04.1",
"4.15.0-1093.102~16.04.1",
"4.15.0-1095.104~16.04.1",
"4.15.0-1098.108~16.04.1",
"4.15.0-1101.112~16.04.1",
"4.15.0-1102.113~16.04.1",
"4.15.0-1104.115~16.04.1",
"4.15.0-1105.116~16.04.1",
"4.15.0-1106.117~16.04.1",
"4.15.0-1107.118~16.04.1",
"4.15.0-1108.119~16.04.1",
"4.15.0-1111.122~16.04.2",
"4.15.0-1112.123~16.04.1",
"4.15.0-1113.124~16.04.1",
"4.15.0-1115.126~16.04.1",
"4.15.0-1116.127~16.04.1",
"4.15.0-1117.128~16.04.1",
"4.15.0-1118.129~16.04.1",
"4.15.0-1119.130~16.04.1",
"4.15.0-1120.131~16.04.1",
"4.15.0-1121.132~16.04.1",
"4.15.0-1122.133~16.04.1",
"4.15.0-1123.134~16.04.1",
"4.15.0-1124.135~16.04.1",
"4.15.0-1125.136~16.04.1",
"4.15.0-1126.137~16.04.1",
"4.15.0-1127.138~16.04.1",
"4.15.0-1128.139~16.04.1",
"4.15.0-1129.140~16.04.1",
"4.15.0-1130.141~16.04.1",
"4.15.0-1131.142~16.04.1",
"4.15.0-1132.143~16.04.1",
"4.15.0-1133.144~16.04.1",
"4.15.0-1134.145~16.04.1",
"4.15.0-1135.146~16.04.1",
"4.15.0-1136.147~16.04.1",
"4.15.0-1137.148~16.04.1",
"4.15.0-1138.149~16.04.1",
"4.15.0-1139.150~16.04.1",
"4.15.0-1140.151~16.04.1",
"4.15.0-1141.152~16.04.1",
"4.15.0-1142.153~16.04.1",
"4.15.0-1143.154~16.04.1",
"4.15.0-1144.155~16.04.1",
"4.15.0-1145.156~16.04.1",
"4.15.0-1148.159~16.04.1",
"4.15.0-1149.160~16.04.1",
"4.15.0-1150.161~16.04.1",
"4.15.0-1151.162~16.04.1",
"4.15.0-1153.164~16.04.1",
"4.15.0-1156.167~16.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "crypto-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "dasd-extra-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "dasd-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "fat-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "fb-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "firewire-core-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "floppy-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "fs-core-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "fs-secondary-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "input-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "ipmi-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "irda-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "kernel-image-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-buildinfo-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-fips-cloud-tools-common",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-fips-headers-4.4.0-1126",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-fips-source-4.4.0",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-fips-tools-4.4.0-1126",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-headers-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-image-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-image-hmac-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-image-unsigned-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-image-unsigned-hmac-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-modules-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-modules-extra-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-tools-4.4.0-1126-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "linux-udebs-fips",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "md-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "message-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "mouse-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "multipath-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "nfs-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "nic-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "nic-pcmcia-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "nic-shared-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "nic-usb-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "parport-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "pata-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "pcmcia-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "pcmcia-storage-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "plip-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "ppp-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "sata-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "scsi-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "serial-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "speakup-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "storage-core-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "usb-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "virtio-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
},
{
"binary_name": "vlan-modules-4.4.0-1126-fips-di",
"binary_version": "4.4.0-1126.133"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@4.4.0-1126.133?arch=source\u0026distro=fips-updates/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.4.0-1003.3",
"4.4.0-1005.5",
"4.4.0-1006.6",
"4.4.0-1008.10",
"4.4.0-1010.13",
"4.4.0-1011.14",
"4.4.0-1012.16",
"4.4.0-1013.17",
"4.4.0-1015.20",
"4.4.0-1017.22",
"4.4.0-1019.24",
"4.4.0-1021.26",
"4.4.0-1022.27",
"4.4.0-1023.28",
"4.4.0-1025.30",
"4.4.0-1026.31",
"4.4.0-1027.32",
"4.4.0-1028.33",
"4.4.0-1029.34",
"4.4.0-1031.36",
"4.4.0-1032.37",
"4.4.0-1033.38",
"4.4.0-1034.39",
"4.4.0-1041.46",
"4.4.0-1042.47",
"4.4.0-1043.48",
"4.4.0-1044.49",
"4.4.0-1045.50",
"4.4.0-1046.51",
"4.4.0-1048.53",
"4.4.0-1049.55",
"4.4.0-1051.57",
"4.4.0-1052.58",
"4.4.0-1054.60",
"4.4.0-1055.61",
"4.4.0-1056.62",
"4.4.0-1057.63",
"4.4.0-1058.64",
"4.4.0-1060.66",
"4.4.0-1061.67",
"4.4.0-1062.68",
"4.4.0-1063.69",
"4.4.0-1064.70",
"4.4.0-1065.71",
"4.4.0-1066.72",
"4.4.0-1067.73",
"4.4.0-1068.74",
"4.4.0-1069.75",
"4.4.0-1071.77",
"4.4.0-1072.78",
"4.4.0-1073.79",
"4.4.0-1074.80",
"4.4.0-1077.84",
"4.4.0-1079.86",
"4.4.0-1080.87",
"4.4.0-1081.88",
"4.4.0-1082.89",
"4.4.0-1083.90",
"4.4.0-1084.91",
"4.4.0-1085.92",
"4.4.0-1086.93",
"4.4.0-1088.95",
"4.4.0-1089.96",
"4.4.0-1090.97",
"4.4.0-1091.98",
"4.4.0-1092.99",
"4.4.0-1093.100",
"4.4.0-1094.101",
"4.4.0-1095.102",
"4.4.0-1097.104",
"4.4.0-1099.106",
"4.4.0-1100.107",
"4.4.0-1101.108",
"4.4.0-1102.109",
"4.4.0-1103.110",
"4.4.0-1104.111",
"4.4.0-1105.112",
"4.4.0-1106.113",
"4.4.0-1107.114",
"4.4.0-1108.115",
"4.4.0-1109.116",
"4.4.0-1110.117",
"4.4.0-1111.118",
"4.4.0-1112.119",
"4.4.0-1113.120",
"4.4.0-1114.121",
"4.4.0-1115.122",
"4.4.0-1116.123",
"4.4.0-1117.124",
"4.4.0-1119.126",
"4.4.0-1120.127",
"4.4.0-1121.128",
"4.4.0-1122.129",
"4.4.0-1123.130",
"4.4.0-1124.131",
"4.4.0-1125.132",
"4.4.0-1126.133"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "crypto-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "dasd-extra-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "dasd-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "fat-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "fb-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "firewire-core-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "floppy-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "fs-core-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "fs-secondary-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "input-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "ipmi-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "irda-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "kernel-image-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-fips-headers-4.4.0-1002",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-fips-source-4.4.0",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-fips-tools-4.4.0-1002",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-headers-4.4.0-1002-fips",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-image-4.4.0-1002-fips",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-image-extra-4.4.0-1002-fips",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-image-hmac-4.4.0-1002-fips",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-tools-4.4.0-1002-fips",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-udebs-fips",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "md-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "message-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "mouse-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "multipath-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "nfs-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "nic-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "nic-pcmcia-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "nic-shared-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "nic-usb-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "parport-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "pata-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "pcmcia-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "pcmcia-storage-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "plip-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "ppp-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "sata-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "scsi-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "serial-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "speakup-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "storage-core-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "usb-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "virtio-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "vlan-modules-4.4.0-1002-fips-di",
"binary_version": "4.4.0-1002.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:16.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@4.4.0-1002.2?arch=source\u0026distro=fips/xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.4.0-1001.1",
"4.4.0-1002.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "crypto-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "dasd-extra-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "dasd-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "fat-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "fb-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "firewire-core-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "floppy-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "fs-core-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "fs-secondary-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "input-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "ipmi-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "irda-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "kernel-image-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-buildinfo-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-buildinfo-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-cloud-tools-4.15.0-253",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-cloud-tools-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-cloud-tools-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-cloud-tools-common",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-headers-4.15.0-253",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-headers-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-headers-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-image-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-image-unsigned-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-image-unsigned-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-modules-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-modules-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-modules-extra-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-source-4.15.0",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-tools-4.15.0-253",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-tools-4.15.0-253-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-tools-4.15.0-253-lowlatency",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-tools-common",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-tools-host",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "linux-udebs-generic",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "md-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "message-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "mouse-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "multipath-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "nfs-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "nic-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "nic-pcmcia-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "nic-shared-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "nic-usb-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "parport-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "pata-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "pcmcia-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "pcmcia-storage-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "plip-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "ppp-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "sata-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "scsi-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "serial-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "storage-core-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "usb-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "virtio-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
},
{
"binary_name": "vlan-modules-4.15.0-253-generic-di",
"binary_version": "4.15.0-253.265"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux",
"purl": "pkg:deb/ubuntu/linux@4.15.0-253.265?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.13.0-16.19",
"4.13.0-17.20",
"4.13.0-25.29",
"4.13.0-32.35",
"4.15.0-10.11",
"4.15.0-12.13",
"4.15.0-13.14",
"4.15.0-15.16",
"4.15.0-19.20",
"4.15.0-20.21",
"4.15.0-22.24",
"4.15.0-23.25",
"4.15.0-24.26",
"4.15.0-29.31",
"4.15.0-30.32",
"4.15.0-32.35",
"4.15.0-33.36",
"4.15.0-34.37",
"4.15.0-36.39",
"4.15.0-38.41",
"4.15.0-39.42",
"4.15.0-42.45",
"4.15.0-43.46",
"4.15.0-44.47",
"4.15.0-45.48",
"4.15.0-46.49",
"4.15.0-47.50",
"4.15.0-48.51",
"4.15.0-50.54",
"4.15.0-51.55",
"4.15.0-52.56",
"4.15.0-54.58",
"4.15.0-55.60",
"4.15.0-58.64",
"4.15.0-60.67",
"4.15.0-62.69",
"4.15.0-64.73",
"4.15.0-65.74",
"4.15.0-66.75",
"4.15.0-69.78",
"4.15.0-70.79",
"4.15.0-72.81",
"4.15.0-74.84",
"4.15.0-76.86",
"4.15.0-88.88",
"4.15.0-91.92",
"4.15.0-96.97",
"4.15.0-99.100",
"4.15.0-101.102",
"4.15.0-106.107",
"4.15.0-108.109",
"4.15.0-109.110",
"4.15.0-111.112",
"4.15.0-112.113",
"4.15.0-115.116",
"4.15.0-117.118",
"4.15.0-118.119",
"4.15.0-121.123",
"4.15.0-122.124",
"4.15.0-123.126",
"4.15.0-124.127",
"4.15.0-126.129",
"4.15.0-128.131",
"4.15.0-129.132",
"4.15.0-130.134",
"4.15.0-132.136",
"4.15.0-134.138",
"4.15.0-135.139",
"4.15.0-136.140",
"4.15.0-137.141",
"4.15.0-139.143",
"4.15.0-140.144",
"4.15.0-141.145",
"4.15.0-142.146",
"4.15.0-143.147",
"4.15.0-144.148",
"4.15.0-147.151",
"4.15.0-151.157",
"4.15.0-153.160",
"4.15.0-154.161",
"4.15.0-156.163",
"4.15.0-158.166",
"4.15.0-159.167",
"4.15.0-161.169",
"4.15.0-162.170",
"4.15.0-163.171",
"4.15.0-166.174",
"4.15.0-167.175",
"4.15.0-169.177",
"4.15.0-171.180",
"4.15.0-173.182",
"4.15.0-175.184",
"4.15.0-176.185",
"4.15.0-177.186",
"4.15.0-180.189",
"4.15.0-184.194",
"4.15.0-187.198",
"4.15.0-188.199",
"4.15.0-189.200",
"4.15.0-191.202",
"4.15.0-192.203",
"4.15.0-193.204",
"4.15.0-194.205",
"4.15.0-196.207",
"4.15.0-197.208",
"4.15.0-200.211",
"4.15.0-201.212",
"4.15.0-202.213",
"4.15.0-204.215",
"4.15.0-206.217",
"4.15.0-208.220",
"4.15.0-209.220",
"4.15.0-210.221",
"4.15.0-211.222",
"4.15.0-212.223",
"4.15.0-213.224",
"4.15.0-214.225",
"4.15.0-216.227",
"4.15.0-218.229",
"4.15.0-219.230",
"4.15.0-220.231",
"4.15.0-221.232",
"4.15.0-222.233",
"4.15.0-223.235",
"4.15.0-224.236",
"4.15.0-225.237",
"4.15.0-226.238",
"4.15.0-227.239",
"4.15.0-228.240",
"4.15.0-229.241",
"4.15.0-230.242",
"4.15.0-231.243",
"4.15.0-232.244",
"4.15.0-233.245",
"4.15.0-234.246",
"4.15.0-235.247",
"4.15.0-236.248",
"4.15.0-237.249",
"4.15.0-238.250",
"4.15.0-239.251",
"4.15.0-240.252",
"4.15.0-241.253",
"4.15.0-242.254",
"4.15.0-243.255",
"4.15.0-245.257",
"4.15.0-246.258",
"4.15.0-247.259",
"4.15.0-248.260",
"4.15.0-249.261",
"4.15.0-250.262",
"4.15.0-251.263",
"4.15.0-253.265"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-4.15.0-1194",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-aws-headers-4.15.0-1194",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-aws-tools-4.15.0-1194",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-buildinfo-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-headers-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-modules-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-modules-extra-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207"
},
{
"binary_name": "linux-tools-4.15.0-1194-aws",
"binary_version": "4.15.0-1194.207"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@4.15.0-1194.207?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1001.1",
"4.15.0-1003.3",
"4.15.0-1005.5",
"4.15.0-1006.6",
"4.15.0-1007.7",
"4.15.0-1009.9",
"4.15.0-1010.10",
"4.15.0-1011.11",
"4.15.0-1016.16",
"4.15.0-1017.17",
"4.15.0-1019.19",
"4.15.0-1020.20",
"4.15.0-1021.21",
"4.15.0-1023.23",
"4.15.0-1025.25",
"4.15.0-1027.27",
"4.15.0-1029.30",
"4.15.0-1031.33",
"4.15.0-1032.34",
"4.15.0-1033.35",
"4.15.0-1034.36",
"4.15.0-1035.37",
"4.15.0-1037.39",
"4.15.0-1039.41",
"4.15.0-1040.42",
"4.15.0-1041.43",
"4.15.0-1043.45",
"4.15.0-1044.46",
"4.15.0-1045.47",
"4.15.0-1047.49",
"4.15.0-1048.50",
"4.15.0-1050.52",
"4.15.0-1051.53",
"4.15.0-1052.54",
"4.15.0-1054.56",
"4.15.0-1056.58",
"4.15.0-1057.59",
"4.15.0-1058.60",
"4.15.0-1060.62",
"4.15.0-1063.67",
"4.15.0-1065.69",
"4.15.0-1066.70",
"4.15.0-1067.71",
"4.15.0-1073.77",
"4.15.0-1076.80",
"4.15.0-1077.81",
"4.15.0-1079.83",
"4.15.0-1080.84",
"4.15.0-1082.86",
"4.15.0-1083.87",
"4.15.0-1086.91",
"4.15.0-1087.92",
"4.15.0-1088.93",
"4.15.0-1090.95",
"4.15.0-1091.96",
"4.15.0-1092.98",
"4.15.0-1093.99",
"4.15.0-1094.101",
"4.15.0-1095.102",
"4.15.0-1096.103",
"4.15.0-1097.104",
"4.15.0-1098.105",
"4.15.0-1099.106",
"4.15.0-1101.108",
"4.15.0-1102.109",
"4.15.0-1103.110",
"4.15.0-1106.113",
"4.15.0-1109.116",
"4.15.0-1110.117",
"4.15.0-1111.118",
"4.15.0-1112.119",
"4.15.0-1114.121",
"4.15.0-1115.122",
"4.15.0-1116.123",
"4.15.0-1118.125",
"4.15.0-1119.127",
"4.15.0-1121.129",
"4.15.0-1123.132",
"4.15.0-1124.133",
"4.15.0-1126.135",
"4.15.0-1127.136",
"4.15.0-1128.137",
"4.15.0-1130.139",
"4.15.0-1133.143",
"4.15.0-1136.147",
"4.15.0-1137.148",
"4.15.0-1139.150",
"4.15.0-1140.151",
"4.15.0-1141.152",
"4.15.0-1142.154",
"4.15.0-1143.155",
"4.15.0-1144.156",
"4.15.0-1146.158",
"4.15.0-1147.159",
"4.15.0-1148.160",
"4.15.0-1150.163",
"4.15.0-1151.164",
"4.15.0-1153.166",
"4.15.0-1154.167",
"4.15.0-1155.168",
"4.15.0-1156.169",
"4.15.0-1157.170",
"4.15.0-1158.171",
"4.15.0-1159.172",
"4.15.0-1160.173",
"4.15.0-1161.174",
"4.15.0-1162.175",
"4.15.0-1163.176",
"4.15.0-1164.177",
"4.15.0-1165.178",
"4.15.0-1166.179",
"4.15.0-1167.180",
"4.15.0-1168.181",
"4.15.0-1169.182",
"4.15.0-1170.183",
"4.15.0-1172.185",
"4.15.0-1173.186",
"4.15.0-1174.187",
"4.15.0-1175.188",
"4.15.0-1176.189",
"4.15.0-1177.190",
"4.15.0-1178.191",
"4.15.0-1179.192",
"4.15.0-1180.193",
"4.15.0-1181.194",
"4.15.0-1182.195",
"4.15.0-1183.196",
"4.15.0-1184.197",
"4.15.0-1185.198",
"4.15.0-1186.199",
"4.15.0-1187.200",
"4.15.0-1188.201",
"4.15.0-1189.202",
"4.15.0-1190.203",
"4.15.0-1191.204",
"4.15.0-1192.205",
"4.15.0-1194.207"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.0-tools-5.0.0-1027",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-aws-headers-5.0.0-1027",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-buildinfo-5.0.0-1027-aws",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-cloud-tools-5.0.0-1027-aws",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-headers-5.0.0-1027-aws",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-image-5.0.0-1027-aws",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-modules-5.0.0-1027-aws",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-modules-extra-5.0.0-1027-aws",
"binary_version": "5.0.0-1027.30"
},
{
"binary_name": "linux-tools-5.0.0-1027-aws",
"binary_version": "5.0.0-1027.30"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-aws-5.0",
"purl": "pkg:deb/ubuntu/linux-aws-5.0@5.0.0-1027.30?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.0.0-1021.24~18.04.1",
"5.0.0-1022.25~18.04.1",
"5.0.0-1023.26~18.04.1",
"5.0.0-1024.27~18.04.1",
"5.0.0-1025.28",
"5.0.0-1027.30"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.3-cloud-tools-5.3.0-1035",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-aws-5.3-headers-5.3.0-1035",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-aws-5.3-tools-5.3.0-1035",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-buildinfo-5.3.0-1035-aws",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-cloud-tools-5.3.0-1035-aws",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-headers-5.3.0-1035-aws",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-image-5.3.0-1035-aws",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-modules-5.3.0-1035-aws",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-modules-extra-5.3.0-1035-aws",
"binary_version": "5.3.0-1035.37"
},
{
"binary_name": "linux-tools-5.3.0-1035-aws",
"binary_version": "5.3.0-1035.37"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-aws-5.3",
"purl": "pkg:deb/ubuntu/linux-aws-5.3@5.3.0-1035.37?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1016.17~18.04.1",
"5.3.0-1017.18~18.04.1",
"5.3.0-1019.21~18.04.1",
"5.3.0-1023.25~18.04.1",
"5.3.0-1028.30~18.04.1",
"5.3.0-1030.32~18.04.1",
"5.3.0-1032.34~18.04.2",
"5.3.0-1033.35",
"5.3.0-1034.36",
"5.3.0-1035.37"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.4-cloud-tools-5.4.0-1160",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-aws-5.4-headers-5.4.0-1160",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-aws-5.4-tools-5.4.0-1160",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-buildinfo-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-aws-5.4",
"purl": "pkg:deb/ubuntu/linux-aws-5.4@5.4.0-1160.170~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1018.18~18.04.1",
"5.4.0-1020.20~18.04.2",
"5.4.0-1022.22~18.04.1",
"5.4.0-1024.24~18.04.1",
"5.4.0-1025.25~18.04.1",
"5.4.0-1028.29~18.04.1",
"5.4.0-1029.30~18.04.1",
"5.4.0-1030.31~18.04.1",
"5.4.0-1032.33~18.04.1",
"5.4.0-1034.35~18.04.1",
"5.4.0-1035.37~18.04.1",
"5.4.0-1037.39~18.04.1",
"5.4.0-1038.40~18.04.1",
"5.4.0-1039.41~18.04.1",
"5.4.0-1041.43~18.04.1",
"5.4.0-1043.45~18.04.1",
"5.4.0-1045.47~18.04.1",
"5.4.0-1047.49~18.04.1",
"5.4.0-1048.50~18.04.1",
"5.4.0-1049.51~18.04.1",
"5.4.0-1051.53~18.04.1",
"5.4.0-1054.57~18.04.1",
"5.4.0-1055.58~18.04.1",
"5.4.0-1056.59~18.04.1",
"5.4.0-1057.60~18.04.1",
"5.4.0-1058.61~18.04.3",
"5.4.0-1059.62~18.04.1",
"5.4.0-1060.63~18.04.1",
"5.4.0-1061.64~18.04.1",
"5.4.0-1063.66~18.04.1",
"5.4.0-1064.67~18.04.1",
"5.4.0-1065.68~18.04.1",
"5.4.0-1066.69~18.04.1",
"5.4.0-1068.72~18.04.1",
"5.4.0-1069.73~18.04.1",
"5.4.0-1071.76~18.04.1",
"5.4.0-1072.77~18.04.1",
"5.4.0-1075.80~18.04.1",
"5.4.0-1078.84~18.04.1",
"5.4.0-1080.87~18.04.1",
"5.4.0-1081.88~18.04.1",
"5.4.0-1083.90~18.04.1",
"5.4.0-1084.91~18.04.1",
"5.4.0-1085.92~18.04.1",
"5.4.0-1086.93~18.04.1",
"5.4.0-1088.96~18.04.1",
"5.4.0-1089.97~18.04.1",
"5.4.0-1090.98~18.04.1",
"5.4.0-1092.100~18.04.2",
"5.4.0-1093.102~18.04.2",
"5.4.0-1094.102~18.04.1",
"5.4.0-1096.104~18.04.1",
"5.4.0-1097.105~18.04.1",
"5.4.0-1099.107~18.04.1",
"5.4.0-1100.108~18.04.1",
"5.4.0-1101.109~18.04.1",
"5.4.0-1103.111~18.04.1",
"5.4.0-1104.112~18.04.1",
"5.4.0-1105.113~18.04.1",
"5.4.0-1106.114~18.04.1",
"5.4.0-1107.115~18.04.1",
"5.4.0-1108.116~18.04.1",
"5.4.0-1109.118~18.04.1",
"5.4.0-1110.119~18.04.1",
"5.4.0-1111.120~18.04.1",
"5.4.0-1112.121~18.04.2",
"5.4.0-1113.123~18.04.1",
"5.4.0-1114.124~18.04.1",
"5.4.0-1116.126~18.04.1",
"5.4.0-1117.127~18.04.1",
"5.4.0-1118.128~18.04.1",
"5.4.0-1119.129~18.04.1",
"5.4.0-1120.130~18.04.1",
"5.4.0-1121.131~18.04.1",
"5.4.0-1122.132~18.04.1",
"5.4.0-1123.133~18.04.1",
"5.4.0-1124.134~18.04.1",
"5.4.0-1125.135~18.04.1",
"5.4.0-1126.136~18.04.1",
"5.4.0-1127.137~18.04.2",
"5.4.0-1128.138~18.04.1",
"5.4.0-1129.139~18.04.1",
"5.4.0-1130.140~18.04.1",
"5.4.0-1131.141~18.04.1",
"5.4.0-1132.142~18.04.1",
"5.4.0-1133.143~18.04.1",
"5.4.0-1134.144~18.04.1",
"5.4.0-1135.145~18.04.1",
"5.4.0-1136.146~18.04.1",
"5.4.0-1137.147~18.04.1",
"5.4.0-1139.149~18.04.1",
"5.4.0-1142.152~18.04.1",
"5.4.0-1144.154~18.04.1",
"5.4.0-1145.155~18.04.1",
"5.4.0-1146.156~18.04.1",
"5.4.0-1147.157~18.04.1",
"5.4.0-1148.158~18.04.1",
"5.4.0-1149.159~18.04.1",
"5.4.0-1150.160~18.04.1",
"5.4.0-1151.161~18.04.1",
"5.4.0-1152.162~18.04.1",
"5.4.0-1153.163~18.04.1",
"5.4.0-1154.164~18.04.1",
"5.4.0-1156.166~18.04.1",
"5.4.0-1157.167~18.04.1",
"5.4.0-1158.168~18.04.1",
"5.4.0-1160.170~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-5.0.0-1036",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-azure-headers-5.0.0-1036",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-azure-tools-5.0.0-1036",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-buildinfo-5.0.0-1036-azure",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-cloud-tools-5.0.0-1036-azure",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-headers-5.0.0-1036-azure",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-image-unsigned-5.0.0-1036-azure",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-modules-5.0.0-1036-azure",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-modules-extra-5.0.0-1036-azure",
"binary_version": "5.0.0-1036.38"
},
{
"binary_name": "linux-tools-5.0.0-1036-azure",
"binary_version": "5.0.0-1036.38"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@5.0.0-1036.38?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1002.2",
"4.15.0-1003.3",
"4.15.0-1004.4",
"4.15.0-1008.8",
"4.15.0-1009.9",
"4.15.0-1012.12",
"4.15.0-1013.13",
"4.15.0-1014.14",
"4.15.0-1018.18",
"4.15.0-1019.19",
"4.15.0-1021.21",
"4.15.0-1022.23",
"4.15.0-1023.24",
"4.15.0-1025.26",
"4.15.0-1028.29",
"4.15.0-1030.31",
"4.15.0-1031.32",
"4.15.0-1032.33",
"4.15.0-1035.36",
"4.15.0-1036.38",
"4.15.0-1037.39",
"4.18.0-1011.11~18.04.1",
"4.18.0-1013.13~18.04.1",
"4.18.0-1014.14~18.04.1",
"4.18.0-1018.18~18.04.1",
"4.18.0-1019.19~18.04.1",
"4.18.0-1020.20~18.04.1",
"4.18.0-1023.24~18.04.1",
"4.18.0-1024.25~18.04.1",
"4.18.0-1025.27~18.04.1",
"5.0.0-1014.14~18.04.1",
"5.0.0-1016.17~18.04.1",
"5.0.0-1018.19~18.04.1",
"5.0.0-1020.21~18.04.1",
"5.0.0-1022.23~18.04.1",
"5.0.0-1023.24~18.04.1",
"5.0.0-1025.27~18.04.1",
"5.0.0-1027.29~18.04.1",
"5.0.0-1028.30~18.04.1",
"5.0.0-1029.31~18.04.1",
"5.0.0-1031.33",
"5.0.0-1032.34",
"5.0.0-1035.37",
"5.0.0-1036.38"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-4.15-cloud-tools-4.15.0-1204",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-azure-4.15-headers-4.15.0-1204",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-azure-4.15-tools-4.15.0-1204",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-buildinfo-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-headers-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-modules-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-modules-extra-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219"
},
{
"binary_name": "linux-tools-4.15.0-1204-azure",
"binary_version": "4.15.0-1204.219"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-azure-4.15",
"purl": "pkg:deb/ubuntu/linux-azure-4.15@4.15.0-1204.219?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1082.92",
"4.15.0-1083.93",
"4.15.0-1089.99",
"4.15.0-1091.101",
"4.15.0-1092.102",
"4.15.0-1093.103",
"4.15.0-1095.105",
"4.15.0-1096.106",
"4.15.0-1099.110",
"4.15.0-1100.111",
"4.15.0-1102.113",
"4.15.0-1103.114",
"4.15.0-1104.116",
"4.15.0-1106.118",
"4.15.0-1108.120",
"4.15.0-1109.121",
"4.15.0-1110.122",
"4.15.0-1111.123",
"4.15.0-1112.125",
"4.15.0-1113.126",
"4.15.0-1114.127",
"4.15.0-1115.128",
"4.15.0-1118.131",
"4.15.0-1121.134",
"4.15.0-1122.135",
"4.15.0-1123.136",
"4.15.0-1124.137",
"4.15.0-1125.138",
"4.15.0-1126.139",
"4.15.0-1127.140",
"4.15.0-1129.142",
"4.15.0-1130.143",
"4.15.0-1131.144",
"4.15.0-1133.146",
"4.15.0-1134.147",
"4.15.0-1136.149",
"4.15.0-1137.150",
"4.15.0-1138.151",
"4.15.0-1139.152",
"4.15.0-1142.156",
"4.15.0-1145.160",
"4.15.0-1146.161",
"4.15.0-1149.164",
"4.15.0-1150.165",
"4.15.0-1151.166",
"4.15.0-1153.168",
"4.15.0-1157.172",
"4.15.0-1158.173",
"4.15.0-1159.174",
"4.15.0-1161.176",
"4.15.0-1162.177",
"4.15.0-1163.178",
"4.15.0-1164.179",
"4.15.0-1165.180",
"4.15.0-1166.181",
"4.15.0-1167.182",
"4.15.0-1168.183",
"4.15.0-1169.184",
"4.15.0-1170.185",
"4.15.0-1171.186",
"4.15.0-1172.187",
"4.15.0-1173.188",
"4.15.0-1174.189",
"4.15.0-1175.190",
"4.15.0-1176.191",
"4.15.0-1177.192",
"4.15.0-1178.193",
"4.15.0-1179.194",
"4.15.0-1180.195",
"4.15.0-1181.196",
"4.15.0-1182.197",
"4.15.0-1183.198",
"4.15.0-1184.199",
"4.15.0-1185.200",
"4.15.0-1186.201",
"4.15.0-1187.202",
"4.15.0-1188.203",
"4.15.0-1189.204",
"4.15.0-1190.205",
"4.15.0-1191.206",
"4.15.0-1192.207",
"4.15.0-1193.208",
"4.15.0-1194.209",
"4.15.0-1195.210",
"4.15.0-1196.211",
"4.15.0-1197.212",
"4.15.0-1199.214",
"4.15.0-1200.215",
"4.15.0-1201.216",
"4.15.0-1202.217",
"4.15.0-1204.219"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-5.3-cloud-tools-5.3.0-1035",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-azure-5.3-headers-5.3.0-1035",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-azure-5.3-tools-5.3.0-1035",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-buildinfo-5.3.0-1035-azure",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-cloud-tools-5.3.0-1035-azure",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-headers-5.3.0-1035-azure",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-image-unsigned-5.3.0-1035-azure",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-modules-5.3.0-1035-azure",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-modules-extra-5.3.0-1035-azure",
"binary_version": "5.3.0-1035.36"
},
{
"binary_name": "linux-tools-5.3.0-1035-azure",
"binary_version": "5.3.0-1035.36"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-azure-5.3",
"purl": "pkg:deb/ubuntu/linux-azure-5.3@5.3.0-1035.36?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1007.8~18.04.1",
"5.3.0-1008.9~18.04.1",
"5.3.0-1009.10~18.04.1",
"5.3.0-1010.11~18.04.1",
"5.3.0-1012.13~18.04.1",
"5.3.0-1013.14~18.04.1",
"5.3.0-1016.17~18.04.1",
"5.3.0-1018.19~18.04.1",
"5.3.0-1019.20~18.04.1",
"5.3.0-1020.21~18.04.1",
"5.3.0-1022.23~18.04.1",
"5.3.0-1028.29~18.04.1",
"5.3.0-1031.32~18.04.1",
"5.3.0-1032.33~18.04.1",
"5.3.0-1034.35~18.04.1",
"5.3.0-1035.36"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-5.4-cloud-tools-5.4.0-1164",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-azure-5.4-headers-5.4.0-1164",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-azure-5.4-tools-5.4.0-1164",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-buildinfo-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-azure-5.4",
"purl": "pkg:deb/ubuntu/linux-azure-5.4@5.4.0-1164.170~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1020.20~18.04.1",
"5.4.0-1022.22~18.04.1",
"5.4.0-1023.23~18.04.1",
"5.4.0-1025.25~18.04.1",
"5.4.0-1026.26~18.04.1",
"5.4.0-1031.32~18.04.1",
"5.4.0-1032.33~18.04.1",
"5.4.0-1034.35~18.04.1",
"5.4.0-1035.36~18.04.1",
"5.4.0-1036.38~18.04.1",
"5.4.0-1039.41~18.04.1",
"5.4.0-1040.42~18.04.1",
"5.4.0-1041.43~18.04.1",
"5.4.0-1043.45~18.04.1",
"5.4.0-1044.46~18.04.1",
"5.4.0-1046.48~18.04.1",
"5.4.0-1047.49~18.04.1",
"5.4.0-1048.50~18.04.1",
"5.4.0-1049.51~18.04.1",
"5.4.0-1051.53~18.04.1",
"5.4.0-1055.57~18.04.1",
"5.4.0-1056.58~18.04.1",
"5.4.0-1058.60~18.04.1",
"5.4.0-1059.62~18.04.1",
"5.4.0-1061.64~18.04.1",
"5.4.0-1062.65~18.04.1",
"5.4.0-1063.66~18.04.1",
"5.4.0-1064.67~18.04.1",
"5.4.0-1065.68~18.04.1",
"5.4.0-1067.70~18.04.1",
"5.4.0-1068.71~18.04.1",
"5.4.0-1069.72~18.04.1",
"5.4.0-1070.73~18.04.1",
"5.4.0-1072.75~18.04.1",
"5.4.0-1073.76~18.04.1",
"5.4.0-1074.77~18.04.1",
"5.4.0-1077.80~18.04.1",
"5.4.0-1078.81~18.04.1",
"5.4.0-1080.83~18.04.2",
"5.4.0-1083.87~18.04.1",
"5.4.0-1085.90~18.04.1",
"5.4.0-1086.91~18.04.1",
"5.4.0-1089.94~18.04.1",
"5.4.0-1090.95~18.04.1",
"5.4.0-1091.96~18.04.1",
"5.4.0-1094.100~18.04.1",
"5.4.0-1095.101~18.04.1",
"5.4.0-1098.104~18.04.2",
"5.4.0-1100.106~18.04.1",
"5.4.0-1101.107~18.04.1",
"5.4.0-1103.109~18.04.1",
"5.4.0-1104.110~18.04.1",
"5.4.0-1105.111~18.04.1",
"5.4.0-1106.112~18.04.1",
"5.4.0-1107.113~18.04.1",
"5.4.0-1108.114~18.04.1",
"5.4.0-1109.115~18.04.1",
"5.4.0-1110.116~18.04.1",
"5.4.0-1111.117~18.04.1",
"5.4.0-1112.118~18.04.1",
"5.4.0-1113.119~18.04.1",
"5.4.0-1115.122~18.04.1",
"5.4.0-1116.123~18.04.1",
"5.4.0-1117.124~18.04.1",
"5.4.0-1118.125~18.04.1",
"5.4.0-1119.126~18.04.2",
"5.4.0-1120.127~18.04.1",
"5.4.0-1121.128~18.04.1",
"5.4.0-1122.129~18.04.1",
"5.4.0-1123.130~18.04.1",
"5.4.0-1124.131~18.04.1",
"5.4.0-1126.133~18.04.1",
"5.4.0-1127.134~18.04.1",
"5.4.0-1128.135~18.04.1",
"5.4.0-1129.136~18.04.1",
"5.4.0-1130.137~18.04.1",
"5.4.0-1131.138~18.04.1",
"5.4.0-1132.139~18.04.1",
"5.4.0-1133.140~18.04.1",
"5.4.0-1134.141~18.04.1",
"5.4.0-1135.142~18.04.1",
"5.4.0-1136.143~18.04.1",
"5.4.0-1137.144~18.04.1",
"5.4.0-1138.145~18.04.1",
"5.4.0-1139.146~18.04.1",
"5.4.0-1140.147~18.04.1",
"5.4.0-1142.149~18.04.1",
"5.4.0-1143.150~18.04.1",
"5.4.0-1145.152~18.04.1",
"5.4.0-1147.154~18.04.1",
"5.4.0-1148.155~18.04.1",
"5.4.0-1149.156~18.04.1",
"5.4.0-1150.157~18.04.1",
"5.4.0-1151.158~18.04.1",
"5.4.0-1152.159~18.04.1",
"5.4.0-1153.160~18.04.1",
"5.4.0-1154.161~18.04.1",
"5.4.0-1156.163~18.04.1",
"5.4.0-1157.164~18.04.1",
"5.4.0-1161.167~18.04.1",
"5.4.0-1162.168~18.04.1",
"5.4.0-1163.169~18.04.1",
"5.4.0-1164.170~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-edge-cloud-tools-5.0.0-1012",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-azure-edge-tools-5.0.0-1012",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-azure-headers-5.0.0-1012",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-buildinfo-5.0.0-1012-azure",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-cloud-tools-5.0.0-1012-azure",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-headers-5.0.0-1012-azure",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-image-unsigned-5.0.0-1012-azure",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-modules-5.0.0-1012-azure",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-modules-extra-5.0.0-1012-azure",
"binary_version": "5.0.0-1012.12~18.04.2"
},
{
"binary_name": "linux-tools-5.0.0-1012-azure",
"binary_version": "5.0.0-1012.12~18.04.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-azure-edge",
"purl": "pkg:deb/ubuntu/linux-azure-edge@5.0.0-1012.12~18.04.2?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.18.0-1006.6~18.04.1",
"4.18.0-1007.7~18.04.1",
"4.18.0-1008.8~18.04.1",
"5.0.0-1012.12~18.04.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.0.0-1034-gcp",
"binary_version": "5.0.0-1034.35"
},
{
"binary_name": "linux-gcp-headers-5.0.0-1034",
"binary_version": "5.0.0-1034.35"
},
{
"binary_name": "linux-gcp-tools-5.0.0-1034",
"binary_version": "5.0.0-1034.35"
},
{
"binary_name": "linux-headers-5.0.0-1034-gcp",
"binary_version": "5.0.0-1034.35"
},
{
"binary_name": "linux-image-unsigned-5.0.0-1034-gcp",
"binary_version": "5.0.0-1034.35"
},
{
"binary_name": "linux-modules-5.0.0-1034-gcp",
"binary_version": "5.0.0-1034.35"
},
{
"binary_name": "linux-modules-extra-5.0.0-1034-gcp",
"binary_version": "5.0.0-1034.35"
},
{
"binary_name": "linux-tools-5.0.0-1034-gcp",
"binary_version": "5.0.0-1034.35"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-gcp",
"purl": "pkg:deb/ubuntu/linux-gcp@5.0.0-1034.35?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1001.1",
"4.15.0-1003.3",
"4.15.0-1005.5",
"4.15.0-1006.6",
"4.15.0-1008.8",
"4.15.0-1009.9",
"4.15.0-1010.10",
"4.15.0-1014.14",
"4.15.0-1015.15",
"4.15.0-1017.18",
"4.15.0-1018.19",
"4.15.0-1019.20",
"4.15.0-1021.22",
"4.15.0-1023.24",
"4.15.0-1024.25",
"4.15.0-1025.26",
"4.15.0-1026.27",
"4.15.0-1027.28",
"4.15.0-1028.29",
"4.15.0-1029.31",
"4.15.0-1030.32",
"4.15.0-1032.34",
"4.15.0-1033.35",
"4.15.0-1034.36",
"4.15.0-1036.38",
"4.15.0-1037.39",
"4.15.0-1040.42",
"4.15.0-1042.45",
"4.15.0-1044.70",
"5.0.0-1020.20~18.04.1",
"5.0.0-1021.21~18.04.1",
"5.0.0-1025.26~18.04.1",
"5.0.0-1026.27~18.04.1",
"5.0.0-1028.29~18.04.1",
"5.0.0-1029.30~18.04.1",
"5.0.0-1031.32",
"5.0.0-1033.34",
"5.0.0-1034.35"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204"
},
{
"binary_name": "linux-gcp-4.15-headers-4.15.0-1187",
"binary_version": "4.15.0-1187.204"
},
{
"binary_name": "linux-gcp-4.15-tools-4.15.0-1187",
"binary_version": "4.15.0-1187.204"
},
{
"binary_name": "linux-headers-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204"
},
{
"binary_name": "linux-modules-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204"
},
{
"binary_name": "linux-modules-extra-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204"
},
{
"binary_name": "linux-tools-4.15.0-1187-gcp",
"binary_version": "4.15.0-1187.204"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-gcp-4.15",
"purl": "pkg:deb/ubuntu/linux-gcp-4.15@4.15.0-1187.204?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1071.81",
"4.15.0-1077.87",
"4.15.0-1078.88",
"4.15.0-1080.90",
"4.15.0-1081.92",
"4.15.0-1083.94",
"4.15.0-1084.95",
"4.15.0-1086.98",
"4.15.0-1087.100",
"4.15.0-1088.101",
"4.15.0-1090.103",
"4.15.0-1091.104",
"4.15.0-1092.105",
"4.15.0-1093.106",
"4.15.0-1094.107",
"4.15.0-1095.108",
"4.15.0-1096.109",
"4.15.0-1097.110",
"4.15.0-1098.111",
"4.15.0-1099.112",
"4.15.0-1100.113",
"4.15.0-1103.116",
"4.15.0-1106.120",
"4.15.0-1107.121",
"4.15.0-1108.122",
"4.15.0-1109.123",
"4.15.0-1110.124",
"4.15.0-1111.125",
"4.15.0-1112.126",
"4.15.0-1114.128",
"4.15.0-1115.129",
"4.15.0-1116.130",
"4.15.0-1118.132",
"4.15.0-1119.133",
"4.15.0-1120.134",
"4.15.0-1121.135",
"4.15.0-1122.136",
"4.15.0-1124.138",
"4.15.0-1127.142",
"4.15.0-1130.146",
"4.15.0-1131.147",
"4.15.0-1134.150",
"4.15.0-1135.151",
"4.15.0-1136.152",
"4.15.0-1137.153",
"4.15.0-1138.154",
"4.15.0-1141.157",
"4.15.0-1142.158",
"4.15.0-1143.159",
"4.15.0-1145.161",
"4.15.0-1146.162",
"4.15.0-1147.163",
"4.15.0-1148.164",
"4.15.0-1149.165",
"4.15.0-1150.166",
"4.15.0-1151.167",
"4.15.0-1152.168",
"4.15.0-1153.170",
"4.15.0-1154.171",
"4.15.0-1155.172",
"4.15.0-1156.173",
"4.15.0-1157.174",
"4.15.0-1158.175",
"4.15.0-1159.176",
"4.15.0-1160.177",
"4.15.0-1161.178",
"4.15.0-1162.179",
"4.15.0-1163.180",
"4.15.0-1164.181",
"4.15.0-1165.182",
"4.15.0-1166.183",
"4.15.0-1167.184",
"4.15.0-1168.185",
"4.15.0-1169.186",
"4.15.0-1170.187",
"4.15.0-1171.188",
"4.15.0-1172.189",
"4.15.0-1173.190",
"4.15.0-1174.191",
"4.15.0-1175.192",
"4.15.0-1176.193",
"4.15.0-1177.194",
"4.15.0-1178.195",
"4.15.0-1179.196",
"4.15.0-1180.197",
"4.15.0-1181.198",
"4.15.0-1182.199",
"4.15.0-1183.200",
"4.15.0-1184.201",
"4.15.0-1185.202",
"4.15.0-1186.203",
"4.15.0-1187.204"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.3.0-1032-gcp",
"binary_version": "5.3.0-1032.34~18.04.1"
},
{
"binary_name": "linux-gcp-5.3-headers-5.3.0-1032",
"binary_version": "5.3.0-1032.34~18.04.1"
},
{
"binary_name": "linux-gcp-5.3-tools-5.3.0-1032",
"binary_version": "5.3.0-1032.34~18.04.1"
},
{
"binary_name": "linux-headers-5.3.0-1032-gcp",
"binary_version": "5.3.0-1032.34~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.3.0-1032-gcp",
"binary_version": "5.3.0-1032.34~18.04.1"
},
{
"binary_name": "linux-modules-5.3.0-1032-gcp",
"binary_version": "5.3.0-1032.34~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.3.0-1032-gcp",
"binary_version": "5.3.0-1032.34~18.04.1"
},
{
"binary_name": "linux-tools-5.3.0-1032-gcp",
"binary_version": "5.3.0-1032.34~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-gcp-5.3",
"purl": "pkg:deb/ubuntu/linux-gcp-5.3@5.3.0-1032.34~18.04.1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1008.9~18.04.1",
"5.3.0-1009.10~18.04.1",
"5.3.0-1010.11~18.04.1",
"5.3.0-1012.13~18.04.1",
"5.3.0-1014.15~18.04.1",
"5.3.0-1016.17~18.04.1",
"5.3.0-1017.18~18.04.1",
"5.3.0-1018.19~18.04.1",
"5.3.0-1020.22~18.04.1",
"5.3.0-1026.28~18.04.1",
"5.3.0-1029.31~18.04.1",
"5.3.0-1030.32~18.04.1",
"5.3.0-1032.34~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172~18.04.1"
},
{
"binary_name": "linux-gcp-5.4-headers-5.4.0-1163",
"binary_version": "5.4.0-1163.172~18.04.1"
},
{
"binary_name": "linux-gcp-5.4-tools-5.4.0-1163",
"binary_version": "5.4.0-1163.172~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-gcp-5.4",
"purl": "pkg:deb/ubuntu/linux-gcp-5.4@5.4.0-1163.172~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1019.19~18.04.2",
"5.4.0-1021.21~18.04.1",
"5.4.0-1022.22~18.04.1",
"5.4.0-1024.24~18.04.1",
"5.4.0-1025.25~18.04.1",
"5.4.0-1028.29~18.04.1",
"5.4.0-1029.31~18.04.1",
"5.4.0-1030.32~18.04.1",
"5.4.0-1032.34~18.04.1",
"5.4.0-1033.35~18.04.1",
"5.4.0-1034.37~18.04.1",
"5.4.0-1036.39~18.04.1",
"5.4.0-1037.40~18.04.1",
"5.4.0-1038.41~18.04.1",
"5.4.0-1040.43~18.04.1",
"5.4.0-1041.44~18.04.1",
"5.4.0-1042.45~18.04.1",
"5.4.0-1043.46~18.04.1",
"5.4.0-1044.47~18.04.2",
"5.4.0-1046.49~18.04.1",
"5.4.0-1049.53~18.04.1",
"5.4.0-1051.55~18.04.1",
"5.4.0-1052.56~18.04.1",
"5.4.0-1053.57~18.04.1",
"5.4.0-1055.59~18.04.1",
"5.4.0-1056.60~18.04.1",
"5.4.0-1057.61~18.04.1",
"5.4.0-1058.62~18.04.1",
"5.4.0-1059.63~18.04.1",
"5.4.0-1060.64~18.04.1",
"5.4.0-1062.66~18.04.1",
"5.4.0-1063.67~18.04.1",
"5.4.0-1064.68~18.04.1",
"5.4.0-1065.69~18.04.1",
"5.4.0-1067.71~18.04.1",
"5.4.0-1068.72~18.04.1",
"5.4.0-1069.73~18.04.1",
"5.4.0-1072.77~18.04.1",
"5.4.0-1073.78~18.04.1",
"5.4.0-1075.80~18.04.1",
"5.4.0-1078.84~18.04.1",
"5.4.0-1080.87~18.04.1",
"5.4.0-1083.91~18.04.1",
"5.4.0-1084.92~18.04.1",
"5.4.0-1086.94~18.04.1",
"5.4.0-1087.95~18.04.1",
"5.4.0-1089.97~18.04.1",
"5.4.0-1092.101~18.04.1",
"5.4.0-1093.102~18.04.1",
"5.4.0-1096.105~18.04.2",
"5.4.0-1097.106~18.04.1",
"5.4.0-1098.107~18.04.1",
"5.4.0-1100.109~18.04.1",
"5.4.0-1101.110~18.04.1",
"5.4.0-1102.111~18.04.2",
"5.4.0-1103.112~18.04.1",
"5.4.0-1104.113~18.04.1",
"5.4.0-1105.114~18.04.1",
"5.4.0-1106.115~18.04.1",
"5.4.0-1107.116~18.04.1",
"5.4.0-1108.117~18.04.1",
"5.4.0-1109.118~18.04.1",
"5.4.0-1110.119~18.04.1",
"5.4.0-1111.120~18.04.1",
"5.4.0-1112.121~18.04.1",
"5.4.0-1113.122~18.04.1",
"5.4.0-1115.124~18.04.1",
"5.4.0-1116.125~18.04.1",
"5.4.0-1117.126~18.04.1",
"5.4.0-1118.127~18.04.1",
"5.4.0-1120.129~18.04.1",
"5.4.0-1121.130~18.04.1",
"5.4.0-1122.131~18.04.1",
"5.4.0-1123.132~18.04.1",
"5.4.0-1124.133~18.04.1",
"5.4.0-1125.134~18.04.1",
"5.4.0-1126.135~18.04.1",
"5.4.0-1127.136~18.04.1",
"5.4.0-1128.137~18.04.1",
"5.4.0-1129.138~18.04.1",
"5.4.0-1130.139~18.04.1",
"5.4.0-1132.141~18.04.1",
"5.4.0-1133.142~18.04.1",
"5.4.0-1134.143~18.04.1",
"5.4.0-1135.144~18.04.1",
"5.4.0-1136.145~18.04.1",
"5.4.0-1137.146~18.04.1",
"5.4.0-1138.147~18.04.1",
"5.4.0-1139.148~18.04.1",
"5.4.0-1140.149~18.04.1",
"5.4.0-1141.150~18.04.1",
"5.4.0-1142.151~18.04.1",
"5.4.0-1143.152~18.04.1",
"5.4.0-1145.154~18.04.1",
"5.4.0-1147.156~18.04.1",
"5.4.0-1148.157~18.04.1",
"5.4.0-1149.158~18.04.1",
"5.4.0-1150.159~18.04.1",
"5.4.0-1151.160~18.04.1",
"5.4.0-1152.161~18.04.1",
"5.4.0-1153.162~18.04.1",
"5.4.0-1154.163~18.04.1",
"5.4.0-1155.164~18.04.1",
"5.4.0-1156.165~18.04.1",
"5.4.0-1157.166~18.04.1",
"5.4.0-1159.168~18.04.1",
"5.4.0-1160.169~18.04.1",
"5.4.0-1161.170~18.04.1",
"5.4.0-1162.171~18.04.1",
"5.4.0-1163.172~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1079-gke",
"binary_version": "4.15.0-1079.84"
},
{
"binary_name": "linux-gke-4.15-headers-4.15.0-1079",
"binary_version": "4.15.0-1079.84"
},
{
"binary_name": "linux-gke-4.15-tools-4.15.0-1079",
"binary_version": "4.15.0-1079.84"
},
{
"binary_name": "linux-headers-4.15.0-1079-gke",
"binary_version": "4.15.0-1079.84"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1079-gke",
"binary_version": "4.15.0-1079.84"
},
{
"binary_name": "linux-modules-4.15.0-1079-gke",
"binary_version": "4.15.0-1079.84"
},
{
"binary_name": "linux-modules-extra-4.15.0-1079-gke",
"binary_version": "4.15.0-1079.84"
},
{
"binary_name": "linux-tools-4.15.0-1079-gke",
"binary_version": "4.15.0-1079.84"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-gke-4.15",
"purl": "pkg:deb/ubuntu/linux-gke-4.15@4.15.0-1079.84?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1030.32",
"4.15.0-1032.34",
"4.15.0-1033.35",
"4.15.0-1034.36",
"4.15.0-1036.38",
"4.15.0-1037.39",
"4.15.0-1040.42",
"4.15.0-1041.43",
"4.15.0-1042.44",
"4.15.0-1044.46",
"4.15.0-1045.48",
"4.15.0-1046.49",
"4.15.0-1048.51",
"4.15.0-1049.52",
"4.15.0-1050.53",
"4.15.0-1052.55",
"4.15.0-1055.58",
"4.15.0-1057.60",
"4.15.0-1058.61",
"4.15.0-1059.62",
"4.15.0-1063.66",
"4.15.0-1064.67",
"4.15.0-1066.69",
"4.15.0-1067.70",
"4.15.0-1069.72",
"4.15.0-1070.73",
"4.15.0-1072.76",
"4.15.0-1073.78",
"4.15.0-1074.79",
"4.15.0-1076.81",
"4.15.0-1077.82",
"4.15.0-1078.83",
"4.15.0-1079.84"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1080-gke",
"binary_version": "5.4.0-1080.86~18.04.1"
},
{
"binary_name": "linux-gke-5.4-headers-5.4.0-1080",
"binary_version": "5.4.0-1080.86~18.04.1"
},
{
"binary_name": "linux-gke-5.4-tools-5.4.0-1080",
"binary_version": "5.4.0-1080.86~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1080-gke",
"binary_version": "5.4.0-1080.86~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1080-gke",
"binary_version": "5.4.0-1080.86~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1080-gke",
"binary_version": "5.4.0-1080.86~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1080-gke",
"binary_version": "5.4.0-1080.86~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1080-gke",
"binary_version": "5.4.0-1080.86~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-gke-5.4",
"purl": "pkg:deb/ubuntu/linux-gke-5.4@5.4.0-1080.86~18.04.1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1025.25~18.04.1",
"5.4.0-1027.28~18.04.1",
"5.4.0-1029.31~18.04.1",
"5.4.0-1030.32~18.04.1",
"5.4.0-1032.34~18.04.1",
"5.4.0-1033.35~18.04.1",
"5.4.0-1035.37~18.04.1",
"5.4.0-1036.38~18.04.1",
"5.4.0-1037.39~18.04.1",
"5.4.0-1039.41~18.04.1",
"5.4.0-1040.42~18.04.1",
"5.4.0-1042.44~18.04.1",
"5.4.0-1043.45~18.04.1",
"5.4.0-1044.46~18.04.1",
"5.4.0-1046.48~18.04.1",
"5.4.0-1049.52~18.04.1",
"5.4.0-1051.54~18.04.1",
"5.4.0-1052.55~18.04.1",
"5.4.0-1053.56~18.04.1",
"5.4.0-1054.57~18.04.1",
"5.4.0-1055.58~18.04.1",
"5.4.0-1056.59~18.04.1",
"5.4.0-1057.60~18.04.1",
"5.4.0-1059.62~18.04.1",
"5.4.0-1061.64~18.04.1",
"5.4.0-1062.65~18.04.1",
"5.4.0-1063.66~18.04.1",
"5.4.0-1065.68~18.04.1",
"5.4.0-1066.69~18.04.1",
"5.4.0-1067.70~18.04.1",
"5.4.0-1068.71~18.04.1",
"5.4.0-1071.76~18.04.3",
"5.4.0-1072.77~18.04.1",
"5.4.0-1074.79~18.04.1",
"5.4.0-1076.82~18.04.1",
"5.4.0-1078.84~18.04.1",
"5.4.0-1080.86~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1051-gkeop",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1051-gkeop",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-gkeop-5.4-cloud-tools-5.4.0-1051",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-gkeop-5.4-headers-5.4.0-1051",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-gkeop-5.4-source-5.4.0",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-gkeop-5.4-tools-5.4.0-1051",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1051-gkeop",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1051-gkeop",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1051-gkeop",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1051-gkeop",
"binary_version": "5.4.0-1051.54~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1051-gkeop",
"binary_version": "5.4.0-1051.54~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-gkeop-5.4",
"purl": "pkg:deb/ubuntu/linux-gkeop-5.4@5.4.0-1051.54~18.04.1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1001.1",
"5.4.0-1003.3",
"5.4.0-1004.5",
"5.4.0-1005.6",
"5.4.0-1007.8~18.04.1",
"5.4.0-1008.9~18.04.1",
"5.4.0-1009.10~18.04.1",
"5.4.0-1010.11~18.04.1",
"5.4.0-1011.12~18.04.2",
"5.4.0-1012.13~18.04.1",
"5.4.0-1013.14~18.04.1",
"5.4.0-1014.15~18.04.1",
"5.4.0-1015.16~18.04.1",
"5.4.0-1016.17~18.04.1",
"5.4.0-1018.19~18.04.1",
"5.4.0-1021.22~18.04.1",
"5.4.0-1022.23~18.04.1",
"5.4.0-1023.24~18.04.1",
"5.4.0-1024.25~18.04.1",
"5.4.0-1025.26~18.04.1",
"5.4.0-1026.27~18.04.1",
"5.4.0-1027.28~18.04.1",
"5.4.0-1029.30~18.04.2",
"5.4.0-1031.32~18.04.1",
"5.4.0-1032.33~18.04.1",
"5.4.0-1033.34~18.04.1",
"5.4.0-1034.35~18.04.1",
"5.4.0-1036.37~18.04.1",
"5.4.0-1037.38~18.04.1",
"5.4.0-1038.39~18.04.1",
"5.4.0-1039.40~18.04.1",
"5.4.0-1040.41~18.04.1",
"5.4.0-1043.44~18.04.1",
"5.4.0-1046.48~18.04.1",
"5.4.0-1048.51~18.04.1",
"5.4.0-1049.52~18.04.1",
"5.4.0-1051.54~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "crypto-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "fat-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "fb-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "firewire-core-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "floppy-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "fs-core-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "fs-secondary-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "input-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "ipmi-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "kernel-image-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-buildinfo-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-buildinfo-5.3.0-76-lowlatency",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-cloud-tools-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-cloud-tools-5.3.0-76-lowlatency",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-headers-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-headers-5.3.0-76-lowlatency",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-hwe-cloud-tools-5.3.0-76",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-hwe-headers-5.3.0-76",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-hwe-tools-5.3.0-76",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-hwe-udebs-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-image-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-image-5.3.0-76-lowlatency",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-image-unsigned-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-image-unsigned-5.3.0-76-lowlatency",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-modules-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-modules-5.3.0-76-lowlatency",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-modules-extra-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-source-5.3.0",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-tools-5.3.0-76-generic",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "linux-tools-5.3.0-76-lowlatency",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "md-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "message-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "mouse-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "multipath-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "nfs-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "nic-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "nic-pcmcia-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "nic-shared-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "nic-usb-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "parport-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "pata-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "pcmcia-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "pcmcia-storage-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "plip-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "ppp-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "sata-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "scsi-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "serial-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "storage-core-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "usb-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "virtio-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
},
{
"binary_name": "vlan-modules-5.3.0-76-generic-di",
"binary_version": "5.3.0-76.72"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-hwe",
"purl": "pkg:deb/ubuntu/linux-hwe@5.3.0-76.72?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.18.0-13.14~18.04.1",
"4.18.0-14.15~18.04.1",
"4.18.0-15.16~18.04.1",
"4.18.0-16.17~18.04.1",
"4.18.0-17.18~18.04.1",
"4.18.0-18.19~18.04.1",
"4.18.0-20.21~18.04.1",
"4.18.0-21.22~18.04.1",
"4.18.0-22.23~18.04.1",
"4.18.0-24.25~18.04.1",
"4.18.0-25.26~18.04.1",
"5.0.0-23.24~18.04.1",
"5.0.0-25.26~18.04.1",
"5.0.0-27.28~18.04.1",
"5.0.0-29.31~18.04.1",
"5.0.0-31.33~18.04.1",
"5.0.0-32.34~18.04.2",
"5.0.0-35.38~18.04.1",
"5.0.0-36.39~18.04.1",
"5.0.0-37.40~18.04.1",
"5.3.0-26.28~18.04.1",
"5.3.0-28.30~18.04.1",
"5.3.0-40.32~18.04.1",
"5.3.0-42.34~18.04.1",
"5.3.0-45.37~18.04.1",
"5.3.0-46.38~18.04.1",
"5.3.0-51.44~18.04.2",
"5.3.0-53.47~18.04.1",
"5.3.0-59.53~18.04.1",
"5.3.0-61.55~18.04.1",
"5.3.0-62.56~18.04.1",
"5.3.0-64.58~18.04.1",
"5.3.0-65.59",
"5.3.0-66.60",
"5.3.0-67.61",
"5.3.0-68.63",
"5.3.0-69.65",
"5.3.0-70.66",
"5.3.0-72.68",
"5.3.0-73.69",
"5.3.0-74.70",
"5.3.0-75.71",
"5.3.0-76.72"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "crypto-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "dasd-extra-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "dasd-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "fat-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "fb-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "firewire-core-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "floppy-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "fs-core-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "fs-secondary-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "input-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "ipmi-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "kernel-image-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-buildinfo-5.4.0-231-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-buildinfo-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-cloud-tools-5.4.0-231-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-cloud-tools-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-231-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-hwe-5.4-cloud-tools-5.4.0-231",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-hwe-5.4-cloud-tools-common",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-hwe-5.4-headers-5.4.0-231",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-hwe-5.4-source-5.4.0",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-hwe-5.4-tools-5.4.0-231",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-hwe-5.4-tools-common",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-hwe-5.4-udebs-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-231-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-231-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-231-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-231-generic",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "md-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "message-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "mouse-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "multipath-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "nfs-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "nic-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "nic-pcmcia-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "nic-shared-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "nic-usb-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "parport-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "pata-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "pcmcia-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "pcmcia-storage-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "plip-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "ppp-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "sata-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "scsi-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "serial-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "storage-core-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "usb-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "virtio-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
},
{
"binary_name": "vlan-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-hwe-5.4",
"purl": "pkg:deb/ubuntu/linux-hwe-5.4@5.4.0-231.251~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-37.41~18.04.1",
"5.4.0-39.43~18.04.1",
"5.4.0-40.44~18.04.1",
"5.4.0-42.46~18.04.1",
"5.4.0-45.49~18.04.2",
"5.4.0-47.51~18.04.1",
"5.4.0-48.52~18.04.1",
"5.4.0-51.56~18.04.1",
"5.4.0-52.57~18.04.1",
"5.4.0-53.59~18.04.1",
"5.4.0-54.60~18.04.1",
"5.4.0-56.62~18.04.1",
"5.4.0-58.64~18.04.1",
"5.4.0-59.65~18.04.1",
"5.4.0-60.67~18.04.1",
"5.4.0-62.70~18.04.1",
"5.4.0-64.72~18.04.1",
"5.4.0-65.73~18.04.1",
"5.4.0-66.74~18.04.2",
"5.4.0-67.75~18.04.1",
"5.4.0-70.78~18.04.1",
"5.4.0-71.79~18.04.1",
"5.4.0-72.80~18.04.1",
"5.4.0-73.82~18.04.1",
"5.4.0-74.83~18.04.1",
"5.4.0-77.86~18.04.1",
"5.4.0-80.90~18.04.1",
"5.4.0-81.91~18.04.1",
"5.4.0-84.94~18.04.1",
"5.4.0-86.97~18.04.1",
"5.4.0-87.98~18.04.1",
"5.4.0-89.100~18.04.1",
"5.4.0-90.101~18.04.1",
"5.4.0-91.102~18.04.1",
"5.4.0-92.103~18.04.2",
"5.4.0-94.106~18.04.1",
"5.4.0-96.109~18.04.1",
"5.4.0-97.110~18.04.1",
"5.4.0-99.112~18.04.1",
"5.4.0-100.113~18.04.1",
"5.4.0-104.118~18.04.1",
"5.4.0-105.119~18.04.1",
"5.4.0-107.121~18.04.1",
"5.4.0-109.123~18.04.1",
"5.4.0-110.124~18.04.1",
"5.4.0-113.127~18.04.1",
"5.4.0-117.132~18.04.1",
"5.4.0-120.136~18.04.1",
"5.4.0-121.137~18.04.1",
"5.4.0-122.138~18.04.1",
"5.4.0-124.140~18.04.1",
"5.4.0-125.141~18.04.1",
"5.4.0-126.142~18.04.1",
"5.4.0-128.144~18.04.1",
"5.4.0-131.147~18.04.1",
"5.4.0-132.148~18.04.1",
"5.4.0-133.149~18.04.1",
"5.4.0-135.152~18.04.2",
"5.4.0-136.153~18.04.1",
"5.4.0-137.154~18.04.1",
"5.4.0-139.156~18.04.1",
"5.4.0-144.161~18.04.1",
"5.4.0-146.163~18.04.1",
"5.4.0-147.164~18.04.1",
"5.4.0-148.165~18.04.1",
"5.4.0-149.166~18.04.1",
"5.4.0-150.167~18.04.1",
"5.4.0-152.169~18.04.1",
"5.4.0-153.170~18.04.1",
"5.4.0-155.172~18.04.1",
"5.4.0-156.173~18.04.1",
"5.4.0-159.176~18.04.1",
"5.4.0-162.179~18.04.1",
"5.4.0-163.180~18.04.1",
"5.4.0-164.181~18.04.1",
"5.4.0-165.182~18.04.1",
"5.4.0-166.183~18.04.2",
"5.4.0-167.184~18.04.1",
"5.4.0-169.187~18.04.1",
"5.4.0-170.188~18.04.1",
"5.4.0-171.189~18.04.1",
"5.4.0-172.190~18.04.1",
"5.4.0-173.191~18.04.1",
"5.4.0-174.193~18.04.1",
"5.4.0-175.195~18.04.1",
"5.4.0-177.197~18.04.1",
"5.4.0-181.201~18.04.1",
"5.4.0-182.202~18.04.1",
"5.4.0-186.206~18.04.1",
"5.4.0-187.207~18.04.1",
"5.4.0-189.209~18.04.1",
"5.4.0-190.210~18.04.1",
"5.4.0-192.212~18.04.1",
"5.4.0-193.213~18.04.1",
"5.4.0-195.215~18.04.1",
"5.4.0-196.216~18.04.1",
"5.4.0-198.218~18.04.1",
"5.4.0-200.220~18.04.1",
"5.4.0-202.222~18.04.1",
"5.4.0-204.224~18.04.1",
"5.4.0-205.225~18.04.1",
"5.4.0-208.228~18.04.1",
"5.4.0-211.231~18.04.1",
"5.4.0-212.232~18.04.1",
"5.4.0-214.234~18.04.1",
"5.4.0-215.235~18.04.1",
"5.4.0-216.236~18.04.1",
"5.4.0-218.238~18.04.1",
"5.4.0-219.239~18.04.1",
"5.4.0-220.240~18.04.1",
"5.4.0-221.241~18.04.1",
"5.4.0-222.242~18.04.1",
"5.4.0-223.243~18.04.1",
"5.4.0-224.244~18.04.1",
"5.4.0-225.245~18.04.1",
"5.4.0-227.247~18.04.1",
"5.4.0-228.248~18.04.1",
"5.4.0-229.249~18.04.1",
"5.4.0-231.251~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "block-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "crypto-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "crypto-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "dasd-extra-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "dasd-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "fat-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "fat-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "fb-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "firewire-core-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "floppy-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "fs-core-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "fs-core-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "fs-secondary-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "fs-secondary-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "input-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "input-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "ipmi-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "ipmi-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "kernel-image-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "kernel-image-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-buildinfo-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-buildinfo-5.3.0-24-generic-lpae",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-buildinfo-5.3.0-24-lowlatency",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-cloud-tools-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-cloud-tools-5.3.0-24-lowlatency",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-headers-5.3.0-24",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-headers-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-headers-5.3.0-24-generic-lpae",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-headers-5.3.0-24-lowlatency",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-hwe-edge-cloud-tools-5.3.0-24",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-hwe-edge-tools-5.3.0-24",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-hwe-edge-udebs-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-hwe-edge-udebs-generic-lpae",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-image-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-image-5.3.0-24-generic-lpae",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-image-5.3.0-24-lowlatency",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-image-unsigned-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-image-unsigned-5.3.0-24-lowlatency",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-modules-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-modules-5.3.0-24-generic-lpae",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-modules-5.3.0-24-lowlatency",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-modules-extra-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-source-5.3.0",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-tools-5.3.0-24-generic",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-tools-5.3.0-24-generic-lpae",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "linux-tools-5.3.0-24-lowlatency",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "md-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "md-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "message-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "mouse-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "mouse-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "multipath-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "multipath-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nfs-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nfs-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nic-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nic-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nic-pcmcia-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nic-shared-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nic-shared-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nic-usb-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "nic-usb-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "parport-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "parport-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "pata-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "pcmcia-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "pcmcia-storage-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "plip-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "plip-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "ppp-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "ppp-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "sata-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "sata-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "scsi-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "scsi-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "serial-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "storage-core-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "storage-core-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "usb-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "usb-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "virtio-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "vlan-modules-5.3.0-24-generic-di",
"binary_version": "5.3.0-24.26~18.04.2"
},
{
"binary_name": "vlan-modules-5.3.0-24-generic-lpae-di",
"binary_version": "5.3.0-24.26~18.04.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-hwe-edge",
"purl": "pkg:deb/ubuntu/linux-hwe-edge@5.3.0-24.26~18.04.2?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.0.0-15.16~18.04.1",
"5.0.0-16.17~18.04.1",
"5.0.0-17.18~18.04.1",
"5.0.0-19.20~18.04.1",
"5.0.0-20.21~18.04.1",
"5.3.0-19.20~18.04.2",
"5.3.0-22.24~18.04.1",
"5.3.0-23.25~18.04.1",
"5.3.0-23.25~18.04.2",
"5.3.0-24.26~18.04.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-ibm-5.4-cloud-tools-common",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-ibm-5.4-headers-5.4.0-1105",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-ibm-5.4-source-5.4.0",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-ibm-5.4-tools-5.4.0-1105",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-ibm-5.4-tools-common",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-ibm-5.4",
"purl": "pkg:deb/ubuntu/linux-ibm-5.4@5.4.0-1105.110~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1010.11~18.04.2",
"5.4.0-1012.13~18.04.1",
"5.4.0-1014.15~18.04.1",
"5.4.0-1015.16~18.04.1",
"5.4.0-1017.19~18.04.1",
"5.4.0-1018.20~18.04.1",
"5.4.0-1019.21~18.04.1",
"5.4.0-1020.22~18.04.1",
"5.4.0-1021.23~18.04.1",
"5.4.0-1023.25~18.04.1",
"5.4.0-1026.29~18.04.1",
"5.4.0-1028.32~18.04.1",
"5.4.0-1029.33~18.04.1",
"5.4.0-1031.35~18.04.1",
"5.4.0-1032.36~18.04.1",
"5.4.0-1033.37~18.04.1",
"5.4.0-1034.38~18.04.1",
"5.4.0-1036.41~18.04.1",
"5.4.0-1037.42~18.04.1",
"5.4.0-1040.45~18.04.2",
"5.4.0-1041.46~18.04.1",
"5.4.0-1042.47~18.04.1",
"5.4.0-1044.49~18.04.1",
"5.4.0-1045.50~18.04.1",
"5.4.0-1046.51~18.04.1",
"5.4.0-1047.52~18.04.1",
"5.4.0-1048.53~18.04.1",
"5.4.0-1049.54~18.04.1",
"5.4.0-1050.55~18.04.1",
"5.4.0-1051.56~18.04.1",
"5.4.0-1052.57~18.04.1",
"5.4.0-1053.58~18.04.1",
"5.4.0-1054.59~18.04.1",
"5.4.0-1056.61~18.04.1",
"5.4.0-1057.62~18.04.1",
"5.4.0-1058.63~18.04.1",
"5.4.0-1059.64~18.04.1",
"5.4.0-1060.65~18.04.1",
"5.4.0-1061.66~18.04.1",
"5.4.0-1063.68~18.04.1",
"5.4.0-1064.69~18.04.1",
"5.4.0-1065.70~18.04.1",
"5.4.0-1066.71~18.04.1",
"5.4.0-1067.72~18.04.1",
"5.4.0-1068.73~18.04.1",
"5.4.0-1069.74~18.04.1",
"5.4.0-1070.75~18.04.1",
"5.4.0-1071.76~18.04.1",
"5.4.0-1072.77~18.04.1",
"5.4.0-1073.78~18.04.1",
"5.4.0-1074.79~18.04.1",
"5.4.0-1075.80~18.04.1",
"5.4.0-1076.81~18.04.1",
"5.4.0-1077.82~18.04.1",
"5.4.0-1078.83~18.04.1",
"5.4.0-1079.84~18.04.1",
"5.4.0-1080.85~18.04.1",
"5.4.0-1081.86~18.04.1",
"5.4.0-1082.87~18.04.1",
"5.4.0-1083.88~18.04.1",
"5.4.0-1084.89~18.04.1",
"5.4.0-1085.90~18.04.1",
"5.4.0-1086.91~18.04.1",
"5.4.0-1090.95~18.04.1",
"5.4.0-1092.97~18.04.1",
"5.4.0-1093.98~18.04.1",
"5.4.0-1094.99~18.04.1",
"5.4.0-1095.100~18.04.1",
"5.4.0-1096.101~18.04.1",
"5.4.0-1097.102~18.04.1",
"5.4.0-1098.103~18.04.1",
"5.4.0-1099.104~18.04.1",
"5.4.0-1100.105~18.04.1",
"5.4.0-1102.107~18.04.1",
"5.4.0-1103.108~18.04.1",
"5.4.0-1104.109~18.04.1",
"5.4.0-1105.110~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1176-kvm",
"binary_version": "4.15.0-1176.181"
},
{
"binary_name": "linux-headers-4.15.0-1176-kvm",
"binary_version": "4.15.0-1176.181"
},
{
"binary_name": "linux-image-4.15.0-1176-kvm",
"binary_version": "4.15.0-1176.181"
},
{
"binary_name": "linux-kvm-headers-4.15.0-1176",
"binary_version": "4.15.0-1176.181"
},
{
"binary_name": "linux-kvm-tools-4.15.0-1176",
"binary_version": "4.15.0-1176.181"
},
{
"binary_name": "linux-modules-4.15.0-1176-kvm",
"binary_version": "4.15.0-1176.181"
},
{
"binary_name": "linux-tools-4.15.0-1176-kvm",
"binary_version": "4.15.0-1176.181"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-kvm",
"purl": "pkg:deb/ubuntu/linux-kvm@4.15.0-1176.181?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1002.2",
"4.15.0-1003.3",
"4.15.0-1004.4",
"4.15.0-1006.6",
"4.15.0-1008.8",
"4.15.0-1010.10",
"4.15.0-1011.11",
"4.15.0-1012.12",
"4.15.0-1016.16",
"4.15.0-1017.17",
"4.15.0-1019.19",
"4.15.0-1020.20",
"4.15.0-1021.21",
"4.15.0-1023.23",
"4.15.0-1025.25",
"4.15.0-1026.26",
"4.15.0-1027.27",
"4.15.0-1028.28",
"4.15.0-1029.29",
"4.15.0-1030.30",
"4.15.0-1031.31",
"4.15.0-1032.32",
"4.15.0-1034.34",
"4.15.0-1035.35",
"4.15.0-1036.36",
"4.15.0-1038.38",
"4.15.0-1039.39",
"4.15.0-1042.42",
"4.15.0-1043.43",
"4.15.0-1044.44",
"4.15.0-1046.46",
"4.15.0-1047.47",
"4.15.0-1048.48",
"4.15.0-1050.50",
"4.15.0-1051.51",
"4.15.0-1052.52",
"4.15.0-1053.53",
"4.15.0-1056.57",
"4.15.0-1058.59",
"4.15.0-1059.60",
"4.15.0-1060.61",
"4.15.0-1067.68",
"4.15.0-1069.70",
"4.15.0-1071.72",
"4.15.0-1072.73",
"4.15.0-1074.75",
"4.15.0-1075.76",
"4.15.0-1077.79",
"4.15.0-1079.81",
"4.15.0-1081.83",
"4.15.0-1082.84",
"4.15.0-1084.86",
"4.15.0-1085.87",
"4.15.0-1086.88",
"4.15.0-1087.89",
"4.15.0-1088.90",
"4.15.0-1089.91",
"4.15.0-1090.92",
"4.15.0-1091.93",
"4.15.0-1092.94",
"4.15.0-1094.96",
"4.15.0-1097.99",
"4.15.0-1098.100",
"4.15.0-1099.101",
"4.15.0-1100.102",
"4.15.0-1101.103",
"4.15.0-1102.104",
"4.15.0-1103.105",
"4.15.0-1105.107",
"4.15.0-1106.108",
"4.15.0-1107.109",
"4.15.0-1109.112",
"4.15.0-1110.113",
"4.15.0-1112.115",
"4.15.0-1113.116",
"4.15.0-1114.117",
"4.15.0-1116.119",
"4.15.0-1119.123",
"4.15.0-1122.127",
"4.15.0-1123.128",
"4.15.0-1125.130",
"4.15.0-1126.131",
"4.15.0-1127.132",
"4.15.0-1128.133",
"4.15.0-1129.134",
"4.15.0-1132.137",
"4.15.0-1133.138",
"4.15.0-1134.139",
"4.15.0-1135.140",
"4.15.0-1136.141",
"4.15.0-1137.142",
"4.15.0-1138.143",
"4.15.0-1139.144",
"4.15.0-1140.145",
"4.15.0-1141.146",
"4.15.0-1142.147",
"4.15.0-1143.148",
"4.15.0-1144.149",
"4.15.0-1145.150",
"4.15.0-1146.151",
"4.15.0-1147.152",
"4.15.0-1148.153",
"4.15.0-1149.154",
"4.15.0-1150.155",
"4.15.0-1151.156",
"4.15.0-1152.157",
"4.15.0-1153.158",
"4.15.0-1154.159",
"4.15.0-1155.160",
"4.15.0-1156.161",
"4.15.0-1157.162",
"4.15.0-1158.163",
"4.15.0-1159.164",
"4.15.0-1160.165",
"4.15.0-1161.166",
"4.15.0-1162.167",
"4.15.0-1163.168",
"4.15.0-1164.169",
"4.15.0-1165.170",
"4.15.0-1166.171",
"4.15.0-1167.172",
"4.15.0-1168.173",
"4.15.0-1169.174",
"4.15.0-1170.175",
"4.15.0-1171.176",
"4.15.0-1172.177",
"4.15.0-1173.178",
"4.15.0-1174.179",
"4.15.0-1175.180",
"4.15.0-1176.181"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "crypto-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "fat-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "fb-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "firewire-core-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "floppy-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "fs-core-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "fs-secondary-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "input-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "ipmi-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "irda-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "kernel-image-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-buildinfo-4.15.0-1103-oem",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-headers-4.15.0-1103-oem",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1103-oem",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-modules-4.15.0-1103-oem",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-oem-headers-4.15.0-1103",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-oem-tools-4.15.0-1103",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-tools-4.15.0-1103-oem",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "linux-udebs-oem",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "md-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "message-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "mouse-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "multipath-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "nfs-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "nic-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "nic-pcmcia-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "nic-shared-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "nic-usb-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "parport-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "pata-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "pcmcia-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "pcmcia-storage-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "plip-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "ppp-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "sata-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "scsi-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "serial-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "storage-core-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "usb-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "virtio-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
},
{
"binary_name": "vlan-modules-4.15.0-1103-oem-di",
"binary_version": "4.15.0-1103.114"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-oem",
"purl": "pkg:deb/ubuntu/linux-oem@4.15.0-1103.114?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1002.3",
"4.15.0-1004.5",
"4.15.0-1006.9",
"4.15.0-1008.11",
"4.15.0-1009.12",
"4.15.0-1012.15",
"4.15.0-1013.16",
"4.15.0-1015.18",
"4.15.0-1017.20",
"4.15.0-1018.21",
"4.15.0-1021.24",
"4.15.0-1024.29",
"4.15.0-1026.31",
"4.15.0-1028.33",
"4.15.0-1030.35",
"4.15.0-1033.38",
"4.15.0-1034.39",
"4.15.0-1035.40",
"4.15.0-1036.41",
"4.15.0-1038.43",
"4.15.0-1039.44",
"4.15.0-1043.48",
"4.15.0-1045.50",
"4.15.0-1050.57",
"4.15.0-1056.65",
"4.15.0-1057.66",
"4.15.0-1059.68",
"4.15.0-1063.72",
"4.15.0-1064.73",
"4.15.0-1065.75",
"4.15.0-1066.76",
"4.15.0-1067.77",
"4.15.0-1069.79",
"4.15.0-1073.83",
"4.15.0-1076.86",
"4.15.0-1079.89",
"4.15.0-1080.90",
"4.15.0-1081.91",
"4.15.0-1087.97",
"4.15.0-1090.100",
"4.15.0-1091.101",
"4.15.0-1093.103",
"4.15.0-1094.104",
"4.15.0-1096.106",
"4.15.0-1097.107",
"4.15.0-1099.109",
"4.15.0-1100.110",
"4.15.0-1101.112",
"4.15.0-1102.113",
"4.15.0-1103.114"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167"
},
{
"binary_name": "linux-headers-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167"
},
{
"binary_name": "linux-modules-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167"
},
{
"binary_name": "linux-modules-extra-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167"
},
{
"binary_name": "linux-oracle-headers-4.15.0-1156",
"binary_version": "4.15.0-1156.167"
},
{
"binary_name": "linux-oracle-tools-4.15.0-1156",
"binary_version": "4.15.0-1156.167"
},
{
"binary_name": "linux-tools-4.15.0-1156-oracle",
"binary_version": "4.15.0-1156.167"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-oracle",
"purl": "pkg:deb/ubuntu/linux-oracle@4.15.0-1156.167?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1007.9",
"4.15.0-1008.10",
"4.15.0-1009.11",
"4.15.0-1010.12",
"4.15.0-1011.13",
"4.15.0-1013.15",
"4.15.0-1014.16",
"4.15.0-1015.17",
"4.15.0-1017.19",
"4.15.0-1018.20",
"4.15.0-1021.23",
"4.15.0-1022.25",
"4.15.0-1023.26",
"4.15.0-1025.28",
"4.15.0-1026.29",
"4.15.0-1027.30",
"4.15.0-1029.32",
"4.15.0-1030.33",
"4.15.0-1031.34",
"4.15.0-1033.36",
"4.15.0-1035.39",
"4.15.0-1037.41",
"4.15.0-1038.42",
"4.15.0-1039.43",
"4.15.0-1045.49",
"4.15.0-1047.51",
"4.15.0-1048.52",
"4.15.0-1050.54",
"4.15.0-1051.55",
"4.15.0-1053.57",
"4.15.0-1054.58",
"4.15.0-1057.62",
"4.15.0-1058.64",
"4.15.0-1059.65",
"4.15.0-1061.67",
"4.15.0-1062.68",
"4.15.0-1063.70",
"4.15.0-1064.71",
"4.15.0-1065.73",
"4.15.0-1066.74",
"4.15.0-1067.75",
"4.15.0-1068.76",
"4.15.0-1069.77",
"4.15.0-1070.78",
"4.15.0-1071.79",
"4.15.0-1072.80",
"4.15.0-1075.83",
"4.15.0-1078.86",
"4.15.0-1079.87",
"4.15.0-1080.88",
"4.15.0-1081.89",
"4.15.0-1082.90",
"4.15.0-1083.91",
"4.15.0-1084.92",
"4.15.0-1085.93",
"4.15.0-1086.94",
"4.15.0-1087.95",
"4.15.0-1089.98",
"4.15.0-1090.99",
"4.15.0-1091.100",
"4.15.0-1092.101",
"4.15.0-1093.102",
"4.15.0-1095.104",
"4.15.0-1098.108",
"4.15.0-1101.112",
"4.15.0-1102.113",
"4.15.0-1104.115",
"4.15.0-1105.116",
"4.15.0-1106.117",
"4.15.0-1107.118",
"4.15.0-1108.119",
"4.15.0-1111.122",
"4.15.0-1112.123",
"4.15.0-1113.124",
"4.15.0-1114.125",
"4.15.0-1115.126",
"4.15.0-1116.127",
"4.15.0-1117.128",
"4.15.0-1118.129",
"4.15.0-1119.130",
"4.15.0-1120.131",
"4.15.0-1121.132",
"4.15.0-1122.133",
"4.15.0-1123.134",
"4.15.0-1124.135",
"4.15.0-1125.136",
"4.15.0-1126.137",
"4.15.0-1127.138",
"4.15.0-1128.139",
"4.15.0-1129.140",
"4.15.0-1130.141",
"4.15.0-1131.142",
"4.15.0-1132.143",
"4.15.0-1133.144",
"4.15.0-1134.145",
"4.15.0-1135.146",
"4.15.0-1136.147",
"4.15.0-1137.148",
"4.15.0-1138.149",
"4.15.0-1139.150",
"4.15.0-1140.151",
"4.15.0-1141.152",
"4.15.0-1142.153",
"4.15.0-1143.154",
"4.15.0-1144.155",
"4.15.0-1145.156",
"4.15.0-1146.157",
"4.15.0-1147.158",
"4.15.0-1148.159",
"4.15.0-1149.160",
"4.15.0-1150.161",
"4.15.0-1151.162",
"4.15.0-1152.163",
"4.15.0-1153.164",
"4.15.0-1154.165",
"4.15.0-1155.166",
"4.15.0-1156.167"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.0.0-1014-oracle",
"binary_version": "5.0.0-1014.19"
},
{
"binary_name": "linux-headers-5.0.0-1014-oracle",
"binary_version": "5.0.0-1014.19"
},
{
"binary_name": "linux-image-unsigned-5.0.0-1014-oracle",
"binary_version": "5.0.0-1014.19"
},
{
"binary_name": "linux-modules-5.0.0-1014-oracle",
"binary_version": "5.0.0-1014.19"
},
{
"binary_name": "linux-modules-extra-5.0.0-1014-oracle",
"binary_version": "5.0.0-1014.19"
},
{
"binary_name": "linux-oracle-5.0-headers-5.0.0-1014",
"binary_version": "5.0.0-1014.19"
},
{
"binary_name": "linux-oracle-5.0-tools-5.0.0-1014",
"binary_version": "5.0.0-1014.19"
},
{
"binary_name": "linux-tools-5.0.0-1014-oracle",
"binary_version": "5.0.0-1014.19"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-oracle-5.0",
"purl": "pkg:deb/ubuntu/linux-oracle-5.0@5.0.0-1014.19?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.0.0-1007.12~18.04.1",
"5.0.0-1008.13~18.04.1",
"5.0.0-1009.14~18.04.1",
"5.0.0-1010.15~18.04.1",
"5.0.0-1011.16",
"5.0.0-1013.18",
"5.0.0-1014.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.3.0-1030-oracle",
"binary_version": "5.3.0-1030.32~18.04.1"
},
{
"binary_name": "linux-headers-5.3.0-1030-oracle",
"binary_version": "5.3.0-1030.32~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.3.0-1030-oracle",
"binary_version": "5.3.0-1030.32~18.04.1"
},
{
"binary_name": "linux-modules-5.3.0-1030-oracle",
"binary_version": "5.3.0-1030.32~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.3.0-1030-oracle",
"binary_version": "5.3.0-1030.32~18.04.1"
},
{
"binary_name": "linux-oracle-5.3-headers-5.3.0-1030",
"binary_version": "5.3.0-1030.32~18.04.1"
},
{
"binary_name": "linux-oracle-5.3-tools-5.3.0-1030",
"binary_version": "5.3.0-1030.32~18.04.1"
},
{
"binary_name": "linux-tools-5.3.0-1030-oracle",
"binary_version": "5.3.0-1030.32~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-oracle-5.3",
"purl": "pkg:deb/ubuntu/linux-oracle-5.3@5.3.0-1030.32~18.04.1?arch=source\u0026distro=bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1011.12~18.04.1",
"5.3.0-1013.14~18.04.1",
"5.3.0-1014.15~18.04.1",
"5.3.0-1016.18~18.04.1",
"5.3.0-1018.20~18.04.1",
"5.3.0-1024.26~18.04.1",
"5.3.0-1027.29~18.04.1",
"5.3.0-1028.30~18.04.1",
"5.3.0-1030.32~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168~18.04.1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168~18.04.1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168~18.04.1"
},
{
"binary_name": "linux-oracle-5.4-headers-5.4.0-1158",
"binary_version": "5.4.0-1158.168~18.04.1"
},
{
"binary_name": "linux-oracle-5.4-tools-5.4.0-1158",
"binary_version": "5.4.0-1158.168~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-oracle-5.4",
"purl": "pkg:deb/ubuntu/linux-oracle-5.4@5.4.0-1158.168~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1019.19~18.04.1",
"5.4.0-1021.21~18.04.1",
"5.4.0-1022.22~18.04.1",
"5.4.0-1024.24~18.04.1",
"5.4.0-1025.25~18.04.1",
"5.4.0-1028.29~18.04.1",
"5.4.0-1029.31~18.04.1",
"5.4.0-1030.32~18.04.1",
"5.4.0-1033.35",
"5.4.0-1034.36~18.04.1",
"5.4.0-1035.38~18.04.1",
"5.4.0-1037.40~18.04.1",
"5.4.0-1038.41~18.04.1",
"5.4.0-1039.42~18.04.1",
"5.4.0-1041.44~18.04.1",
"5.4.0-1042.45~18.04.1",
"5.4.0-1043.46~18.04.1",
"5.4.0-1044.47~18.04.1",
"5.4.0-1046.50~18.04.2",
"5.4.0-1048.52~18.04.1",
"5.4.0-1049.53~18.04.1",
"5.4.0-1052.56~18.04.1",
"5.4.0-1053.57~18.04.1",
"5.4.0-1054.58~18.04.1",
"5.4.0-1055.59~18.04.1",
"5.4.0-1056.60~18.04.1",
"5.4.0-1057.61~18.04.1",
"5.4.0-1058.62~18.04.1",
"5.4.0-1059.63~18.04.1",
"5.4.0-1061.65~18.04.1",
"5.4.0-1062.66~18.04.1",
"5.4.0-1063.67~18.04.1",
"5.4.0-1064.68~18.04.1",
"5.4.0-1066.71~18.04.1",
"5.4.0-1067.72~18.04.1",
"5.4.0-1069.75~18.04.1",
"5.4.0-1070.76~18.04.1",
"5.4.0-1071.77~18.04.1",
"5.4.0-1073.79~18.04.1",
"5.4.0-1076.83~18.04.1",
"5.4.0-1078.86~18.04.1",
"5.4.0-1079.87~18.04.1",
"5.4.0-1081.89~18.04.1",
"5.4.0-1082.90~18.04.1",
"5.4.0-1083.91~18.04.1",
"5.4.0-1084.92~18.04.1",
"5.4.0-1086.95~18.04.1",
"5.4.0-1087.96~18.04.1",
"5.4.0-1090.99~18.04.2",
"5.4.0-1091.100~18.04.1",
"5.4.0-1092.101~18.04.1",
"5.4.0-1093.102~18.04.1",
"5.4.0-1094.103~18.04.1",
"5.4.0-1098.107~18.04.1",
"5.4.0-1099.108~18.04.1",
"5.4.0-1100.109~18.04.1",
"5.4.0-1101.110~18.04.1",
"5.4.0-1102.111~18.04.1",
"5.4.0-1103.112~18.04.1",
"5.4.0-1104.113~18.04.1",
"5.4.0-1105.114~18.04.1",
"5.4.0-1106.115~18.04.1",
"5.4.0-1107.116~18.04.1",
"5.4.0-1108.117~18.04.1",
"5.4.0-1109.118~18.04.1",
"5.4.0-1110.119~18.04.1",
"5.4.0-1111.120~18.04.1",
"5.4.0-1112.121~18.04.4",
"5.4.0-1113.122~18.04.1",
"5.4.0-1115.124~18.04.1",
"5.4.0-1116.125~18.04.1",
"5.4.0-1117.126~18.04.1",
"5.4.0-1118.127~18.04.1",
"5.4.0-1119.128~18.04.1",
"5.4.0-1120.129~18.04.1",
"5.4.0-1121.130~18.04.1",
"5.4.0-1122.131~18.04.1",
"5.4.0-1123.132~18.04.1",
"5.4.0-1124.133~18.04.1",
"5.4.0-1125.134~18.04.1",
"5.4.0-1126.135~18.04.1",
"5.4.0-1127.136~18.04.1",
"5.4.0-1129.138~18.04.1",
"5.4.0-1130.139~18.04.1",
"5.4.0-1131.140~18.04.1",
"5.4.0-1132.141~18.04.1",
"5.4.0-1133.142~18.04.1",
"5.4.0-1134.143~18.04.1",
"5.4.0-1135.144~18.04.1",
"5.4.0-1136.145~18.04.1",
"5.4.0-1137.146~18.04.1",
"5.4.0-1138.147~18.04.1",
"5.4.0-1140.149~18.04.1",
"5.4.0-1141.151~18.04.1",
"5.4.0-1142.152~18.04.1",
"5.4.0-1143.153~18.04.1",
"5.4.0-1144.154~18.04.1",
"5.4.0-1145.155~18.04.1",
"5.4.0-1146.156~18.04.1",
"5.4.0-1148.158~18.04.1",
"5.4.0-1149.159~18.04.1",
"5.4.0-1150.160~18.04.1",
"5.4.0-1151.161~18.04.1",
"5.4.0-1152.162~18.04.1",
"5.4.0-1154.164~18.04.1",
"5.4.0-1155.165~18.04.1",
"5.4.0-1156.166~18.04.2",
"5.4.0-1157.167~18.04.1",
"5.4.0-1158.168~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156~18.04.1"
},
{
"binary_name": "linux-headers-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156~18.04.1"
},
{
"binary_name": "linux-image-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156~18.04.1"
},
{
"binary_name": "linux-modules-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156~18.04.1"
},
{
"binary_name": "linux-raspi-5.4-headers-5.4.0-1143",
"binary_version": "5.4.0-1143.156~18.04.1"
},
{
"binary_name": "linux-raspi-5.4-tools-5.4.0-1143",
"binary_version": "5.4.0-1143.156~18.04.1"
},
{
"binary_name": "linux-tools-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156~18.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:18.04:LTS",
"name": "linux-raspi-5.4",
"purl": "pkg:deb/ubuntu/linux-raspi-5.4@5.4.0-1143.156~18.04.1?arch=source\u0026distro=esm-infra/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1013.13~18.04.1",
"5.4.0-1015.15~18.04.1",
"5.4.0-1016.17~18.04.1",
"5.4.0-1018.20~18.04.1",
"5.4.0-1019.21~18.04.1",
"5.4.0-1021.24~18.04.1",
"5.4.0-1022.25~18.04.1",
"5.4.0-1023.26~18.04.1",
"5.4.0-1025.28~18.04.1",
"5.4.0-1026.29~18.04.1",
"5.4.0-1028.31~18.04.1",
"5.4.0-1029.32~18.04.1",
"5.4.0-1030.33~18.04.1",
"5.4.0-1032.35~18.04.1",
"5.4.0-1033.36~18.04.1",
"5.4.0-1034.37~18.04.1",
"5.4.0-1035.38~18.04.1",
"5.4.0-1036.39~18.04.1",
"5.4.0-1038.41~18.04.1",
"5.4.0-1041.45~18.04.1",
"5.4.0-1042.46~18.04.3",
"5.4.0-1043.47~18.04.1",
"5.4.0-1044.48~18.04.1",
"5.4.0-1045.49~18.04.1",
"5.4.0-1046.50~18.04.1",
"5.4.0-1047.52~18.04.1",
"5.4.0-1048.53~18.04.1",
"5.4.0-1050.56~18.04.1",
"5.4.0-1052.58~18.04.1",
"5.4.0-1053.60~18.04.1",
"5.4.0-1055.62~18.04.1",
"5.4.0-1056.63~18.04.1",
"5.4.0-1058.65~18.04.1",
"5.4.0-1059.66~18.04.1",
"5.4.0-1060.68~18.04.1",
"5.4.0-1062.70~18.04.1",
"5.4.0-1065.75~18.04.1",
"5.4.0-1066.76~18.04.1",
"5.4.0-1068.78~18.04.1",
"5.4.0-1069.79~18.04.1",
"5.4.0-1070.80~18.04.1",
"5.4.0-1071.81~18.04.1",
"5.4.0-1073.84~18.04.1",
"5.4.0-1074.85~18.04.1",
"5.4.0-1077.88~18.04.2",
"5.4.0-1078.89~18.04.1",
"5.4.0-1079.90~18.04.1",
"5.4.0-1080.91~18.04.1",
"5.4.0-1081.92~18.04.1",
"5.4.0-1082.93~18.04.1",
"5.4.0-1083.94~18.04.1",
"5.4.0-1084.95~18.04.1",
"5.4.0-1085.96~18.04.1",
"5.4.0-1086.97~18.04.1",
"5.4.0-1088.99~18.04.1",
"5.4.0-1089.100~18.04.1",
"5.4.0-1090.101~18.04.1",
"5.4.0-1091.102~18.04.1",
"5.4.0-1092.103~18.04.1",
"5.4.0-1093.104~18.04.1",
"5.4.0-1094.105~18.04.1",
"5.4.0-1095.106~18.04.1",
"5.4.0-1096.107~18.04.1",
"5.4.0-1097.109~18.04.2",
"5.4.0-1098.110~18.04.2",
"5.4.0-1100.112~18.04.1",
"5.4.0-1101.113~18.04.1",
"5.4.0-1102.114~18.04.1",
"5.4.0-1103.115~18.04.1",
"5.4.0-1104.116~18.04.1",
"5.4.0-1105.117~18.04.1",
"5.4.0-1106.118~18.04.1",
"5.4.0-1107.119~18.04.1",
"5.4.0-1108.120~18.04.1",
"5.4.0-1109.121~18.04.1",
"5.4.0-1110.122~18.04.1",
"5.4.0-1111.123~18.04.1",
"5.4.0-1112.124~18.04.1",
"5.4.0-1114.126~18.04.1",
"5.4.0-1115.127~18.04.1",
"5.4.0-1116.128~18.04.1",
"5.4.0-1117.129~18.04.1",
"5.4.0-1118.130~18.04.1",
"5.4.0-1119.131~18.04.1",
"5.4.0-1120.132~18.04.1",
"5.4.0-1121.133~18.04.1",
"5.4.0-1122.134~18.04.1",
"5.4.0-1129.142~18.04.1",
"5.4.0-1130.143~18.04.1",
"5.4.0-1131.144~18.04.1",
"5.4.0-1132.145~18.04.1",
"5.4.0-1133.146~18.04.1",
"5.4.0-1134.147~18.04.1",
"5.4.0-1135.148~18.04.1",
"5.4.0-1136.149~18.04.1",
"5.4.0-1137.150~18.04.1",
"5.4.0-1139.152~18.04.1",
"5.4.0-1140.153~18.04.1",
"5.4.0-1143.156~18.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-fips-headers-4.15.0-2132",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-aws-fips-tools-4.15.0-2132",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-buildinfo-4.15.0-2132-aws-fips",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-headers-4.15.0-2132-aws-fips",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-image-unsigned-4.15.0-2132-aws-fips",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-2132-aws-fips",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-modules-4.15.0-2132-aws-fips",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-modules-extra-4.15.0-2132-aws-fips",
"binary_version": "4.15.0-2132.138"
},
{
"binary_name": "linux-tools-4.15.0-2132-aws-fips",
"binary_version": "4.15.0-2132.138"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "linux-aws-fips",
"purl": "pkg:deb/ubuntu/linux-aws-fips@4.15.0-2132.138?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-2000.4",
"4.15.0-2018.18",
"4.15.0-2021.21",
"4.15.0-2022.22",
"4.15.0-2024.24",
"4.15.0-2025.25",
"4.15.0-2026.26",
"4.15.0-2027.27",
"4.15.0-2030.31",
"4.15.0-2031.32",
"4.15.0-2033.34",
"4.15.0-2034.35",
"4.15.0-2035.37",
"4.15.0-2036.38",
"4.15.0-2037.39",
"4.15.0-2038.40",
"4.15.0-2039.41",
"4.15.0-2040.42",
"4.15.0-2041.43",
"4.15.0-2042.44",
"4.15.0-2044.46",
"4.15.0-2045.47",
"4.15.0-2048.50",
"4.15.0-2051.53",
"4.15.0-2052.54",
"4.15.0-2053.55",
"4.15.0-2054.56",
"4.15.0-2055.57",
"4.15.0-2056.58",
"4.15.0-2057.59",
"4.15.0-2059.61",
"4.15.0-2060.62",
"4.15.0-2061.63",
"4.15.0-2063.66",
"4.15.0-2064.67",
"4.15.0-2065.68",
"4.15.0-2066.69",
"4.15.0-2067.70",
"4.15.0-2069.72",
"4.15.0-2072.76",
"4.15.0-2075.80",
"4.15.0-2076.81",
"4.15.0-2078.83",
"4.15.0-2079.84",
"4.15.0-2080.85",
"4.15.0-2081.87",
"4.15.0-2082.88",
"4.15.0-2083.89",
"4.15.0-2085.91",
"4.15.0-2087.93",
"4.15.0-2089.95",
"4.15.0-2090.96",
"4.15.0-2092.98",
"4.15.0-2093.99",
"4.15.0-2094.100",
"4.15.0-2095.101",
"4.15.0-2096.102",
"4.15.0-2097.103",
"4.15.0-2098.104",
"4.15.0-2099.105",
"4.15.0-2100.106",
"4.15.0-2101.107",
"4.15.0-2102.108",
"4.15.0-2103.109",
"4.15.0-2104.110",
"4.15.0-2105.111",
"4.15.0-2106.112",
"4.15.0-2107.113",
"4.15.0-2108.114",
"4.15.0-2109.115",
"4.15.0-2110.116",
"4.15.0-2111.117",
"4.15.0-2112.118",
"4.15.0-2113.119",
"4.15.0-2114.120",
"4.15.0-2115.121",
"4.15.0-2116.122",
"4.15.0-2117.123",
"4.15.0-2118.124",
"4.15.0-2119.125",
"4.15.0-2120.126",
"4.15.0-2121.127",
"4.15.0-2122.128",
"4.15.0-2123.129",
"4.15.0-2124.130",
"4.15.0-2125.131",
"4.15.0-2126.132",
"4.15.0-2127.133",
"4.15.0-2128.134",
"4.15.0-2129.135",
"4.15.0-2130.136",
"4.15.0-2132.138"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-4.15.0-2112",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-azure-fips-headers-4.15.0-2112",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-azure-fips-tools-4.15.0-2112",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-buildinfo-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-cloud-tools-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-headers-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-image-unsigned-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-modules-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-modules-extra-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
},
{
"binary_name": "linux-tools-4.15.0-2112-azure-fips",
"binary_version": "4.15.0-2112.118"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "linux-azure-fips",
"purl": "pkg:deb/ubuntu/linux-azure-fips@4.15.0-2112.118?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1002.2",
"4.15.0-2006.7",
"4.15.0-2007.8",
"4.15.0-2008.9",
"4.15.0-2009.10",
"4.15.0-2012.14",
"4.15.0-2013.15",
"4.15.0-2015.17",
"4.15.0-2016.18",
"4.15.0-2017.20",
"4.15.0-2018.21",
"4.15.0-2020.23",
"4.15.0-2021.24",
"4.15.0-2022.25",
"4.15.0-2023.26",
"4.15.0-2024.27",
"4.15.0-2025.28",
"4.15.0-2026.29",
"4.15.0-2027.30",
"4.15.0-2030.33",
"4.15.0-2033.37",
"4.15.0-2034.38",
"4.15.0-2035.39",
"4.15.0-2036.40",
"4.15.0-2037.41",
"4.15.0-2038.42",
"4.15.0-2039.43",
"4.15.0-2041.45",
"4.15.0-2042.46",
"4.15.0-2043.47",
"4.15.0-2045.49",
"4.15.0-2046.50",
"4.15.0-2047.51",
"4.15.0-2048.52",
"4.15.0-2049.53",
"4.15.0-2050.54",
"4.15.0-2053.58",
"4.15.0-2056.62",
"4.15.0-2057.63",
"4.15.0-2059.65",
"4.15.0-2060.66",
"4.15.0-2062.68",
"4.15.0-2066.72",
"4.15.0-2067.73",
"4.15.0-2068.74",
"4.15.0-2070.76",
"4.15.0-2071.77",
"4.15.0-2072.78",
"4.15.0-2073.79",
"4.15.0-2074.80",
"4.15.0-2075.81",
"4.15.0-2076.82",
"4.15.0-2077.83",
"4.15.0-2078.84",
"4.15.0-2079.85",
"4.15.0-2080.86",
"4.15.0-2081.87",
"4.15.0-2082.88",
"4.15.0-2084.90",
"4.15.0-2085.91",
"4.15.0-2086.92",
"4.15.0-2087.93",
"4.15.0-2088.94",
"4.15.0-2089.95",
"4.15.0-2090.96",
"4.15.0-2091.97",
"4.15.0-2092.98",
"4.15.0-2093.99",
"4.15.0-2094.100",
"4.15.0-2095.101",
"4.15.0-2096.102",
"4.15.0-2097.103",
"4.15.0-2098.104",
"4.15.0-2099.105",
"4.15.0-2100.106",
"4.15.0-2101.107",
"4.15.0-2102.108",
"4.15.0-2104.110",
"4.15.0-2105.111",
"4.15.0-2106.112",
"4.15.0-2109.115",
"4.15.0-2110.116",
"4.15.0-2111.117",
"4.15.0-2112.118"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-fips-headers-4.15.0-1149",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-fips-tools-4.15.0-1149",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-fips-tools-host",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-headers-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-image-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-image-hmac-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-modules-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-modules-extra-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
},
{
"binary_name": "linux-tools-4.15.0-1149-fips",
"binary_version": "4.15.0-1149.161"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@4.15.0-1149.161?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1027.32",
"4.15.0-1029.34",
"4.15.0-1034.39",
"4.15.0-1035.40",
"4.15.0-1037.42",
"4.15.0-1038.43",
"4.15.0-1039.44",
"4.15.0-1040.45",
"4.15.0-1041.46",
"4.15.0-1044.50",
"4.15.0-1045.52",
"4.15.0-1046.53",
"4.15.0-1048.55",
"4.15.0-1049.56",
"4.15.0-1050.58",
"4.15.0-1051.59",
"4.15.0-1052.60",
"4.15.0-1053.61",
"4.15.0-1054.62",
"4.15.0-1055.63",
"4.15.0-1056.64",
"4.15.0-1057.65",
"4.15.0-1058.66",
"4.15.0-1059.67",
"4.15.0-1060.68",
"4.15.0-1063.71",
"4.15.0-1066.75",
"4.15.0-1067.76",
"4.15.0-1068.77",
"4.15.0-1069.78",
"4.15.0-1070.79",
"4.15.0-1071.80",
"4.15.0-1072.81",
"4.15.0-1073.82",
"4.15.0-1075.84",
"4.15.0-1076.85",
"4.15.0-1078.87",
"4.15.0-1080.89",
"4.15.0-1081.90",
"4.15.0-1083.92",
"4.15.0-1084.93",
"4.15.0-1085.94",
"4.15.0-1087.96",
"4.15.0-1090.100",
"4.15.0-1093.104",
"4.15.0-1094.105",
"4.15.0-1096.107",
"4.15.0-1097.108",
"4.15.0-1098.109",
"4.15.0-1099.110",
"4.15.0-1100.111",
"4.15.0-1103.114",
"4.15.0-1104.115",
"4.15.0-1105.116",
"4.15.0-1107.118",
"4.15.0-1108.119",
"4.15.0-1109.120",
"4.15.0-1110.121",
"4.15.0-1111.122",
"4.15.0-1112.123",
"4.15.0-1113.124",
"4.15.0-1114.125",
"4.15.0-1115.126",
"4.15.0-1116.127",
"4.15.0-1117.128",
"4.15.0-1118.129",
"4.15.0-1119.130",
"4.15.0-1121.132",
"4.15.0-1122.133",
"4.15.0-1123.134",
"4.15.0-1124.135",
"4.15.0-1125.136",
"4.15.0-1126.137",
"4.15.0-1127.138",
"4.15.0-1128.139",
"4.15.0-1129.140",
"4.15.0-1130.141",
"4.15.0-1131.142",
"4.15.0-1132.143",
"4.15.0-1133.144",
"4.15.0-1134.145",
"4.15.0-1135.146",
"4.15.0-1136.147",
"4.15.0-1137.148",
"4.15.0-1138.149",
"4.15.0-1139.150",
"4.15.0-1140.151",
"4.15.0-1141.153",
"4.15.0-1142.154",
"4.15.0-1143.155",
"4.15.0-1144.156",
"4.15.0-1145.157",
"4.15.0-1146.158",
"4.15.0-1147.159",
"4.15.0-1148.160",
"4.15.0-1149.161"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-2095-gcp-fips",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-gcp-fips-headers-4.15.0-2095",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-gcp-fips-tools-4.15.0-2095",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-headers-4.15.0-2095-gcp-fips",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-image-unsigned-4.15.0-2095-gcp-fips",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-2095-gcp-fips",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-modules-4.15.0-2095-gcp-fips",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-modules-extra-4.15.0-2095-gcp-fips",
"binary_version": "4.15.0-2095.101"
},
{
"binary_name": "linux-tools-4.15.0-2095-gcp-fips",
"binary_version": "4.15.0-2095.101"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:18.04:LTS",
"name": "linux-gcp-fips",
"purl": "pkg:deb/ubuntu/linux-gcp-fips@4.15.0-2095.101?arch=source\u0026distro=fips-updates/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-2013.14",
"4.15.0-2016.18",
"4.15.0-2017.19",
"4.15.0-2018.20",
"4.15.0-2019.21",
"4.15.0-2020.22",
"4.15.0-2021.23",
"4.15.0-2022.24",
"4.15.0-2024.26",
"4.15.0-2025.27",
"4.15.0-2026.28",
"4.15.0-2028.31",
"4.15.0-2029.32",
"4.15.0-2030.33",
"4.15.0-2031.34",
"4.15.0-2032.35",
"4.15.0-2034.37",
"4.15.0-2037.41",
"4.15.0-2040.45",
"4.15.0-2041.46",
"4.15.0-2043.48",
"4.15.0-2044.49",
"4.15.0-2045.50",
"4.15.0-2047.52",
"4.15.0-2050.55",
"4.15.0-2052.57",
"4.15.0-2054.59",
"4.15.0-2055.60",
"4.15.0-2056.61",
"4.15.0-2057.62",
"4.15.0-2058.63",
"4.15.0-2059.64",
"4.15.0-2060.65",
"4.15.0-2061.66",
"4.15.0-2062.67",
"4.15.0-2063.68",
"4.15.0-2064.69",
"4.15.0-2065.70",
"4.15.0-2066.71",
"4.15.0-2067.72",
"4.15.0-2068.73",
"4.15.0-2069.74",
"4.15.0-2070.75",
"4.15.0-2071.76",
"4.15.0-2072.77",
"4.15.0-2073.78",
"4.15.0-2074.79",
"4.15.0-2075.80",
"4.15.0-2076.81",
"4.15.0-2077.83",
"4.15.0-2078.84",
"4.15.0-2079.85",
"4.15.0-2080.86",
"4.15.0-2081.87",
"4.15.0-2082.88",
"4.15.0-2083.89",
"4.15.0-2084.90",
"4.15.0-2085.91",
"4.15.0-2086.92",
"4.15.0-2087.93",
"4.15.0-2088.94",
"4.15.0-2089.95",
"4.15.0-2090.96",
"4.15.0-2091.97",
"4.15.0-2092.98",
"4.15.0-2093.99",
"4.15.0-2094.100",
"4.15.0-2095.101"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-fips-headers-4.15.0-2000",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-aws-fips-tools-4.15.0-2000",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-buildinfo-4.15.0-2000-aws-fips",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-headers-4.15.0-2000-aws-fips",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-image-unsigned-4.15.0-2000-aws-fips",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-2000-aws-fips",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-modules-4.15.0-2000-aws-fips",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-modules-extra-4.15.0-2000-aws-fips",
"binary_version": "4.15.0-2000.4"
},
{
"binary_name": "linux-tools-4.15.0-2000-aws-fips",
"binary_version": "4.15.0-2000.4"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "linux-aws-fips",
"purl": "pkg:deb/ubuntu/linux-aws-fips@4.15.0-2000.4?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-2000.4"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-4.15.0-1002",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-azure-fips-headers-4.15.0-1002",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-azure-fips-tools-4.15.0-1002",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-buildinfo-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-headers-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-modules-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-modules-extra-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
},
{
"binary_name": "linux-tools-4.15.0-1002-azure-fips",
"binary_version": "4.15.0-1002.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "linux-azure-fips",
"purl": "pkg:deb/ubuntu/linux-azure-fips@4.15.0-1002.2?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1002.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-fips-headers-4.15.0-1011",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-fips-tools-4.15.0-1011",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-fips-tools-host",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-headers-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-image-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-image-hmac-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-modules-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-modules-extra-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
},
{
"binary_name": "linux-tools-4.15.0-1011-fips",
"binary_version": "4.15.0-1011.12"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@4.15.0-1011.12?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1011.12"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1001-gcp-fips",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-gcp-fips-headers-4.15.0-1001",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-gcp-fips-tools-4.15.0-1001",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-headers-4.15.0-1001-gcp-fips",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1001-gcp-fips",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-image-unsigned-hmac-4.15.0-1001-gcp-fips",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-modules-4.15.0-1001-gcp-fips",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-1001-gcp-fips",
"binary_version": "4.15.0-1001.1"
},
{
"binary_name": "linux-tools-4.15.0-1001-gcp-fips",
"binary_version": "4.15.0-1001.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:18.04:LTS",
"name": "linux-gcp-fips",
"purl": "pkg:deb/ubuntu/linux-gcp-fips@4.15.0-1001.1?arch=source\u0026distro=fips/bionic"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"4.15.0-1001.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "block-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "crypto-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "crypto-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "dasd-extra-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "dasd-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "fat-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "fat-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "fb-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "firewire-core-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "floppy-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "fs-core-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "fs-core-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "fs-secondary-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "fs-secondary-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "input-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "input-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "ipmi-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "ipmi-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "kernel-image-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "kernel-image-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-buildinfo-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-buildinfo-5.4.0-231-generic-lpae",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-buildinfo-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-cloud-tools-5.4.0-231",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-cloud-tools-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-cloud-tools-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-cloud-tools-common",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-headers-5.4.0-231",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-headers-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-headers-5.4.0-231-generic-lpae",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-headers-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-image-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-image-5.4.0-231-generic-lpae",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-image-unsigned-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-image-unsigned-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-modules-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-modules-5.4.0-231-generic-lpae",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-modules-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-modules-extra-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-source-5.4.0",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-tools-5.4.0-231",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-tools-5.4.0-231-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-tools-5.4.0-231-generic-lpae",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-tools-5.4.0-231-lowlatency",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-tools-common",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-tools-host",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-udebs-generic",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "linux-udebs-generic-lpae",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "md-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "md-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "message-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "mouse-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "mouse-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "multipath-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "multipath-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nfs-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nfs-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nic-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nic-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nic-pcmcia-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nic-shared-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nic-shared-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nic-usb-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "nic-usb-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "parport-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "parport-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "pata-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "pcmcia-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "pcmcia-storage-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "plip-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "plip-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "ppp-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "ppp-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "sata-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "sata-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "scsi-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "scsi-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "serial-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "storage-core-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "storage-core-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "usb-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "usb-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "virtio-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "vlan-modules-5.4.0-231-generic-di",
"binary_version": "5.4.0-231.251"
},
{
"binary_name": "vlan-modules-5.4.0-231-generic-lpae-di",
"binary_version": "5.4.0-231.251"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux",
"purl": "pkg:deb/ubuntu/linux@5.4.0-231.251?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-18.19",
"5.3.0-24.26",
"5.4.0-9.12",
"5.4.0-18.22",
"5.4.0-21.25",
"5.4.0-24.28",
"5.4.0-25.29",
"5.4.0-26.30",
"5.4.0-28.32",
"5.4.0-29.33",
"5.4.0-31.35",
"5.4.0-33.37",
"5.4.0-37.41",
"5.4.0-39.43",
"5.4.0-40.44",
"5.4.0-42.46",
"5.4.0-45.49",
"5.4.0-47.51",
"5.4.0-48.52",
"5.4.0-51.56",
"5.4.0-52.57",
"5.4.0-53.59",
"5.4.0-54.60",
"5.4.0-56.62",
"5.4.0-58.64",
"5.4.0-59.65",
"5.4.0-60.67",
"5.4.0-62.70",
"5.4.0-64.72",
"5.4.0-65.73",
"5.4.0-66.74",
"5.4.0-67.75",
"5.4.0-70.78",
"5.4.0-71.79",
"5.4.0-72.80",
"5.4.0-73.82",
"5.4.0-74.83",
"5.4.0-77.86",
"5.4.0-80.90",
"5.4.0-81.91",
"5.4.0-84.94",
"5.4.0-86.97",
"5.4.0-88.99",
"5.4.0-89.100",
"5.4.0-90.101",
"5.4.0-91.102",
"5.4.0-92.103",
"5.4.0-94.106",
"5.4.0-96.109",
"5.4.0-97.110",
"5.4.0-99.112",
"5.4.0-100.113",
"5.4.0-104.118",
"5.4.0-105.119",
"5.4.0-107.121",
"5.4.0-109.123",
"5.4.0-110.124",
"5.4.0-113.127",
"5.4.0-117.132",
"5.4.0-120.136",
"5.4.0-121.137",
"5.4.0-122.138",
"5.4.0-124.140",
"5.4.0-125.141",
"5.4.0-126.142",
"5.4.0-128.144",
"5.4.0-131.147",
"5.4.0-132.148",
"5.4.0-135.152",
"5.4.0-136.153",
"5.4.0-137.154",
"5.4.0-139.156",
"5.4.0-144.161",
"5.4.0-146.163",
"5.4.0-147.164",
"5.4.0-148.165",
"5.4.0-149.166",
"5.4.0-150.167",
"5.4.0-152.169",
"5.4.0-153.170",
"5.4.0-155.172",
"5.4.0-156.173",
"5.4.0-159.176",
"5.4.0-162.179",
"5.4.0-163.180",
"5.4.0-164.181",
"5.4.0-165.182",
"5.4.0-166.183",
"5.4.0-167.184",
"5.4.0-169.187",
"5.4.0-170.188",
"5.4.0-171.189",
"5.4.0-172.190",
"5.4.0-173.191",
"5.4.0-174.193",
"5.4.0-176.196",
"5.4.0-177.197",
"5.4.0-181.201",
"5.4.0-182.202",
"5.4.0-186.206",
"5.4.0-187.207",
"5.4.0-189.209",
"5.4.0-190.210",
"5.4.0-192.212",
"5.4.0-193.213",
"5.4.0-195.215",
"5.4.0-196.216",
"5.4.0-198.218",
"5.4.0-200.220",
"5.4.0-202.222",
"5.4.0-204.224",
"5.4.0-205.225",
"5.4.0-208.228",
"5.4.0-211.231",
"5.4.0-212.232",
"5.4.0-214.234",
"5.4.0-215.235",
"5.4.0-216.236",
"5.4.0-218.238",
"5.4.0-219.239",
"5.4.0-220.240",
"5.4.0-221.241",
"5.4.0-222.242",
"5.4.0-223.243",
"5.4.0-224.244",
"5.4.0-225.245",
"5.4.0-227.247",
"5.4.0-228.248",
"5.4.0-229.249",
"5.4.0-230.250",
"5.4.0-231.251"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-5.4.0-1160",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-aws-headers-5.4.0-1160",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-aws-tools-5.4.0-1160",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-buildinfo-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-headers-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-modules-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-modules-extra-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170"
},
{
"binary_name": "linux-tools-5.4.0-1160-aws",
"binary_version": "5.4.0-1160.170"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@5.4.0-1160.170?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1003.3",
"5.3.0-1008.9",
"5.3.0-1009.10",
"5.3.0-1010.11",
"5.4.0-1005.5",
"5.4.0-1007.7",
"5.4.0-1008.8",
"5.4.0-1009.9",
"5.4.0-1011.11",
"5.4.0-1015.15",
"5.4.0-1017.17",
"5.4.0-1018.18",
"5.4.0-1020.20",
"5.4.0-1021.21",
"5.4.0-1022.22",
"5.4.0-1024.24",
"5.4.0-1025.25",
"5.4.0-1028.29",
"5.4.0-1029.30",
"5.4.0-1030.31",
"5.4.0-1032.33",
"5.4.0-1034.35",
"5.4.0-1035.37",
"5.4.0-1037.39",
"5.4.0-1038.40",
"5.4.0-1039.41",
"5.4.0-1041.43",
"5.4.0-1043.45",
"5.4.0-1045.47",
"5.4.0-1047.49",
"5.4.0-1048.50",
"5.4.0-1049.51",
"5.4.0-1051.53",
"5.4.0-1054.57",
"5.4.0-1055.58",
"5.4.0-1056.59",
"5.4.0-1057.60",
"5.4.0-1058.61",
"5.4.0-1059.62",
"5.4.0-1060.63",
"5.4.0-1061.64",
"5.4.0-1063.66",
"5.4.0-1064.67",
"5.4.0-1065.68",
"5.4.0-1066.69",
"5.4.0-1068.72",
"5.4.0-1069.73",
"5.4.0-1071.76",
"5.4.0-1072.77",
"5.4.0-1073.78",
"5.4.0-1075.80",
"5.4.0-1078.84",
"5.4.0-1080.87",
"5.4.0-1081.88",
"5.4.0-1083.90",
"5.4.0-1084.91",
"5.4.0-1085.92",
"5.4.0-1086.93",
"5.4.0-1088.96",
"5.4.0-1089.97",
"5.4.0-1092.100",
"5.4.0-1093.101",
"5.4.0-1094.102",
"5.4.0-1096.104",
"5.4.0-1097.105",
"5.4.0-1099.107",
"5.4.0-1100.108",
"5.4.0-1101.109",
"5.4.0-1102.110",
"5.4.0-1103.111",
"5.4.0-1104.112",
"5.4.0-1105.113",
"5.4.0-1106.114",
"5.4.0-1107.115",
"5.4.0-1108.116",
"5.4.0-1109.118",
"5.4.0-1110.119",
"5.4.0-1111.120",
"5.4.0-1112.121",
"5.4.0-1113.123",
"5.4.0-1114.124",
"5.4.0-1116.126",
"5.4.0-1117.127",
"5.4.0-1118.128",
"5.4.0-1119.129",
"5.4.0-1120.130",
"5.4.0-1121.131",
"5.4.0-1122.132",
"5.4.0-1123.133",
"5.4.0-1124.134",
"5.4.0-1125.135",
"5.4.0-1126.136",
"5.4.0-1127.137",
"5.4.0-1128.138",
"5.4.0-1129.139",
"5.4.0-1130.140",
"5.4.0-1131.141",
"5.4.0-1132.142",
"5.4.0-1133.143",
"5.4.0-1134.144",
"5.4.0-1135.145",
"5.4.0-1136.146",
"5.4.0-1137.147",
"5.4.0-1139.149",
"5.4.0-1140.150",
"5.4.0-1142.152",
"5.4.0-1144.154",
"5.4.0-1145.155",
"5.4.0-1146.156",
"5.4.0-1147.157",
"5.4.0-1148.158",
"5.4.0-1149.159",
"5.4.0-1150.160",
"5.4.0-1151.161",
"5.4.0-1152.162",
"5.4.0-1153.163",
"5.4.0-1154.164",
"5.4.0-1156.166",
"5.4.0-1157.167",
"5.4.0-1158.168",
"5.4.0-1159.169",
"5.4.0-1160.170"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.11-cloud-tools-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-aws-5.11-headers-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-aws-5.11-tools-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.11.0-1028-aws",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.11.0-1028-aws",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-headers-5.11.0-1028-aws",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.11.0-1028-aws",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-modules-5.11.0-1028-aws",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.11.0-1028-aws",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-tools-5.11.0-1028-aws",
"binary_version": "5.11.0-1028.31~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-aws-5.11",
"purl": "pkg:deb/ubuntu/linux-aws-5.11@5.11.0-1028.31~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.11.0-1009.9~20.04.2",
"5.11.0-1014.15~20.04.1",
"5.11.0-1016.17~20.04.1",
"5.11.0-1017.18~20.04.1",
"5.11.0-1019.20~20.04.1",
"5.11.0-1020.21~20.04.2",
"5.11.0-1021.22~20.04.2",
"5.11.0-1022.23~20.04.1",
"5.11.0-1023.24~20.04.1",
"5.11.0-1025.27~20.04.1",
"5.11.0-1027.30~20.04.1",
"5.11.0-1028.31~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.13-cloud-tools-5.13.0-1031",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-aws-5.13-headers-5.13.0-1031",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-aws-5.13-tools-5.13.0-1031",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.13.0-1031-aws",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.13.0-1031-aws",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-1031-aws",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.13.0-1031-aws",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-1031-aws",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.13.0-1031-aws",
"binary_version": "5.13.0-1031.35~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-1031-aws",
"binary_version": "5.13.0-1031.35~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-aws-5.13",
"purl": "pkg:deb/ubuntu/linux-aws-5.13@5.13.0-1031.35~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1008.9~20.04.2",
"5.13.0-1011.12~20.04.1",
"5.13.0-1012.13~20.04.1",
"5.13.0-1014.15~20.04.1",
"5.13.0-1017.19~20.04.1",
"5.13.0-1019.21~20.04.1",
"5.13.0-1021.23~20.04.2",
"5.13.0-1022.24~20.04.1",
"5.13.0-1023.25~20.04.1",
"5.13.0-1025.27~20.04.1",
"5.13.0-1028.31~20.04.1",
"5.13.0-1029.32~20.04.1",
"5.13.0-1031.35~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.15-cloud-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-aws-5.15-headers-5.15.0-1111",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-aws-5.15-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-aws-5.15",
"purl": "pkg:deb/ubuntu/linux-aws-5.15@5.15.0-1111.118~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1014.18~20.04.1",
"5.15.0-1015.19~20.04.1",
"5.15.0-1017.21~20.04.1",
"5.15.0-1019.23~20.04.1",
"5.15.0-1020.24~20.04.1",
"5.15.0-1021.25~20.04.1",
"5.15.0-1022.26~20.04.1",
"5.15.0-1023.27~20.04.1",
"5.15.0-1026.30~20.04.2",
"5.15.0-1027.31~20.04.1",
"5.15.0-1028.32~20.04.1",
"5.15.0-1030.34~20.04.1",
"5.15.0-1031.35~20.04.1",
"5.15.0-1033.37~20.04.1",
"5.15.0-1034.38~20.04.1",
"5.15.0-1035.39~20.04.1",
"5.15.0-1036.40~20.04.1",
"5.15.0-1037.41~20.04.1",
"5.15.0-1038.43~20.04.1",
"5.15.0-1039.44~20.04.1",
"5.15.0-1040.45~20.04.1",
"5.15.0-1041.46~20.04.1",
"5.15.0-1043.48~20.04.1",
"5.15.0-1044.49~20.04.1",
"5.15.0-1045.50~20.04.1",
"5.15.0-1047.52~20.04.1",
"5.15.0-1048.53~20.04.1",
"5.15.0-1049.54~20.04.1",
"5.15.0-1050.55~20.04.1",
"5.15.0-1051.56~20.04.1",
"5.15.0-1052.57~20.04.1",
"5.15.0-1053.58~20.04.1",
"5.15.0-1055.60~20.04.1",
"5.15.0-1056.61~20.04.1",
"5.15.0-1057.63~20.04.1",
"5.15.0-1058.64~20.04.1",
"5.15.0-1061.67~20.04.1",
"5.15.0-1062.68~20.04.1",
"5.15.0-1063.69~20.04.1",
"5.15.0-1064.70~20.04.1",
"5.15.0-1065.71~20.04.1",
"5.15.0-1066.72~20.04.1",
"5.15.0-1067.73~20.04.1",
"5.15.0-1068.74~20.04.1",
"5.15.0-1069.75~20.04.1",
"5.15.0-1070.76~20.04.1",
"5.15.0-1071.77~20.04.1",
"5.15.0-1072.78~20.04.1",
"5.15.0-1073.79~20.04.1",
"5.15.0-1075.82~20.04.1",
"5.15.0-1077.84~20.04.1",
"5.15.0-1080.87~20.04.1",
"5.15.0-1081.88~20.04.1",
"5.15.0-1082.89~20.04.1",
"5.15.0-1083.90~20.04.1",
"5.15.0-1084.91~20.04.1",
"5.15.0-1086.93~20.04.1",
"5.15.0-1087.94~20.04.1",
"5.15.0-1088.95~20.04.1",
"5.15.0-1089.96~20.04.1",
"5.15.0-1090.97~20.04.1",
"5.15.0-1091.98~20.04.1",
"5.15.0-1092.99~20.04.1",
"5.15.0-1093.100~20.04.1",
"5.15.0-1095.102~20.04.1",
"5.15.0-1096.103~20.04.1",
"5.15.0-1097.104~20.04.1",
"5.15.0-1098.105~20.04.1",
"5.15.0-1099.106~20.04.1",
"5.15.0-1100.107~20.04.2",
"5.15.0-1101.108~20.04.1",
"5.15.0-1103.110~20.04.1",
"5.15.0-1104.111~20.04.1",
"5.15.0-1105.112~20.04.1",
"5.15.0-1106.113~20.04.1",
"5.15.0-1108.115~20.04.1",
"5.15.0-1109.116~20.04.1",
"5.15.0-1111.118~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.8-cloud-tools-5.8.0-1042",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-aws-5.8-headers-5.8.0-1042",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-aws-5.8-tools-5.8.0-1042",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.8.0-1042-aws",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.8.0-1042-aws",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-1042-aws",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-image-5.8.0-1042-aws",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-1042-aws",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.8.0-1042-aws",
"binary_version": "5.8.0-1042.44~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-1042-aws",
"binary_version": "5.8.0-1042.44~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-aws-5.8",
"purl": "pkg:deb/ubuntu/linux-aws-5.8@5.8.0-1042.44~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.8.0-1035.37~20.04.1",
"5.8.0-1038.40~20.04.1",
"5.8.0-1041.43~20.04.1",
"5.8.0-1042.44~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-5.4.0-1164",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-azure-headers-5.4.0-1164",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-azure-tools-5.4.0-1164",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-buildinfo-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-headers-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-modules-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-modules-extra-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170"
},
{
"binary_name": "linux-tools-5.4.0-1164-azure",
"binary_version": "5.4.0-1164.170"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@5.4.0-1164.170?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1003.3",
"5.3.0-1008.9",
"5.3.0-1009.10",
"5.4.0-1006.6",
"5.4.0-1008.8",
"5.4.0-1009.9",
"5.4.0-1010.10",
"5.4.0-1012.12",
"5.4.0-1016.16",
"5.4.0-1019.19",
"5.4.0-1020.20",
"5.4.0-1022.22",
"5.4.0-1023.23",
"5.4.0-1025.25",
"5.4.0-1026.26",
"5.4.0-1031.32",
"5.4.0-1032.33",
"5.4.0-1034.35",
"5.4.0-1035.36",
"5.4.0-1036.38",
"5.4.0-1039.41",
"5.4.0-1040.42",
"5.4.0-1041.43",
"5.4.0-1043.45",
"5.4.0-1044.46",
"5.4.0-1046.48",
"5.4.0-1047.49",
"5.4.0-1048.50",
"5.4.0-1049.51",
"5.4.0-1051.53",
"5.4.0-1055.57",
"5.4.0-1056.58",
"5.4.0-1058.60",
"5.4.0-1059.62",
"5.4.0-1061.64",
"5.4.0-1062.65",
"5.4.0-1063.66",
"5.4.0-1064.67",
"5.4.0-1065.68",
"5.4.0-1067.70",
"5.4.0-1068.71",
"5.4.0-1069.72",
"5.4.0-1070.73",
"5.4.0-1072.75",
"5.4.0-1073.76",
"5.4.0-1074.77",
"5.4.0-1077.80",
"5.4.0-1078.81",
"5.4.0-1080.83",
"5.4.0-1083.87",
"5.4.0-1085.90",
"5.4.0-1086.91",
"5.4.0-1089.94",
"5.4.0-1090.95",
"5.4.0-1091.96",
"5.4.0-1094.100",
"5.4.0-1095.101",
"5.4.0-1098.104",
"5.4.0-1100.106",
"5.4.0-1101.107",
"5.4.0-1103.109",
"5.4.0-1104.110",
"5.4.0-1105.111",
"5.4.0-1106.112",
"5.4.0-1107.113",
"5.4.0-1108.114",
"5.4.0-1109.115",
"5.4.0-1110.116",
"5.4.0-1111.117",
"5.4.0-1112.118",
"5.4.0-1113.119",
"5.4.0-1114.120",
"5.4.0-1115.122",
"5.4.0-1116.123",
"5.4.0-1117.124",
"5.4.0-1118.125",
"5.4.0-1119.126",
"5.4.0-1120.127",
"5.4.0-1121.128",
"5.4.0-1122.129",
"5.4.0-1123.130",
"5.4.0-1124.131",
"5.4.0-1126.133",
"5.4.0-1127.134",
"5.4.0-1128.135",
"5.4.0-1129.136",
"5.4.0-1130.137",
"5.4.0-1131.138",
"5.4.0-1132.139",
"5.4.0-1133.140",
"5.4.0-1134.141",
"5.4.0-1135.142",
"5.4.0-1136.143",
"5.4.0-1137.144",
"5.4.0-1138.145",
"5.4.0-1139.146",
"5.4.0-1140.147",
"5.4.0-1142.149",
"5.4.0-1143.150",
"5.4.0-1145.152",
"5.4.0-1147.154",
"5.4.0-1148.155",
"5.4.0-1149.156",
"5.4.0-1150.157",
"5.4.0-1151.158",
"5.4.0-1152.159",
"5.4.0-1153.160",
"5.4.0-1154.161",
"5.4.0-1156.163",
"5.4.0-1157.164",
"5.4.0-1160.166",
"5.4.0-1161.167",
"5.4.0-1162.168",
"5.4.0-1163.169",
"5.4.0-1164.170"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-5.11-cloud-tools-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-azure-5.11-headers-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-azure-5.11-tools-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-buildinfo-5.11.0-1028-azure",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-cloud-tools-5.11.0-1028-azure",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-headers-5.11.0-1028-azure",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-image-unsigned-5.11.0-1028-azure",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-modules-5.11.0-1028-azure",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-modules-extra-5.11.0-1028-azure",
"binary_version": "5.11.0-1028.31~20.04.2"
},
{
"binary_name": "linux-tools-5.11.0-1028-azure",
"binary_version": "5.11.0-1028.31~20.04.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-azure-5.11",
"purl": "pkg:deb/ubuntu/linux-azure-5.11@5.11.0-1028.31~20.04.2?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.11.0-1007.7~20.04.2",
"5.11.0-1012.13~20.04.1",
"5.11.0-1013.14~20.04.1",
"5.11.0-1015.16~20.04.1",
"5.11.0-1017.18~20.04.1",
"5.11.0-1019.20~20.04.1",
"5.11.0-1020.21~20.04.1",
"5.11.0-1021.22~20.04.1",
"5.11.0-1022.23~20.04.1",
"5.11.0-1023.24~20.04.1",
"5.11.0-1025.27~20.04.1",
"5.11.0-1027.30~20.04.1",
"5.11.0-1028.31~20.04.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-5.13-cloud-tools-5.13.0-1031",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-azure-5.13-headers-5.13.0-1031",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-azure-5.13-tools-5.13.0-1031",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.13.0-1031-azure",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.13.0-1031-azure",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-1031-azure",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.13.0-1031-azure",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-1031-azure",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.13.0-1031-azure",
"binary_version": "5.13.0-1031.37~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-1031-azure",
"binary_version": "5.13.0-1031.37~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-azure-5.13",
"purl": "pkg:deb/ubuntu/linux-azure-5.13@5.13.0-1031.37~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1009.10~20.04.2",
"5.13.0-1012.14~20.04.1",
"5.13.0-1013.15~20.04.1",
"5.13.0-1014.16~20.04.1",
"5.13.0-1017.19~20.04.1",
"5.13.0-1021.24~20.04.1",
"5.13.0-1022.26~20.04.1",
"5.13.0-1023.27~20.04.1",
"5.13.0-1025.29~20.04.1",
"5.13.0-1028.33~20.04.1",
"5.13.0-1029.34~20.04.1",
"5.13.0-1031.37~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-5.15-cloud-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-azure-5.15-headers-5.15.0-1116",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-azure-5.15-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-modules-involflt-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-azure-5.15",
"purl": "pkg:deb/ubuntu/linux-azure-5.15@5.15.0-1116.125~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1007.8~20.04.1",
"5.15.0-1008.9~20.04.1",
"5.15.0-1013.16~20.04.1",
"5.15.0-1014.17~20.04.1",
"5.15.0-1017.20~20.04.1",
"5.15.0-1019.24~20.04.1",
"5.15.0-1020.25~20.04.1",
"5.15.0-1021.26~20.04.1",
"5.15.0-1022.27~20.04.1",
"5.15.0-1023.29~20.04.1",
"5.15.0-1029.36~20.04.1",
"5.15.0-1030.37~20.04.1",
"5.15.0-1031.38~20.04.1",
"5.15.0-1033.40~20.04.1",
"5.15.0-1034.41~20.04.1",
"5.15.0-1035.42~20.04.1",
"5.15.0-1036.43~20.04.1",
"5.15.0-1037.44~20.04.1",
"5.15.0-1038.45~20.04.1",
"5.15.0-1039.46~20.04.1",
"5.15.0-1040.47~20.04.1",
"5.15.0-1041.48~20.04.1",
"5.15.0-1042.49~20.04.1",
"5.15.0-1043.50~20.04.1",
"5.15.0-1045.52~20.04.1",
"5.15.0-1046.53~20.04.1",
"5.15.0-1047.54~20.04.1",
"5.15.0-1049.56~20.04.1",
"5.15.0-1050.57~20.04.1",
"5.15.0-1051.59~20.04.1",
"5.15.0-1052.60~20.04.1",
"5.15.0-1053.61~20.04.1",
"5.15.0-1054.62~20.04.1",
"5.15.0-1056.64~20.04.1",
"5.15.0-1057.65~20.04.1",
"5.15.0-1058.66~20.04.2",
"5.15.0-1059.67~20.04.1",
"5.15.0-1060.69~20.04.1",
"5.15.0-1061.70~20.04.1",
"5.15.0-1063.72~20.04.1",
"5.15.0-1064.73~20.04.1",
"5.15.0-1065.74~20.04.1",
"5.15.0-1067.76~20.04.1",
"5.15.0-1068.77~20.04.1",
"5.15.0-1070.79~20.04.1",
"5.15.0-1071.80~20.04.1",
"5.15.0-1072.81~20.04.1",
"5.15.0-1073.82~20.04.1",
"5.15.0-1074.83~20.04.1",
"5.15.0-1075.84~20.04.1",
"5.15.0-1078.87~20.04.1",
"5.15.0-1079.88~20.04.1",
"5.15.0-1081.90~20.04.1",
"5.15.0-1082.91~20.04.1",
"5.15.0-1086.95~20.04.1",
"5.15.0-1087.96~20.04.1",
"5.15.0-1088.97~20.04.1",
"5.15.0-1089.98~20.04.1",
"5.15.0-1091.100~20.04.1",
"5.15.0-1094.103~20.04.1",
"5.15.0-1095.104~20.04.1",
"5.15.0-1096.105~20.04.1",
"5.15.0-1097.106~20.04.1",
"5.15.0-1098.107~20.04.1",
"5.15.0-1102.111~20.04.1",
"5.15.0-1103.112~20.04.1",
"5.15.0-1110.119~20.04.1",
"5.15.0-1111.120~20.04.1",
"5.15.0-1114.123~20.04.1",
"5.15.0-1116.125~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-5.8-cloud-tools-5.8.0-1043",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-azure-5.8-headers-5.8.0-1043",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-azure-5.8-tools-5.8.0-1043",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.8.0-1043-azure",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.8.0-1043-azure",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-1043-azure",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.8.0-1043-azure",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-1043-azure",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.8.0-1043-azure",
"binary_version": "5.8.0-1043.46~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-1043-azure",
"binary_version": "5.8.0-1043.46~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-azure-5.8",
"purl": "pkg:deb/ubuntu/linux-azure-5.8@5.8.0-1043.46~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.8.0-1033.35~20.04.1",
"5.8.0-1036.38~20.04.1",
"5.8.0-1039.42~20.04.1",
"5.8.0-1040.43~20.04.1",
"5.8.0-1041.44~20.04.1",
"5.8.0-1042.45~20.04.1",
"5.8.0-1043.46~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-image-unsigned-5.4.0-1103-azure-fde",
"binary_version": "5.4.0-1103.109+cvm1.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-azure-fde",
"purl": "pkg:deb/ubuntu/linux-azure-fde@5.4.0-1103.109+cvm1.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1063.66+cvm2.2",
"5.4.0-1063.66+cvm3.2",
"5.4.0-1064.67+cvm1.1",
"5.4.0-1065.68+cvm2.1",
"5.4.0-1067.70+cvm1.1",
"5.4.0-1068.71+cvm1.1",
"5.4.0-1069.72+cvm1.1",
"5.4.0-1070.73+cvm1.1",
"5.4.0-1072.75+cvm1.1",
"5.4.0-1073.76+cvm1.1",
"5.4.0-1074.77+cvm1.1",
"5.4.0-1076.79+cvm1.1",
"5.4.0-1078.81+cvm1.1",
"5.4.0-1080.83+cvm1.1",
"5.4.0-1083.87+cvm1.1",
"5.4.0-1085.90+cvm1.1",
"5.4.0-1085.90+cvm2.1",
"5.4.0-1086.91+cvm1.1",
"5.4.0-1089.94+cvm1.2",
"5.4.0-1090.95+cvm1.1",
"5.4.0-1091.96+cvm1.1",
"5.4.0-1092.97+cvm1.1",
"5.4.0-1095.101+cvm1.1",
"5.4.0-1098.104+cvm1.1",
"5.4.0-1100.106+cvm1.1",
"5.4.0-1103.109+cvm1.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-5.15-cloud-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-azure-fde-5.15-headers-5.15.0-1116",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-azure-fde-5.15-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-modules-involflt-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-azure-fde-5.15",
"purl": "pkg:deb/ubuntu/linux-azure-fde-5.15@5.15.0-1116.125~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1019.24~20.04.1.1",
"5.15.0-1020.25~20.04.1.1",
"5.15.0-1021.26~20.04.1.1",
"5.15.0-1029.36~20.04.1.1",
"5.15.0-1030.37~20.04.1.1",
"5.15.0-1031.38~20.04.1.1",
"5.15.0-1033.40~20.04.1.1",
"5.15.0-1034.41~20.04.1.2",
"5.15.0-1035.42~20.04.1.1",
"5.15.0-1036.43~20.04.1.1",
"5.15.0-1037.44~20.04.1.1",
"5.15.0-1038.45~20.04.1.1",
"5.15.0-1039.46~20.04.1.1",
"5.15.0-1040.47~20.04.1.1",
"5.15.0-1041.48~20.04.1.1",
"5.15.0-1042.49~20.04.1.1",
"5.15.0-1043.50~20.04.1.1",
"5.15.0-1046.53~20.04.1.1",
"5.15.0-1047.54~20.04.1.1",
"5.15.0-1049.56~20.04.1.1",
"5.15.0-1050.57~20.04.1.1",
"5.15.0-1051.59~20.04.1.1",
"5.15.0-1052.60~20.04.1.1",
"5.15.0-1053.61~20.04.1.1",
"5.15.0-1054.62~20.04.1.1",
"5.15.0-1056.64~20.04.1.1",
"5.15.0-1057.65~20.04.1.1",
"5.15.0-1058.66~20.04.2.1",
"5.15.0-1059.67~20.04.1.1",
"5.15.0-1060.69~20.04.1.1",
"5.15.0-1061.70~20.04.1.1",
"5.15.0-1063.72~20.04.1.1",
"5.15.0-1064.73~20.04.1.1",
"5.15.0-1065.74~20.04.1.1",
"5.15.0-1067.76~20.04.1.1",
"5.15.0-1068.77~20.04.1.1",
"5.15.0-1070.79~20.04.1.1",
"5.15.0-1071.80~20.04.1.1",
"5.15.0-1072.81~20.04.1.1",
"5.15.0-1073.82~20.04.1.1",
"5.15.0-1074.83~20.04.1.1",
"5.15.0-1076.85~20.04.1.1",
"5.15.0-1078.87~20.04.1.1",
"5.15.0-1081.90~20.04.1.1",
"5.15.0-1082.91~20.04.1.1",
"5.15.0-1086.95~20.04.1.1",
"5.15.0-1087.96~20.04.1.1",
"5.15.0-1088.97~20.04.1.1",
"5.15.0-1089.98~20.04.1.1",
"5.15.0-1091.100~20.04.1.1",
"5.15.0-1094.103~20.04.1.1",
"5.15.0-1096.105~20.04.1.1",
"5.15.0-1097.106~20.04.1.1",
"5.15.0-1098.107~20.04.1.1",
"5.15.0-1102.111~20.04.1.1",
"5.15.0-1103.112~20.04.1.1",
"5.15.0-1111.120~20.04.1.1",
"5.15.0-1114.123~20.04.1",
"5.15.0-1116.125~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-bluefield-headers-5.4.0-1119",
"binary_version": "5.4.0-1119.126"
},
{
"binary_name": "linux-bluefield-tools-5.4.0-1119",
"binary_version": "5.4.0-1119.126"
},
{
"binary_name": "linux-buildinfo-5.4.0-1119-bluefield",
"binary_version": "5.4.0-1119.126"
},
{
"binary_name": "linux-headers-5.4.0-1119-bluefield",
"binary_version": "5.4.0-1119.126"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1119-bluefield",
"binary_version": "5.4.0-1119.126"
},
{
"binary_name": "linux-modules-5.4.0-1119-bluefield",
"binary_version": "5.4.0-1119.126"
},
{
"binary_name": "linux-tools-5.4.0-1119-bluefield",
"binary_version": "5.4.0-1119.126"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-bluefield",
"purl": "pkg:deb/ubuntu/linux-bluefield@5.4.0-1119.126?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1007.10",
"5.4.0-1011.14",
"5.4.0-1012.15",
"5.4.0-1013.16",
"5.4.0-1016.19",
"5.4.0-1019.22",
"5.4.0-1020.23",
"5.4.0-1021.24",
"5.4.0-1022.25",
"5.4.0-1023.26",
"5.4.0-1025.28",
"5.4.0-1026.29",
"5.4.0-1028.31",
"5.4.0-1030.33",
"5.4.0-1032.35",
"5.4.0-1035.38",
"5.4.0-1036.39",
"5.4.0-1040.44",
"5.4.0-1042.47",
"5.4.0-1044.49",
"5.4.0-1045.50",
"5.4.0-1046.51",
"5.4.0-1047.52",
"5.4.0-1049.55",
"5.4.0-1050.56",
"5.4.0-1054.60",
"5.4.0-1058.64",
"5.4.0-1059.65",
"5.4.0-1060.66",
"5.4.0-1062.68",
"5.4.0-1064.70",
"5.4.0-1065.71",
"5.4.0-1066.72",
"5.4.0-1068.74",
"5.4.0-1070.76",
"5.4.0-1071.77",
"5.4.0-1072.78",
"5.4.0-1073.79",
"5.4.0-1074.80",
"5.4.0-1075.81",
"5.4.0-1076.82",
"5.4.0-1077.83",
"5.4.0-1078.84",
"5.4.0-1079.85",
"5.4.0-1080.87",
"5.4.0-1081.88",
"5.4.0-1082.89",
"5.4.0-1083.90",
"5.4.0-1084.91",
"5.4.0-1085.92",
"5.4.0-1086.93",
"5.4.0-1087.94",
"5.4.0-1088.95",
"5.4.0-1089.96",
"5.4.0-1090.97",
"5.4.0-1091.98",
"5.4.0-1092.99",
"5.4.0-1093.100",
"5.4.0-1094.101",
"5.4.0-1095.102",
"5.4.0-1096.103",
"5.4.0-1097.104",
"5.4.0-1098.105",
"5.4.0-1099.106",
"5.4.0-1101.108",
"5.4.0-1102.109",
"5.4.0-1103.110",
"5.4.0-1105.112",
"5.4.0-1106.113",
"5.4.0-1107.114",
"5.4.0-1108.115",
"5.4.0-1109.116",
"5.4.0-1110.117",
"5.4.0-1111.118",
"5.4.0-1112.119",
"5.4.0-1116.123",
"5.4.0-1117.124",
"5.4.0-1118.125",
"5.4.0-1119.126"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172"
},
{
"binary_name": "linux-gcp-headers-5.4.0-1163",
"binary_version": "5.4.0-1163.172"
},
{
"binary_name": "linux-gcp-tools-5.4.0-1163",
"binary_version": "5.4.0-1163.172"
},
{
"binary_name": "linux-headers-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172"
},
{
"binary_name": "linux-modules-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172"
},
{
"binary_name": "linux-modules-extra-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172"
},
{
"binary_name": "linux-tools-5.4.0-1163-gcp",
"binary_version": "5.4.0-1163.172"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-gcp",
"purl": "pkg:deb/ubuntu/linux-gcp@5.4.0-1163.172?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1004.4",
"5.3.0-1009.10",
"5.3.0-1011.12",
"5.4.0-1005.5",
"5.4.0-1007.7",
"5.4.0-1008.8",
"5.4.0-1009.9",
"5.4.0-1011.11",
"5.4.0-1015.15",
"5.4.0-1018.18",
"5.4.0-1019.19",
"5.4.0-1021.21",
"5.4.0-1022.22",
"5.4.0-1024.24",
"5.4.0-1025.25",
"5.4.0-1028.29",
"5.4.0-1029.31",
"5.4.0-1030.32",
"5.4.0-1032.34",
"5.4.0-1033.35",
"5.4.0-1034.37",
"5.4.0-1036.39",
"5.4.0-1037.40",
"5.4.0-1038.41",
"5.4.0-1040.43",
"5.4.0-1041.44",
"5.4.0-1042.45",
"5.4.0-1043.46",
"5.4.0-1044.47",
"5.4.0-1046.49",
"5.4.0-1049.53",
"5.4.0-1051.55",
"5.4.0-1052.56",
"5.4.0-1053.57",
"5.4.0-1055.59",
"5.4.0-1056.60",
"5.4.0-1057.61",
"5.4.0-1058.62",
"5.4.0-1059.63",
"5.4.0-1060.64",
"5.4.0-1062.66",
"5.4.0-1063.67",
"5.4.0-1064.68",
"5.4.0-1065.69",
"5.4.0-1067.71",
"5.4.0-1068.72",
"5.4.0-1069.73",
"5.4.0-1072.77",
"5.4.0-1073.78",
"5.4.0-1075.80",
"5.4.0-1078.84",
"5.4.0-1080.87",
"5.4.0-1083.91",
"5.4.0-1084.92",
"5.4.0-1086.94",
"5.4.0-1087.95",
"5.4.0-1089.97",
"5.4.0-1090.98",
"5.4.0-1092.101",
"5.4.0-1093.102",
"5.4.0-1096.105",
"5.4.0-1097.106",
"5.4.0-1098.107",
"5.4.0-1100.109",
"5.4.0-1101.110",
"5.4.0-1102.111",
"5.4.0-1103.112",
"5.4.0-1104.113",
"5.4.0-1105.114",
"5.4.0-1106.115",
"5.4.0-1107.116",
"5.4.0-1108.117",
"5.4.0-1109.118",
"5.4.0-1110.119",
"5.4.0-1111.120",
"5.4.0-1112.121",
"5.4.0-1113.122",
"5.4.0-1115.124",
"5.4.0-1116.125",
"5.4.0-1117.126",
"5.4.0-1118.127",
"5.4.0-1120.129",
"5.4.0-1121.130",
"5.4.0-1122.131",
"5.4.0-1123.132",
"5.4.0-1124.133",
"5.4.0-1125.134",
"5.4.0-1126.135",
"5.4.0-1127.136",
"5.4.0-1128.137",
"5.4.0-1129.138",
"5.4.0-1130.139",
"5.4.0-1131.140",
"5.4.0-1132.141",
"5.4.0-1133.142",
"5.4.0-1134.143",
"5.4.0-1135.144",
"5.4.0-1136.145",
"5.4.0-1137.146",
"5.4.0-1138.147",
"5.4.0-1139.148",
"5.4.0-1140.149",
"5.4.0-1141.150",
"5.4.0-1142.151",
"5.4.0-1143.152",
"5.4.0-1145.154",
"5.4.0-1146.155",
"5.4.0-1147.156",
"5.4.0-1148.157",
"5.4.0-1149.158",
"5.4.0-1150.159",
"5.4.0-1151.160",
"5.4.0-1152.161",
"5.4.0-1153.162",
"5.4.0-1154.163",
"5.4.0-1155.164",
"5.4.0-1156.165",
"5.4.0-1157.166",
"5.4.0-1159.168",
"5.4.0-1160.169",
"5.4.0-1161.170",
"5.4.0-1162.171",
"5.4.0-1163.172"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.11.0-1029-gcp",
"binary_version": "5.11.0-1029.33~20.04.3"
},
{
"binary_name": "linux-gcp-5.11-headers-5.11.0-1029",
"binary_version": "5.11.0-1029.33~20.04.3"
},
{
"binary_name": "linux-gcp-5.11-tools-5.11.0-1029",
"binary_version": "5.11.0-1029.33~20.04.3"
},
{
"binary_name": "linux-headers-5.11.0-1029-gcp",
"binary_version": "5.11.0-1029.33~20.04.3"
},
{
"binary_name": "linux-image-unsigned-5.11.0-1029-gcp",
"binary_version": "5.11.0-1029.33~20.04.3"
},
{
"binary_name": "linux-modules-5.11.0-1029-gcp",
"binary_version": "5.11.0-1029.33~20.04.3"
},
{
"binary_name": "linux-modules-extra-5.11.0-1029-gcp",
"binary_version": "5.11.0-1029.33~20.04.3"
},
{
"binary_name": "linux-tools-5.11.0-1029-gcp",
"binary_version": "5.11.0-1029.33~20.04.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gcp-5.11",
"purl": "pkg:deb/ubuntu/linux-gcp-5.11@5.11.0-1029.33~20.04.3?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.11.0-1009.10~20.04.1",
"5.11.0-1014.16~20.04.1",
"5.11.0-1017.19~20.04.1",
"5.11.0-1018.20~20.04.2",
"5.11.0-1020.22~20.04.1",
"5.11.0-1021.23~20.04.1",
"5.11.0-1022.24~20.04.1",
"5.11.0-1023.25~20.04.1",
"5.11.0-1024.26~20.04.1",
"5.11.0-1026.29~20.04.1",
"5.11.0-1028.32~20.04.1",
"5.11.0-1029.33~20.04.3"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.13.0-1033-gcp",
"binary_version": "5.13.0-1033.40~20.04.1"
},
{
"binary_name": "linux-gcp-5.13-headers-5.13.0-1033",
"binary_version": "5.13.0-1033.40~20.04.1"
},
{
"binary_name": "linux-gcp-5.13-tools-5.13.0-1033",
"binary_version": "5.13.0-1033.40~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-1033-gcp",
"binary_version": "5.13.0-1033.40~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.13.0-1033-gcp",
"binary_version": "5.13.0-1033.40~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-1033-gcp",
"binary_version": "5.13.0-1033.40~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.13.0-1033-gcp",
"binary_version": "5.13.0-1033.40~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-1033-gcp",
"binary_version": "5.13.0-1033.40~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gcp-5.13",
"purl": "pkg:deb/ubuntu/linux-gcp-5.13@5.13.0-1033.40~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1008.9~20.04.3",
"5.13.0-1012.15~20.04.1",
"5.13.0-1013.16~20.04.1",
"5.13.0-1015.18~20.04.1",
"5.13.0-1019.23~20.04.1",
"5.13.0-1021.25~20.04.1",
"5.13.0-1023.28~20.04.1",
"5.13.0-1024.29~20.04.1",
"5.13.0-1025.30~20.04.1",
"5.13.0-1027.32~20.04.1",
"5.13.0-1030.36~20.04.1",
"5.13.0-1031.37~20.04.1",
"5.13.0-1033.40~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121~20.04.1"
},
{
"binary_name": "linux-gcp-5.15-headers-5.15.0-1111",
"binary_version": "5.15.0-1111.121~20.04.1"
},
{
"binary_name": "linux-gcp-5.15-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.121~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-gcp-5.15",
"purl": "pkg:deb/ubuntu/linux-gcp-5.15@5.15.0-1111.121~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1006.9~20.04.1",
"5.15.0-1012.17~20.04.1",
"5.15.0-1013.18~20.04.1",
"5.15.0-1016.21~20.04.1",
"5.15.0-1017.23~20.04.2",
"5.15.0-1018.24~20.04.1",
"5.15.0-1021.28~20.04.1",
"5.15.0-1022.29~20.04.1",
"5.15.0-1025.32~20.04.2",
"5.15.0-1026.33~20.04.1",
"5.15.0-1027.34~20.04.1",
"5.15.0-1029.36~20.04.1",
"5.15.0-1030.37~20.04.1",
"5.15.0-1031.38~20.04.1",
"5.15.0-1032.40~20.04.1",
"5.15.0-1033.41~20.04.1",
"5.15.0-1034.42~20.04.1",
"5.15.0-1035.43~20.04.1",
"5.15.0-1036.44~20.04.1",
"5.15.0-1037.45~20.04.1",
"5.15.0-1038.46~20.04.1",
"5.15.0-1039.47~20.04.1",
"5.15.0-1040.48~20.04.1",
"5.15.0-1041.49~20.04.1",
"5.15.0-1042.50~20.04.1",
"5.15.0-1044.52~20.04.1",
"5.15.0-1045.53~20.04.2",
"5.15.0-1046.54~20.04.1",
"5.15.0-1047.55~20.04.1",
"5.15.0-1048.56~20.04.1",
"5.15.0-1049.57~20.04.1",
"5.15.0-1051.59~20.04.1",
"5.15.0-1052.60~20.04.1",
"5.15.0-1053.61~20.04.1",
"5.15.0-1054.62~20.04.1",
"5.15.0-1055.63~20.04.1",
"5.15.0-1058.66~20.04.1",
"5.15.0-1059.67~20.04.1",
"5.15.0-1060.68~20.04.1",
"5.15.0-1062.70~20.04.1",
"5.15.0-1065.73~20.04.1",
"5.15.0-1066.74~20.04.1",
"5.15.0-1067.75~20.04.1",
"5.15.0-1068.76~20.04.1",
"5.15.0-1069.77~20.04.1",
"5.15.0-1070.78~20.04.1",
"5.15.0-1071.79~20.04.1",
"5.15.0-1072.80~20.04.1",
"5.15.0-1073.81~20.04.1",
"5.15.0-1074.83~20.04.1",
"5.15.0-1075.84~20.04.1",
"5.15.0-1077.86~20.04.1",
"5.15.0-1078.87~20.04.1",
"5.15.0-1081.90~20.04.1",
"5.15.0-1083.92~20.04.1",
"5.15.0-1085.94~20.04.1",
"5.15.0-1086.95~20.04.1",
"5.15.0-1087.96~20.04.2",
"5.15.0-1088.97~20.04.1",
"5.15.0-1090.99~20.04.1",
"5.15.0-1091.100~20.04.1",
"5.15.0-1092.101~20.04.1",
"5.15.0-1093.102~20.04.1",
"5.15.0-1095.104~20.04.1",
"5.15.0-1096.105~20.04.1",
"5.15.0-1097.106~20.04.1",
"5.15.0-1098.107~20.04.1",
"5.15.0-1099.108~20.04.1",
"5.15.0-1100.109~20.04.1",
"5.15.0-1101.110~20.04.1",
"5.15.0-1103.112~20.04.1",
"5.15.0-1104.113~20.04.1",
"5.15.0-1106.115~20.04.1",
"5.15.0-1108.117~20.04.1",
"5.15.0-1109.118~20.04.1",
"5.15.0-1111.121~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.8.0-1039-gcp",
"binary_version": "5.8.0-1039.41"
},
{
"binary_name": "linux-gcp-5.8-headers-5.8.0-1039",
"binary_version": "5.8.0-1039.41"
},
{
"binary_name": "linux-gcp-5.8-tools-5.8.0-1039",
"binary_version": "5.8.0-1039.41"
},
{
"binary_name": "linux-headers-5.8.0-1039-gcp",
"binary_version": "5.8.0-1039.41"
},
{
"binary_name": "linux-image-unsigned-5.8.0-1039-gcp",
"binary_version": "5.8.0-1039.41"
},
{
"binary_name": "linux-modules-5.8.0-1039-gcp",
"binary_version": "5.8.0-1039.41"
},
{
"binary_name": "linux-modules-extra-5.8.0-1039-gcp",
"binary_version": "5.8.0-1039.41"
},
{
"binary_name": "linux-tools-5.8.0-1039-gcp",
"binary_version": "5.8.0-1039.41"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gcp-5.8",
"purl": "pkg:deb/ubuntu/linux-gcp-5.8@5.8.0-1039.41?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.8.0-1032.34~20.04.1",
"5.8.0-1035.37~20.04.1",
"5.8.0-1038.40~20.04.1",
"5.8.0-1039.41"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-gke-headers-5.4.0-1105",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-gke-tools-5.4.0-1105",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-headers-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-modules-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-modules-extra-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
},
{
"binary_name": "linux-tools-5.4.0-1105-gke",
"binary_version": "5.4.0-1105.112"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gke",
"purl": "pkg:deb/ubuntu/linux-gke@5.4.0-1105.112?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1033.35",
"5.4.0-1035.37",
"5.4.0-1036.38",
"5.4.0-1037.39",
"5.4.0-1039.41",
"5.4.0-1041.43",
"5.4.0-1042.44",
"5.4.0-1043.45",
"5.4.0-1044.46",
"5.4.0-1046.48",
"5.4.0-1049.52",
"5.4.0-1051.54",
"5.4.0-1052.55",
"5.4.0-1053.56",
"5.4.0-1054.57",
"5.4.0-1055.58",
"5.4.0-1056.59",
"5.4.0-1057.60",
"5.4.0-1059.62",
"5.4.0-1061.64",
"5.4.0-1062.65",
"5.4.0-1063.66",
"5.4.0-1065.68",
"5.4.0-1066.69",
"5.4.0-1067.70",
"5.4.0-1068.71",
"5.4.0-1071.76",
"5.4.0-1072.77",
"5.4.0-1074.79",
"5.4.0-1076.82",
"5.4.0-1078.84",
"5.4.0-1080.86",
"5.4.0-1081.87",
"5.4.0-1083.89",
"5.4.0-1084.90",
"5.4.0-1086.93",
"5.4.0-1087.94",
"5.4.0-1090.97",
"5.4.0-1091.98",
"5.4.0-1094.101",
"5.4.0-1095.102",
"5.4.0-1096.103",
"5.4.0-1097.104",
"5.4.0-1098.105",
"5.4.0-1099.106",
"5.4.0-1100.107",
"5.4.0-1101.108",
"5.4.0-1102.109",
"5.4.0-1103.110",
"5.4.0-1104.111",
"5.4.0-1105.112"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1039-gke",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-gke-5.15-headers-5.15.0-1039",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-gke-5.15-tools-5.15.0-1039",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1039-gke",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1039-gke",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1039-gke",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1039-gke",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-1039-gke",
"binary_version": "5.15.0-1039.44~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1039-gke",
"binary_version": "5.15.0-1039.44~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gke-5.15",
"purl": "pkg:deb/ubuntu/linux-gke-5.15@5.15.0-1039.44~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1011.14~20.04.1",
"5.15.0-1014.17~20.04.1",
"5.15.0-1015.18~20.04.1",
"5.15.0-1016.19~20.04.1",
"5.15.0-1019.23~20.04.1",
"5.15.0-1020.25~20.04.1",
"5.15.0-1023.28~20.04.2",
"5.15.0-1027.32~20.04.1",
"5.15.0-1028.33~20.04.1",
"5.15.0-1029.34~20.04.1",
"5.15.0-1031.36~20.04.1",
"5.15.0-1032.37~20.04.1",
"5.15.0-1033.38~20.04.1",
"5.15.0-1034.39~20.04.1",
"5.15.0-1036.41~20.04.1",
"5.15.0-1037.42~20.04.1",
"5.15.0-1038.43~20.04.1",
"5.15.0-1039.44~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1102-gkeop",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1102-gkeop",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-gkeop-cloud-tools-5.4.0-1102",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-gkeop-headers-5.4.0-1102",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-gkeop-source-5.4.0",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-gkeop-tools-5.4.0-1102",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-headers-5.4.0-1102-gkeop",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1102-gkeop",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-modules-5.4.0-1102-gkeop",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-modules-extra-5.4.0-1102-gkeop",
"binary_version": "5.4.0-1102.106"
},
{
"binary_name": "linux-tools-5.4.0-1102-gkeop",
"binary_version": "5.4.0-1102.106"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gkeop",
"purl": "pkg:deb/ubuntu/linux-gkeop@5.4.0-1102.106?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1008.9",
"5.4.0-1009.10",
"5.4.0-1010.11",
"5.4.0-1011.12",
"5.4.0-1012.13",
"5.4.0-1013.14",
"5.4.0-1014.15",
"5.4.0-1015.16",
"5.4.0-1016.17",
"5.4.0-1018.19",
"5.4.0-1021.22",
"5.4.0-1022.23",
"5.4.0-1023.24",
"5.4.0-1024.25",
"5.4.0-1025.26",
"5.4.0-1026.27",
"5.4.0-1027.28",
"5.4.0-1029.30",
"5.4.0-1031.32",
"5.4.0-1032.33",
"5.4.0-1033.34",
"5.4.0-1034.35",
"5.4.0-1036.37",
"5.4.0-1037.38",
"5.4.0-1038.39",
"5.4.0-1039.40",
"5.4.0-1040.41",
"5.4.0-1043.44",
"5.4.0-1046.48",
"5.4.0-1048.51",
"5.4.0-1049.52",
"5.4.0-1051.54",
"5.4.0-1052.55",
"5.4.0-1053.56",
"5.4.0-1054.57",
"5.4.0-1056.60",
"5.4.0-1057.61",
"5.4.0-1060.64",
"5.4.0-1061.65",
"5.4.0-1062.66",
"5.4.0-1064.68",
"5.4.0-1065.69",
"5.4.0-1066.70",
"5.4.0-1067.71",
"5.4.0-1068.72",
"5.4.0-1069.73",
"5.4.0-1070.74",
"5.4.0-1071.75",
"5.4.0-1072.76",
"5.4.0-1073.77",
"5.4.0-1074.78",
"5.4.0-1075.79",
"5.4.0-1076.80",
"5.4.0-1077.81",
"5.4.0-1078.82",
"5.4.0-1079.83",
"5.4.0-1080.84",
"5.4.0-1081.85",
"5.4.0-1083.87",
"5.4.0-1084.88",
"5.4.0-1085.89",
"5.4.0-1086.90",
"5.4.0-1087.91",
"5.4.0-1088.92",
"5.4.0-1089.93",
"5.4.0-1090.94",
"5.4.0-1091.95",
"5.4.0-1092.96",
"5.4.0-1093.97",
"5.4.0-1094.98",
"5.4.0-1095.99",
"5.4.0-1096.100",
"5.4.0-1097.101",
"5.4.0-1098.102",
"5.4.0-1099.103",
"5.4.0-1100.104",
"5.4.0-1101.105",
"5.4.0-1102.106"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1055-gkeop",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1055-gkeop",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-gkeop-5.15-cloud-tools-5.15.0-1055",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-gkeop-5.15-headers-5.15.0-1055",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-gkeop-5.15-tools-5.15.0-1055",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1055-gkeop",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1055-gkeop",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1055-gkeop",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1055-gkeop",
"binary_version": "5.15.0-1055.62~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1055-gkeop",
"binary_version": "5.15.0-1055.62~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-gkeop-5.15",
"purl": "pkg:deb/ubuntu/linux-gkeop-5.15@5.15.0-1055.62~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1003.5~20.04.2",
"5.15.0-1005.7~20.04.1",
"5.15.0-1007.10~20.04.1",
"5.15.0-1008.12~20.04.1",
"5.15.0-1011.15~20.04.2",
"5.15.0-1012.16~20.04.1",
"5.15.0-1013.17~20.04.1",
"5.15.0-1015.19~20.04.1",
"5.15.0-1016.21~20.04.1",
"5.15.0-1017.22~20.04.1",
"5.15.0-1018.23~20.04.1",
"5.15.0-1019.24~20.04.1",
"5.15.0-1020.25~20.04.1",
"5.15.0-1021.26~20.04.1",
"5.15.0-1022.27~20.04.1",
"5.15.0-1023.28~20.04.1",
"5.15.0-1024.29~20.04.1",
"5.15.0-1025.30~20.04.1",
"5.15.0-1026.31~20.04.1",
"5.15.0-1027.32~20.04.1",
"5.15.0-1028.33~20.04.1",
"5.15.0-1030.35~20.04.1",
"5.15.0-1031.37~20.04.1",
"5.15.0-1032.38~20.04.1",
"5.15.0-1033.39~20.04.1",
"5.15.0-1034.40~20.04.1",
"5.15.0-1035.41~20.04.1",
"5.15.0-1036.42~20.04.1",
"5.15.0-1037.43~20.04.1",
"5.15.0-1038.44~20.04.1",
"5.15.0-1039.45~20.04.1",
"5.15.0-1040.46~20.04.1",
"5.15.0-1043.50~20.04.1",
"5.15.0-1044.51~20.04.1",
"5.15.0-1045.52~20.04.1",
"5.15.0-1046.53~20.04.1",
"5.15.0-1047.54~20.04.1",
"5.15.0-1048.55~20.04.1",
"5.15.0-1049.56~20.04.1",
"5.15.0-1050.57~20.04.1",
"5.15.0-1051.58~20.04.1",
"5.15.0-1052.59~20.04.1",
"5.15.0-1053.60~20.04.1",
"5.15.0-1054.61~20.04.1",
"5.15.0-1055.62~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "block-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "block-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "crypto-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "crypto-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "crypto-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "dasd-extra-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "dasd-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fat-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fat-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fat-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fb-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "firewire-core-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "floppy-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fs-core-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fs-core-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fs-core-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "input-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "input-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "input-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "ipmi-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "ipmi-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "ipmi-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "kernel-image-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "kernel-image-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "kernel-image-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.11.0-46-generic-64k",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.11.0-46-generic-lpae",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.11.0-46-lowlatency",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.11.0-46-lowlatency",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-headers-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-headers-5.11.0-46-generic-64k",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-headers-5.11.0-46-generic-lpae",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-headers-5.11.0-46-lowlatency",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-cloud-tools-5.11.0-46",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-cloud-tools-common",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-headers-5.11.0-46",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-source-5.11.0",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-tools-5.11.0-46",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-tools-common",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-tools-host",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-udebs-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-udebs-generic-64k",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-hwe-5.11-udebs-generic-lpae",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-image-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-image-5.11.0-46-generic-lpae",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.11.0-46-generic-64k",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.11.0-46-lowlatency",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-modules-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-modules-5.11.0-46-generic-64k",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-modules-5.11.0-46-generic-lpae",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-modules-5.11.0-46-lowlatency",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-tools-5.11.0-46-generic",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-tools-5.11.0-46-generic-64k",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-tools-5.11.0-46-generic-lpae",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "linux-tools-5.11.0-46-lowlatency",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "md-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "md-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "md-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "message-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "message-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "mouse-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "mouse-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "mouse-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "multipath-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "multipath-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "multipath-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nfs-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nfs-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nfs-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-pcmcia-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "parport-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "parport-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "parport-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "pata-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "pcmcia-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "pcmcia-storage-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "plip-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "plip-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "plip-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "ppp-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "ppp-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "ppp-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "sata-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "sata-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "sata-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "scsi-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "scsi-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "scsi-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "serial-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "storage-core-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "storage-core-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "storage-core-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "usb-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "usb-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "usb-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "virtio-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "virtio-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "vlan-modules-5.11.0-46-generic-64k-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "vlan-modules-5.11.0-46-generic-di",
"binary_version": "5.11.0-46.51~20.04.1"
},
{
"binary_name": "vlan-modules-5.11.0-46-generic-lpae-di",
"binary_version": "5.11.0-46.51~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-hwe-5.11",
"purl": "pkg:deb/ubuntu/linux-hwe-5.11@5.11.0-46.51~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.11.0-22.23~20.04.1",
"5.11.0-25.27~20.04.1",
"5.11.0-27.29~20.04.1",
"5.11.0-34.36~20.04.1",
"5.11.0-36.40~20.04.1",
"5.11.0-37.41~20.04.2",
"5.11.0-38.42~20.04.1",
"5.11.0-40.44~20.04.2",
"5.11.0-41.45~20.04.1",
"5.11.0-43.47~20.04.2",
"5.11.0-44.48~20.04.2",
"5.11.0-46.51~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "block-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "block-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "crypto-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "crypto-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "crypto-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "dasd-extra-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "dasd-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fat-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fat-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fat-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fb-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "firewire-core-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "floppy-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fs-core-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fs-core-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fs-core-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "input-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "input-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "input-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "ipmi-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "ipmi-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "ipmi-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "kernel-image-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "kernel-image-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "kernel-image-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.13.0-52-generic-64k",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.13.0-52-generic-lpae",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.13.0-52-lowlatency",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.13.0-52-lowlatency",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-52-generic-64k",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-52-generic-lpae",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-52-lowlatency",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-cloud-tools-5.13.0-52",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-cloud-tools-common",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-headers-5.13.0-52",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-source-5.13.0",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-tools-5.13.0-52",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-tools-common",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-tools-host",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-udebs-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-udebs-generic-64k",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-hwe-5.13-udebs-generic-lpae",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-image-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-image-5.13.0-52-generic-lpae",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.13.0-52-generic-64k",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.13.0-52-lowlatency",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-52-generic-64k",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-52-generic-lpae",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-52-lowlatency",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-52-generic",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-52-generic-64k",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-52-generic-lpae",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-52-lowlatency",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "md-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "md-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "md-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "message-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "message-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "mouse-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "mouse-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "mouse-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "multipath-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "multipath-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "multipath-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nfs-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nfs-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nfs-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-pcmcia-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "parport-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "parport-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "parport-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "pata-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "pcmcia-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "pcmcia-storage-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "plip-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "plip-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "plip-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "ppp-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "ppp-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "ppp-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "sata-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "sata-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "sata-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "scsi-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "scsi-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "scsi-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "serial-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "storage-core-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "storage-core-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "storage-core-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "usb-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "usb-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "usb-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "virtio-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "virtio-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "vlan-modules-5.13.0-52-generic-64k-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "vlan-modules-5.13.0-52-generic-di",
"binary_version": "5.13.0-52.59~20.04.1"
},
{
"binary_name": "vlan-modules-5.13.0-52-generic-lpae-di",
"binary_version": "5.13.0-52.59~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-hwe-5.13",
"purl": "pkg:deb/ubuntu/linux-hwe-5.13@5.13.0-52.59~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-21.21~20.04.1",
"5.13.0-22.22~20.04.1",
"5.13.0-23.23~20.04.2",
"5.13.0-25.26~20.04.1",
"5.13.0-27.29~20.04.1",
"5.13.0-28.31~20.04.1",
"5.13.0-30.33~20.04.1",
"5.13.0-35.40~20.04.1",
"5.13.0-37.42~20.04.1",
"5.13.0-39.44~20.04.1",
"5.13.0-40.45~20.04.1",
"5.13.0-41.46~20.04.1",
"5.13.0-44.49~20.04.1",
"5.13.0-48.54~20.04.1",
"5.13.0-51.58~20.04.1",
"5.13.0-52.59~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-hwe-5.15-cloud-tools-5.15.0-185",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-hwe-5.15-headers-5.15.0-185",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-hwe-5.15-tools-5.15.0-185",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-image-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-image-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-185-generic",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-hwe-5.15",
"purl": "pkg:deb/ubuntu/linux-hwe-5.15@5.15.0-185.195~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-33.34~20.04.1",
"5.15.0-41.44~20.04.1",
"5.15.0-43.46~20.04.1",
"5.15.0-46.49~20.04.1",
"5.15.0-48.54~20.04.1",
"5.15.0-50.56~20.04.1",
"5.15.0-52.58~20.04.1",
"5.15.0-53.59~20.04.1",
"5.15.0-56.62~20.04.1",
"5.15.0-57.63~20.04.1",
"5.15.0-58.64~20.04.1",
"5.15.0-60.66~20.04.1",
"5.15.0-67.74~20.04.1",
"5.15.0-69.76~20.04.1",
"5.15.0-70.77~20.04.1",
"5.15.0-71.78~20.04.1",
"5.15.0-72.79~20.04.1",
"5.15.0-73.80~20.04.1",
"5.15.0-75.82~20.04.1",
"5.15.0-76.83~20.04.1",
"5.15.0-78.85~20.04.1",
"5.15.0-79.86~20.04.2",
"5.15.0-82.91~20.04.1",
"5.15.0-83.92~20.04.1",
"5.15.0-84.93~20.04.1",
"5.15.0-86.96~20.04.1",
"5.15.0-87.97~20.04.1",
"5.15.0-88.98~20.04.1",
"5.15.0-89.99~20.04.1",
"5.15.0-91.101~20.04.1",
"5.15.0-92.102~20.04.1",
"5.15.0-94.104~20.04.1",
"5.15.0-97.107~20.04.1",
"5.15.0-100.110~20.04.1",
"5.15.0-101.111~20.04.1",
"5.15.0-102.112~20.04.1",
"5.15.0-105.115~20.04.1",
"5.15.0-106.116~20.04.1",
"5.15.0-107.117~20.04.1",
"5.15.0-113.123~20.04.1",
"5.15.0-116.126~20.04.1",
"5.15.0-117.127~20.04.1",
"5.15.0-118.128~20.04.1",
"5.15.0-119.129~20.04.1",
"5.15.0-121.131~20.04.1",
"5.15.0-122.132~20.04.1",
"5.15.0-124.134~20.04.1",
"5.15.0-125.135~20.04.1",
"5.15.0-126.136~20.04.1",
"5.15.0-127.137~20.04.1",
"5.15.0-130.140~20.04.1",
"5.15.0-131.141~20.04.1",
"5.15.0-134.145~20.04.1",
"5.15.0-136.147~20.04.1",
"5.15.0-138.148~20.04.1",
"5.15.0-139.149~20.04.1",
"5.15.0-142.152~20.04.1",
"5.15.0-143.153~20.04.1",
"5.15.0-144.157~20.04.1",
"5.15.0-145.158~20.04.1",
"5.15.0-151.161~20.04.1",
"5.15.0-152.162~20.04.1",
"5.15.0-153.163~20.04.1",
"5.15.0-156.166~20.04.1",
"5.15.0-157.167~20.04.1",
"5.15.0-160.170~20.04.1",
"5.15.0-161.171~20.04.1",
"5.15.0-163.173~20.04.1",
"5.15.0-164.174~20.04.1",
"5.15.0-168.178~20.04.1",
"5.15.0-170.180~20.04.3",
"5.15.0-171.181~20.04.1",
"5.15.0-173.183~20.04.1",
"5.15.0-176.186~20.04.1",
"5.15.0-177.187~20.04.1",
"5.15.0-179.189~20.04.1",
"5.15.0-181.191~20.04.1",
"5.15.0-185.195~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "block-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "block-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "crypto-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "crypto-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "crypto-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "dasd-extra-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "dasd-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fat-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fat-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fat-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fb-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "firewire-core-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "floppy-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fs-core-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fs-core-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fs-core-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "input-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "input-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "input-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "ipmi-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "ipmi-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "ipmi-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "kernel-image-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "kernel-image-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "kernel-image-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.8.0-63-generic-64k",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.8.0-63-generic-lpae",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.8.0-63-lowlatency",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.8.0-63-lowlatency",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-63-generic-64k",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-63-generic-lpae",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-63-lowlatency",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-cloud-tools-5.8.0-63",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-cloud-tools-common",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-headers-5.8.0-63",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-source-5.8.0",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-tools-5.8.0-63",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-tools-common",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-tools-host",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-udebs-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-udebs-generic-64k",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-hwe-5.8-udebs-generic-lpae",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-image-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-image-5.8.0-63-generic-lpae",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.8.0-63-generic-64k",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.8.0-63-lowlatency",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-63-generic-64k",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-63-generic-lpae",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-63-lowlatency",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-63-generic",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-63-generic-64k",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-63-generic-lpae",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-63-lowlatency",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "md-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "md-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "md-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "message-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "message-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "mouse-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "mouse-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "mouse-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "multipath-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "multipath-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "multipath-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nfs-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nfs-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nfs-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-pcmcia-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "parport-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "parport-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "parport-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "pata-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "pcmcia-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "pcmcia-storage-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "plip-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "plip-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "plip-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "ppp-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "ppp-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "ppp-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "sata-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "sata-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "sata-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "scsi-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "scsi-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "scsi-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "serial-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "storage-core-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "storage-core-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "storage-core-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "usb-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "usb-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "usb-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "virtio-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "virtio-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "vlan-modules-5.8.0-63-generic-64k-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "vlan-modules-5.8.0-63-generic-di",
"binary_version": "5.8.0-63.71~20.04.1"
},
{
"binary_name": "vlan-modules-5.8.0-63-generic-lpae-di",
"binary_version": "5.8.0-63.71~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-hwe-5.8",
"purl": "pkg:deb/ubuntu/linux-hwe-5.8@5.8.0-63.71~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.8.0-23.24~20.04.1",
"5.8.0-25.26~20.04.1",
"5.8.0-28.30~20.04.1",
"5.8.0-29.31~20.04.1",
"5.8.0-31.33~20.04.1",
"5.8.0-33.36~20.04.1",
"5.8.0-34.37~20.04.2",
"5.8.0-36.40~20.04.1",
"5.8.0-38.43~20.04.1",
"5.8.0-40.45~20.04.1",
"5.8.0-41.46~20.04.1",
"5.8.0-43.49~20.04.1",
"5.8.0-44.50~20.04.1",
"5.8.0-45.51~20.04.1",
"5.8.0-48.54~20.04.1",
"5.8.0-49.55~20.04.1",
"5.8.0-50.56~20.04.1",
"5.8.0-53.60~20.04.1",
"5.8.0-55.62~20.04.1",
"5.8.0-59.66~20.04.1",
"5.8.0-63.71~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-headers-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-ibm-cloud-tools-common",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-ibm-headers-5.4.0-1105",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-ibm-source-5.4.0",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-ibm-tools-5.4.0-1105",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-ibm-tools-common",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-modules-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-modules-extra-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110"
},
{
"binary_name": "linux-tools-5.4.0-1105-ibm",
"binary_version": "5.4.0-1105.110"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-ibm",
"purl": "pkg:deb/ubuntu/linux-ibm@5.4.0-1105.110?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1003.4",
"5.4.0-1004.5",
"5.4.0-1005.6",
"5.4.0-1006.7",
"5.4.0-1007.8",
"5.4.0-1008.9",
"5.4.0-1010.11",
"5.4.0-1012.13",
"5.4.0-1013.14",
"5.4.0-1014.15",
"5.4.0-1015.16",
"5.4.0-1017.19",
"5.4.0-1018.20",
"5.4.0-1019.21",
"5.4.0-1020.22",
"5.4.0-1021.23",
"5.4.0-1023.25",
"5.4.0-1026.29",
"5.4.0-1028.32",
"5.4.0-1029.33",
"5.4.0-1031.35",
"5.4.0-1032.36",
"5.4.0-1033.37",
"5.4.0-1034.38",
"5.4.0-1036.41",
"5.4.0-1037.42",
"5.4.0-1040.45",
"5.4.0-1041.46",
"5.4.0-1042.47",
"5.4.0-1044.49",
"5.4.0-1045.50",
"5.4.0-1046.51",
"5.4.0-1047.52",
"5.4.0-1048.53",
"5.4.0-1049.54",
"5.4.0-1050.55",
"5.4.0-1051.56",
"5.4.0-1052.57",
"5.4.0-1053.58",
"5.4.0-1054.59",
"5.4.0-1056.61",
"5.4.0-1057.62",
"5.4.0-1058.63",
"5.4.0-1059.64",
"5.4.0-1060.65",
"5.4.0-1061.66",
"5.4.0-1063.68",
"5.4.0-1064.69",
"5.4.0-1065.70",
"5.4.0-1066.71",
"5.4.0-1067.72",
"5.4.0-1068.73",
"5.4.0-1069.74",
"5.4.0-1070.75",
"5.4.0-1071.76",
"5.4.0-1072.77",
"5.4.0-1073.78",
"5.4.0-1074.79",
"5.4.0-1075.80",
"5.4.0-1076.81",
"5.4.0-1077.82",
"5.4.0-1078.83",
"5.4.0-1079.84",
"5.4.0-1080.85",
"5.4.0-1081.86",
"5.4.0-1082.87",
"5.4.0-1083.88",
"5.4.0-1084.89",
"5.4.0-1085.90",
"5.4.0-1086.91",
"5.4.0-1088.93",
"5.4.0-1089.94",
"5.4.0-1090.95",
"5.4.0-1091.96",
"5.4.0-1092.97",
"5.4.0-1093.98",
"5.4.0-1094.99",
"5.4.0-1095.100",
"5.4.0-1096.101",
"5.4.0-1097.102",
"5.4.0-1098.103",
"5.4.0-1099.104",
"5.4.0-1100.105",
"5.4.0-1102.107",
"5.4.0-1103.108",
"5.4.0-1104.109",
"5.4.0-1105.110"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-ibm-5.15-headers-5.15.0-1105",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-ibm-5.15-source-5.15.0",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-ibm-5.15-tools-5.15.0-1105",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-ibm-5.15",
"purl": "pkg:deb/ubuntu/linux-ibm-5.15@5.15.0-1105.109~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1033.36~20.04.1",
"5.15.0-1034.37~20.04.1",
"5.15.0-1035.38~20.04.1",
"5.15.0-1036.39~20.04.1",
"5.15.0-1037.40~20.04.1",
"5.15.0-1038.41~20.04.1",
"5.15.0-1040.43~20.04.1",
"5.15.0-1041.44~20.04.1",
"5.15.0-1042.45~20.04.1",
"5.15.0-1043.46~20.04.1",
"5.15.0-1044.47~20.04.1",
"5.15.0-1045.48~20.04.1",
"5.15.0-1046.49~20.04.1",
"5.15.0-1047.50~20.04.1",
"5.15.0-1048.51~20.04.1",
"5.15.0-1049.52~20.04.1",
"5.15.0-1050.53~20.04.1",
"5.15.0-1053.56~20.04.1",
"5.15.0-1054.57~20.04.1",
"5.15.0-1055.58~20.04.1",
"5.15.0-1057.60~20.04.1",
"5.15.0-1058.61~20.04.1",
"5.15.0-1059.62~20.04.1",
"5.15.0-1060.63~20.04.1",
"5.15.0-1061.64~20.04.1",
"5.15.0-1062.65~20.04.1",
"5.15.0-1063.66~20.04.1",
"5.15.0-1064.67~20.04.1",
"5.15.0-1065.68~20.04.1",
"5.15.0-1066.69~20.04.1",
"5.15.0-1067.70~20.04.1",
"5.15.0-1068.71~20.04.1",
"5.15.0-1069.72~20.04.1",
"5.15.0-1074.77~20.04.1",
"5.15.0-1075.78~20.04.1",
"5.15.0-1076.79~20.04.1",
"5.15.0-1078.81~20.04.1",
"5.15.0-1079.82~20.04.1",
"5.15.0-1080.83~20.04.1",
"5.15.0-1081.84~20.04.1",
"5.15.0-1083.86~20.04.1",
"5.15.0-1085.88~20.04.1",
"5.15.0-1086.89~20.04.1",
"5.15.0-1087.90~20.04.1",
"5.15.0-1089.92~20.04.1",
"5.15.0-1090.93~20.04.1",
"5.15.0-1091.94~20.04.1",
"5.15.0-1092.95~20.04.1",
"5.15.0-1093.96~20.04.1",
"5.15.0-1094.97~20.04.1",
"5.15.0-1095.98~20.04.1",
"5.15.0-1097.100~20.04.1",
"5.15.0-1098.101~20.04.1",
"5.15.0-1099.102~20.04.1",
"5.15.0-1100.103~20.04.1",
"5.15.0-1102.105~20.04.1",
"5.15.0-1103.106~20.04.1",
"5.15.0-1105.109~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.13.0-1017-intel",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-cloud-tools-5.13.0-1017-intel",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-headers-5.13.0-1017-intel",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-image-unsigned-5.13.0-1017-intel",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-intel-5.13-cloud-tools-5.13.0-1017",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-intel-5.13-cloud-tools-common",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-intel-5.13-headers-5.13.0-1017",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-intel-5.13-source-5.13.0",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-intel-5.13-tools-5.13.0-1017",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-intel-5.13-tools-common",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-intel-5.13-tools-host",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-modules-5.13.0-1017-intel",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-modules-extra-5.13.0-1017-intel",
"binary_version": "5.13.0-1017.19"
},
{
"binary_name": "linux-tools-5.13.0-1017-intel",
"binary_version": "5.13.0-1017.19"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-intel-5.13",
"purl": "pkg:deb/ubuntu/linux-intel-5.13@5.13.0-1017.19?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1007.7",
"5.13.0-1008.8",
"5.13.0-1009.9",
"5.13.0-1010.10",
"5.13.0-1011.11",
"5.13.0-1014.15",
"5.13.0-1017.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-intel-iotg-5.15-cloud-tools-5.15.0-1106",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-intel-iotg-5.15-cloud-tools-common",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-intel-iotg-5.15-headers-5.15.0-1106",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-intel-iotg-5.15-tools-5.15.0-1106",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-intel-iotg-5.15-tools-common",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-intel-iotg-5.15-tools-host",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-intel-iotg-5.15",
"purl": "pkg:deb/ubuntu/linux-intel-iotg-5.15@5.15.0-1106.112~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1003.5~20.04.1",
"5.15.0-1008.11~20.04.1",
"5.15.0-1010.14~20.04.1",
"5.15.0-1015.20~20.04.2",
"5.15.0-1016.21~20.04.1",
"5.15.0-1017.22~20.04.1",
"5.15.0-1018.23~20.04.1",
"5.15.0-1021.26~20.04.1",
"5.15.0-1023.28~20.04.1",
"5.15.0-1025.30~20.04.1",
"5.15.0-1026.31~20.04.1",
"5.15.0-1027.32~20.04.1",
"5.15.0-1030.35~20.04.1",
"5.15.0-1031.36~20.04.1",
"5.15.0-1033.38~20.04.1",
"5.15.0-1034.39~20.04.1",
"5.15.0-1036.41~20.04.1",
"5.15.0-1037.42~20.04.1",
"5.15.0-1038.43~20.04.1",
"5.15.0-1040.46~20.04.1",
"5.15.0-1043.49~20.04.1",
"5.15.0-1045.51~20.04.1",
"5.15.0-1046.52~20.04.1",
"5.15.0-1048.54~20.04.1",
"5.15.0-1049.55~20.04.1",
"5.15.0-1050.56~20.04.1",
"5.15.0-1051.57~20.04.1",
"5.15.0-1052.58~20.04.1",
"5.15.0-1055.61~20.04.1",
"5.15.0-1058.64~20.04.1",
"5.15.0-1059.65~20.04.1",
"5.15.0-1060.66~20.04.1",
"5.15.0-1061.67~20.04.1",
"5.15.0-1062.68~20.04.1",
"5.15.0-1063.69~20.04.1",
"5.15.0-1064.70~20.04.1",
"5.15.0-1065.71~20.04.1",
"5.15.0-1066.72~20.04.1",
"5.15.0-1067.73~20.04.1",
"5.15.0-1071.77~20.04.1",
"5.15.0-1072.78~20.04.1",
"5.15.0-1073.79~20.04.2",
"5.15.0-1074.80~20.04.1",
"5.15.0-1077.83~20.04.1",
"5.15.0-1078.84~20.04.1",
"5.15.0-1079.85~20.04.1",
"5.15.0-1083.89~20.04.1",
"5.15.0-1084.90~20.04.1",
"5.15.0-1085.91~20.04.1",
"5.15.0-1086.92~20.04.1",
"5.15.0-1087.93~20.04.1",
"5.15.0-1088.94~20.04.1",
"5.15.0-1090.96~20.04.1",
"5.15.0-1091.97~20.04.1",
"5.15.0-1092.98~20.04.1",
"5.15.0-1093.99~20.04.1",
"5.15.0-1094.100~20.04.1",
"5.15.0-1095.101~20.04.1",
"5.15.0-1096.102~20.04.1",
"5.15.0-1098.104~20.04.1",
"5.15.0-1099.105~20.04.1",
"5.15.0-1100.106~20.04.1",
"5.15.0-1101.107~20.04.1",
"5.15.0-1103.109~20.04.1",
"5.15.0-1104.110~20.04.1",
"5.15.0-1106.112~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1064-iot",
"binary_version": "5.4.0-1064.67"
},
{
"binary_name": "linux-headers-5.4.0-1064-iot",
"binary_version": "5.4.0-1064.67"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1064-iot",
"binary_version": "5.4.0-1064.67"
},
{
"binary_name": "linux-iot-headers-5.4.0-1064",
"binary_version": "5.4.0-1064.67"
},
{
"binary_name": "linux-iot-tools-5.4.0-1064",
"binary_version": "5.4.0-1064.67"
},
{
"binary_name": "linux-modules-5.4.0-1064-iot",
"binary_version": "5.4.0-1064.67"
},
{
"binary_name": "linux-tools-5.4.0-1064-iot",
"binary_version": "5.4.0-1064.67"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-iot",
"purl": "pkg:deb/ubuntu/linux-iot@5.4.0-1064.67?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1001.3",
"5.4.0-1004.6",
"5.4.0-1005.7",
"5.4.0-1006.8",
"5.4.0-1009.11",
"5.4.0-1010.12",
"5.4.0-1011.13",
"5.4.0-1012.14",
"5.4.0-1013.15",
"5.4.0-1014.16",
"5.4.0-1017.18",
"5.4.0-1018.19",
"5.4.0-1019.20",
"5.4.0-1021.22",
"5.4.0-1022.23",
"5.4.0-1023.24",
"5.4.0-1024.25",
"5.4.0-1025.26",
"5.4.0-1026.27",
"5.4.0-1028.29",
"5.4.0-1029.30",
"5.4.0-1030.31",
"5.4.0-1031.32",
"5.4.0-1032.33",
"5.4.0-1033.34",
"5.4.0-1034.35",
"5.4.0-1035.36",
"5.4.0-1036.37",
"5.4.0-1037.38",
"5.4.0-1038.39",
"5.4.0-1039.40",
"5.4.0-1040.41",
"5.4.0-1041.42",
"5.4.0-1042.43",
"5.4.0-1043.44",
"5.4.0-1044.45",
"5.4.0-1045.46",
"5.4.0-1048.51",
"5.4.0-1049.52",
"5.4.0-1051.54",
"5.4.0-1052.55",
"5.4.0-1053.56",
"5.4.0-1054.57",
"5.4.0-1055.58",
"5.4.0-1056.59",
"5.4.0-1057.60",
"5.4.0-1058.61",
"5.4.0-1060.63",
"5.4.0-1061.64",
"5.4.0-1062.65",
"5.4.0-1063.66",
"5.4.0-1064.67"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1147-kvm",
"binary_version": "5.4.0-1147.156"
},
{
"binary_name": "linux-headers-5.4.0-1147-kvm",
"binary_version": "5.4.0-1147.156"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1147-kvm",
"binary_version": "5.4.0-1147.156"
},
{
"binary_name": "linux-kvm-headers-5.4.0-1147",
"binary_version": "5.4.0-1147.156"
},
{
"binary_name": "linux-kvm-tools-5.4.0-1147",
"binary_version": "5.4.0-1147.156"
},
{
"binary_name": "linux-modules-5.4.0-1147-kvm",
"binary_version": "5.4.0-1147.156"
},
{
"binary_name": "linux-tools-5.4.0-1147-kvm",
"binary_version": "5.4.0-1147.156"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-kvm",
"purl": "pkg:deb/ubuntu/linux-kvm@5.4.0-1147.156?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1003.3",
"5.3.0-1008.9",
"5.3.0-1009.10",
"5.4.0-1004.4",
"5.4.0-1006.6",
"5.4.0-1007.7",
"5.4.0-1008.8",
"5.4.0-1009.9",
"5.4.0-1011.11",
"5.4.0-1015.15",
"5.4.0-1018.18",
"5.4.0-1020.20",
"5.4.0-1021.21",
"5.4.0-1023.23",
"5.4.0-1024.24",
"5.4.0-1026.27",
"5.4.0-1028.29",
"5.4.0-1030.31",
"5.4.0-1031.32",
"5.4.0-1032.33",
"5.4.0-1033.34",
"5.4.0-1034.35",
"5.4.0-1036.37",
"5.4.0-1037.38",
"5.4.0-1038.39",
"5.4.0-1039.40",
"5.4.0-1040.41",
"5.4.0-1041.42",
"5.4.0-1044.46",
"5.4.0-1045.47",
"5.4.0-1046.48",
"5.4.0-1047.49",
"5.4.0-1048.50",
"5.4.0-1049.51",
"5.4.0-1050.52",
"5.4.0-1051.53",
"5.4.0-1053.55",
"5.4.0-1054.56",
"5.4.0-1055.57",
"5.4.0-1056.58",
"5.4.0-1058.61",
"5.4.0-1059.62",
"5.4.0-1061.64",
"5.4.0-1062.65",
"5.4.0-1063.66",
"5.4.0-1065.68",
"5.4.0-1068.72",
"5.4.0-1070.75",
"5.4.0-1071.76",
"5.4.0-1073.78",
"5.4.0-1074.79",
"5.4.0-1075.80",
"5.4.0-1076.81",
"5.4.0-1078.84",
"5.4.0-1079.85",
"5.4.0-1082.88",
"5.4.0-1083.89",
"5.4.0-1084.90",
"5.4.0-1086.92",
"5.4.0-1087.93",
"5.4.0-1088.94",
"5.4.0-1089.95",
"5.4.0-1090.96",
"5.4.0-1091.97",
"5.4.0-1092.98",
"5.4.0-1093.99",
"5.4.0-1094.100",
"5.4.0-1095.101",
"5.4.0-1096.102",
"5.4.0-1097.103",
"5.4.0-1098.104",
"5.4.0-1099.105",
"5.4.0-1100.106",
"5.4.0-1101.107",
"5.4.0-1102.108",
"5.4.0-1103.110",
"5.4.0-1104.111",
"5.4.0-1105.112",
"5.4.0-1106.113",
"5.4.0-1107.114",
"5.4.0-1108.115",
"5.4.0-1109.116",
"5.4.0-1110.117",
"5.4.0-1111.118",
"5.4.0-1112.119",
"5.4.0-1113.120",
"5.4.0-1114.121",
"5.4.0-1115.122",
"5.4.0-1116.123",
"5.4.0-1117.124",
"5.4.0-1118.125",
"5.4.0-1119.127",
"5.4.0-1120.128",
"5.4.0-1121.129",
"5.4.0-1122.130",
"5.4.0-1123.131",
"5.4.0-1124.132",
"5.4.0-1125.133",
"5.4.0-1126.134",
"5.4.0-1127.136",
"5.4.0-1129.138",
"5.4.0-1130.139",
"5.4.0-1131.140",
"5.4.0-1132.141",
"5.4.0-1133.142",
"5.4.0-1134.143",
"5.4.0-1135.144",
"5.4.0-1136.145",
"5.4.0-1137.146",
"5.4.0-1138.147",
"5.4.0-1139.148",
"5.4.0-1140.149",
"5.4.0-1141.150",
"5.4.0-1143.152",
"5.4.0-1144.153",
"5.4.0-1145.154",
"5.4.0-1146.155",
"5.4.0-1147.156"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-5.15-cloud-tools-5.15.0-183",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-5.15-headers-5.15.0-183",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-5.15-tools-5.15.0-183",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-lowlatency-hwe-5.15",
"purl": "pkg:deb/ubuntu/linux-lowlatency-hwe-5.15@5.15.0-183.193~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-33.34~20.04.1",
"5.15.0-42.45~20.04.1",
"5.15.0-43.46~20.04.1",
"5.15.0-46.49~20.04.1",
"5.15.0-48.54~20.04.1",
"5.15.0-50.56~20.04.1",
"5.15.0-52.58~20.04.1",
"5.15.0-53.59~20.04.1",
"5.15.0-56.62~20.04.1",
"5.15.0-58.64~20.04.1",
"5.15.0-60.66~20.04.1",
"5.15.0-67.74~20.04.1",
"5.15.0-69.76~20.04.1",
"5.15.0-70.77~20.04.1",
"5.15.0-71.78~20.04.1",
"5.15.0-72.79~20.04.1",
"5.15.0-73.80~20.04.1",
"5.15.0-75.82~20.04.1",
"5.15.0-76.83~20.04.1",
"5.15.0-78.85~20.04.1",
"5.15.0-79.88~20.04.1",
"5.15.0-82.91~20.04.1",
"5.15.0-83.92~20.04.1",
"5.15.0-84.93~20.04.1",
"5.15.0-86.95~20.04.1",
"5.15.0-87.96~20.04.1",
"5.15.0-88.98~20.04.1",
"5.15.0-89.99~20.04.1",
"5.15.0-91.101~20.04.1",
"5.15.0-92.102~20.04.1",
"5.15.0-94.104~20.04.1",
"5.15.0-97.107~20.04.1",
"5.15.0-100.110~20.04.1",
"5.15.0-101.111~20.04.1",
"5.15.0-102.112~20.04.1",
"5.15.0-105.115~20.04.1",
"5.15.0-106.116~20.04.1",
"5.15.0-107.117~20.04.1",
"5.15.0-110.120~20.04.1",
"5.15.0-113.123~20.04.1",
"5.15.0-116.126~20.04.1",
"5.15.0-117.127~20.04.1",
"5.15.0-118.128~20.04.1",
"5.15.0-119.129~20.04.1",
"5.15.0-121.131~20.04.1",
"5.15.0-122.132~20.04.1",
"5.15.0-124.134~20.04.1",
"5.15.0-125.135~20.04.1",
"5.15.0-126.136~20.04.1",
"5.15.0-127.137~20.04.1",
"5.15.0-128.138~20.04.1",
"5.15.0-129.139~20.04.1",
"5.15.0-131.141~20.04.1",
"5.15.0-133.143~20.04.1",
"5.15.0-134.145~20.04.1",
"5.15.0-135.146~20.04.1",
"5.15.0-136.147~20.04.1",
"5.15.0-138.148~20.04.1",
"5.15.0-139.149~20.04.1",
"5.15.0-140.150~20.04.1",
"5.15.0-142.152~20.04.1",
"5.15.0-143.153~20.04.1",
"5.15.0-144.157~20.04.1",
"5.15.0-145.158~20.04.1",
"5.15.0-152.162~20.04.1",
"5.15.0-153.163~20.04.1",
"5.15.0-156.166~20.04.1",
"5.15.0-157.167~20.04.1",
"5.15.0-160.170~20.04.1",
"5.15.0-161.171~20.04.1",
"5.15.0-163.173~20.04.1",
"5.15.0-164.174~20.04.1",
"5.15.0-168.178~20.04.1",
"5.15.0-170.180~20.04.1",
"5.15.0-171.181~20.04.1",
"5.15.0-173.183~20.04.1",
"5.15.0-174.184~20.04.1",
"5.15.0-175.185~20.04.1",
"5.15.0-177.187~20.04.1",
"5.15.0-178.188~20.04.1",
"5.15.0-179.189~20.04.1",
"5.15.0-181.191~20.04.1",
"5.15.0-183.193~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-nvidia-tegra-5.15-headers-5.15.0-1063",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-nvidia-tegra-5.15-tools-5.15.0-1063",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-nvidia-tegra-5.15",
"purl": "pkg:deb/ubuntu/linux-nvidia-tegra-5.15@5.15.0-1063.63~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1009.9~20.04.1",
"5.15.0-1010.10~20.04.1",
"5.15.0-1012.12~20.04.1",
"5.15.0-1014.14~20.04.1",
"5.15.0-1015.15~20.04.1",
"5.15.0-1016.16~20.04.1",
"5.15.0-1017.17~20.04.1",
"5.15.0-1018.18~20.04.1",
"5.15.0-1019.19~20.04.1",
"5.15.0-1020.20~20.04.1",
"5.15.0-1022.22~20.04.1",
"5.15.0-1025.25~20.04.1",
"5.15.0-1027.27~20.04.1",
"5.15.0-1030.30~20.04.1",
"5.15.0-1032.32~20.04.1",
"5.15.0-1039.39~20.04.1",
"5.15.0-1040.40~20.04.1",
"5.15.0-1041.41~20.04.1",
"5.15.0-1042.42~20.04.1",
"5.15.0-1043.43~20.04.1",
"5.15.0-1044.44~20.04.1",
"5.15.0-1045.45~20.04.1",
"5.15.0-1046.46~20.04.1",
"5.15.0-1047.47~20.04.1",
"5.15.0-1048.48~20.04.1",
"5.15.0-1049.49~20.04.1",
"5.15.0-1050.50~20.04.1",
"5.15.0-1051.51~20.04.1",
"5.15.0-1052.52~20.04.2",
"5.15.0-1053.53~20.04.1",
"5.15.0-1055.55~20.04.1",
"5.15.0-1057.57~20.04.1",
"5.15.0-1058.58~20.04.1",
"5.15.0-1060.60~20.04.1",
"5.15.0-1061.61~20.04.1",
"5.15.0-1063.63~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.10.0-1057-oem",
"binary_version": "5.10.0-1057.61"
},
{
"binary_name": "linux-headers-5.10.0-1057-oem",
"binary_version": "5.10.0-1057.61"
},
{
"binary_name": "linux-image-unsigned-5.10.0-1057-oem",
"binary_version": "5.10.0-1057.61"
},
{
"binary_name": "linux-modules-5.10.0-1057-oem",
"binary_version": "5.10.0-1057.61"
},
{
"binary_name": "linux-oem-5.10-headers-5.10.0-1057",
"binary_version": "5.10.0-1057.61"
},
{
"binary_name": "linux-oem-5.10-tools-5.10.0-1057",
"binary_version": "5.10.0-1057.61"
},
{
"binary_name": "linux-oem-5.10-tools-host",
"binary_version": "5.10.0-1057.61"
},
{
"binary_name": "linux-tools-5.10.0-1057-oem",
"binary_version": "5.10.0-1057.61"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-oem-5.10",
"purl": "pkg:deb/ubuntu/linux-oem-5.10@5.10.0-1057.61?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.10.0-1008.9",
"5.10.0-1011.12",
"5.10.0-1013.14",
"5.10.0-1014.15",
"5.10.0-1016.17",
"5.10.0-1017.18",
"5.10.0-1019.20",
"5.10.0-1021.22",
"5.10.0-1022.23",
"5.10.0-1023.24",
"5.10.0-1025.26",
"5.10.0-1026.27",
"5.10.0-1029.30",
"5.10.0-1032.33",
"5.10.0-1033.34",
"5.10.0-1034.35",
"5.10.0-1038.40",
"5.10.0-1044.46",
"5.10.0-1045.47",
"5.10.0-1049.51",
"5.10.0-1050.52",
"5.10.0-1051.53",
"5.10.0-1052.54",
"5.10.0-1053.55",
"5.10.0-1055.58",
"5.10.0-1057.61"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.13.0-1029-oem",
"binary_version": "5.13.0-1029.36"
},
{
"binary_name": "linux-headers-5.13.0-1029-oem",
"binary_version": "5.13.0-1029.36"
},
{
"binary_name": "linux-image-unsigned-5.13.0-1029-oem",
"binary_version": "5.13.0-1029.36"
},
{
"binary_name": "linux-modules-5.13.0-1029-oem",
"binary_version": "5.13.0-1029.36"
},
{
"binary_name": "linux-oem-5.13-headers-5.13.0-1029",
"binary_version": "5.13.0-1029.36"
},
{
"binary_name": "linux-oem-5.13-tools-5.13.0-1029",
"binary_version": "5.13.0-1029.36"
},
{
"binary_name": "linux-oem-5.13-tools-host",
"binary_version": "5.13.0-1029.36"
},
{
"binary_name": "linux-tools-5.13.0-1029-oem",
"binary_version": "5.13.0-1029.36"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-oem-5.13",
"purl": "pkg:deb/ubuntu/linux-oem-5.13@5.13.0-1029.36?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1009.10",
"5.13.0-1010.11",
"5.13.0-1012.16",
"5.13.0-1014.18",
"5.13.0-1017.21",
"5.13.0-1019.23",
"5.13.0-1020.24",
"5.13.0-1021.25",
"5.13.0-1022.26",
"5.13.0-1026.32",
"5.13.0-1028.35",
"5.13.0-1029.36"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.14.0-1059-oem",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-headers-5.14.0-1059-oem",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-image-unsigned-5.14.0-1059-oem",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-modules-5.14.0-1059-oem",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-modules-iwlwifi-5.14.0-1059-oem",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-oem-5.14-headers-5.14.0-1059",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-oem-5.14-tools-5.14.0-1059",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-oem-5.14-tools-host",
"binary_version": "5.14.0-1059.67"
},
{
"binary_name": "linux-tools-5.14.0-1059-oem",
"binary_version": "5.14.0-1059.67"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-oem-5.14",
"purl": "pkg:deb/ubuntu/linux-oem-5.14@5.14.0-1059.67?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.14.0-1004.4",
"5.14.0-1005.5",
"5.14.0-1007.7",
"5.14.0-1008.8",
"5.14.0-1010.10",
"5.14.0-1011.11",
"5.14.0-1013.13",
"5.14.0-1018.19",
"5.14.0-1020.22",
"5.14.0-1022.24",
"5.14.0-1024.26",
"5.14.0-1027.30",
"5.14.0-1029.32",
"5.14.0-1031.34",
"5.14.0-1032.35",
"5.14.0-1033.36",
"5.14.0-1034.37",
"5.14.0-1036.40",
"5.14.0-1038.42",
"5.14.0-1042.47",
"5.14.0-1044.49",
"5.14.0-1045.51",
"5.14.0-1046.53",
"5.14.0-1047.54",
"5.14.0-1048.55",
"5.14.0-1049.56",
"5.14.0-1050.57",
"5.14.0-1051.58",
"5.14.0-1052.59",
"5.14.0-1054.61",
"5.14.0-1055.62",
"5.14.0-1056.63",
"5.14.0-1057.64",
"5.14.0-1058.66",
"5.14.0-1059.67"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.6.0-1056-oem",
"binary_version": "5.6.0-1056.60"
},
{
"binary_name": "linux-headers-5.6.0-1056-oem",
"binary_version": "5.6.0-1056.60"
},
{
"binary_name": "linux-image-unsigned-5.6.0-1056-oem",
"binary_version": "5.6.0-1056.60"
},
{
"binary_name": "linux-modules-5.6.0-1056-oem",
"binary_version": "5.6.0-1056.60"
},
{
"binary_name": "linux-oem-5.6-headers-5.6.0-1056",
"binary_version": "5.6.0-1056.60"
},
{
"binary_name": "linux-oem-5.6-tools-5.6.0-1056",
"binary_version": "5.6.0-1056.60"
},
{
"binary_name": "linux-oem-5.6-tools-host",
"binary_version": "5.6.0-1056.60"
},
{
"binary_name": "linux-tools-5.6.0-1056-oem",
"binary_version": "5.6.0-1056.60"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-oem-5.6",
"purl": "pkg:deb/ubuntu/linux-oem-5.6@5.6.0-1056.60?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.6.0-1007.7",
"5.6.0-1008.8",
"5.6.0-1010.10",
"5.6.0-1011.11",
"5.6.0-1013.13",
"5.6.0-1017.17",
"5.6.0-1018.18",
"5.6.0-1020.20",
"5.6.0-1021.21",
"5.6.0-1023.23",
"5.6.0-1026.26",
"5.6.0-1027.27",
"5.6.0-1028.28",
"5.6.0-1031.32",
"5.6.0-1032.33",
"5.6.0-1033.35",
"5.6.0-1034.36",
"5.6.0-1035.37",
"5.6.0-1036.39",
"5.6.0-1039.43",
"5.6.0-1042.46",
"5.6.0-1047.51",
"5.6.0-1048.52",
"5.6.0-1050.54",
"5.6.0-1052.56",
"5.6.0-1053.57",
"5.6.0-1054.58",
"5.6.0-1055.59",
"5.6.0-1056.60"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168"
},
{
"binary_name": "linux-headers-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168"
},
{
"binary_name": "linux-modules-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168"
},
{
"binary_name": "linux-modules-extra-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168"
},
{
"binary_name": "linux-oracle-headers-5.4.0-1158",
"binary_version": "5.4.0-1158.168"
},
{
"binary_name": "linux-oracle-tools-5.4.0-1158",
"binary_version": "5.4.0-1158.168"
},
{
"binary_name": "linux-tools-5.4.0-1158-oracle",
"binary_version": "5.4.0-1158.168"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-oracle",
"purl": "pkg:deb/ubuntu/linux-oracle@5.4.0-1158.168?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1002.2",
"5.3.0-1007.8",
"5.3.0-1008.9",
"5.4.0-1005.5",
"5.4.0-1007.7",
"5.4.0-1008.8",
"5.4.0-1009.9",
"5.4.0-1011.11",
"5.4.0-1015.15",
"5.4.0-1018.18",
"5.4.0-1019.19",
"5.4.0-1021.21",
"5.4.0-1022.22",
"5.4.0-1024.24",
"5.4.0-1025.25",
"5.4.0-1028.29",
"5.4.0-1029.31",
"5.4.0-1030.32",
"5.4.0-1032.34",
"5.4.0-1034.36",
"5.4.0-1035.38",
"5.4.0-1037.40",
"5.4.0-1038.41",
"5.4.0-1039.42",
"5.4.0-1041.44",
"5.4.0-1042.45",
"5.4.0-1043.46",
"5.4.0-1045.49",
"5.4.0-1046.50",
"5.4.0-1048.52",
"5.4.0-1049.53",
"5.4.0-1052.56",
"5.4.0-1053.57",
"5.4.0-1054.58",
"5.4.0-1055.59",
"5.4.0-1056.60",
"5.4.0-1057.61",
"5.4.0-1058.62",
"5.4.0-1059.63",
"5.4.0-1061.65",
"5.4.0-1062.66",
"5.4.0-1063.67",
"5.4.0-1064.68",
"5.4.0-1066.71",
"5.4.0-1067.72",
"5.4.0-1069.75",
"5.4.0-1070.76",
"5.4.0-1071.77",
"5.4.0-1073.79",
"5.4.0-1076.83",
"5.4.0-1078.86",
"5.4.0-1079.87",
"5.4.0-1081.89",
"5.4.0-1082.90",
"5.4.0-1083.91",
"5.4.0-1084.92",
"5.4.0-1086.95",
"5.4.0-1087.96",
"5.4.0-1090.99",
"5.4.0-1091.100",
"5.4.0-1092.101",
"5.4.0-1093.102",
"5.4.0-1094.103",
"5.4.0-1097.106",
"5.4.0-1098.107",
"5.4.0-1099.108",
"5.4.0-1100.109",
"5.4.0-1101.110",
"5.4.0-1102.111",
"5.4.0-1103.112",
"5.4.0-1104.113",
"5.4.0-1105.114",
"5.4.0-1106.115",
"5.4.0-1107.116",
"5.4.0-1108.117",
"5.4.0-1109.118",
"5.4.0-1110.119",
"5.4.0-1111.120",
"5.4.0-1112.121",
"5.4.0-1113.122",
"5.4.0-1115.124",
"5.4.0-1116.125",
"5.4.0-1117.126",
"5.4.0-1118.127",
"5.4.0-1119.128",
"5.4.0-1120.129",
"5.4.0-1121.130",
"5.4.0-1122.131",
"5.4.0-1123.132",
"5.4.0-1124.133",
"5.4.0-1125.134",
"5.4.0-1126.135",
"5.4.0-1127.136",
"5.4.0-1129.138",
"5.4.0-1130.139",
"5.4.0-1131.140",
"5.4.0-1132.141",
"5.4.0-1133.142",
"5.4.0-1134.143",
"5.4.0-1135.144",
"5.4.0-1136.145",
"5.4.0-1137.146",
"5.4.0-1138.147",
"5.4.0-1140.150",
"5.4.0-1141.151",
"5.4.0-1142.152",
"5.4.0-1143.153",
"5.4.0-1144.154",
"5.4.0-1145.155",
"5.4.0-1146.156",
"5.4.0-1147.157",
"5.4.0-1149.159",
"5.4.0-1150.160",
"5.4.0-1151.161",
"5.4.0-1152.162",
"5.4.0-1154.164",
"5.4.0-1155.165",
"5.4.0-1156.166",
"5.4.0-1157.167",
"5.4.0-1158.168"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.11.0-1028-oracle",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-headers-5.11.0-1028-oracle",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.11.0-1028-oracle",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-modules-5.11.0-1028-oracle",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.11.0-1028-oracle",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-oracle-5.11-headers-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-oracle-5.11-tools-5.11.0-1028",
"binary_version": "5.11.0-1028.31~20.04.1"
},
{
"binary_name": "linux-tools-5.11.0-1028-oracle",
"binary_version": "5.11.0-1028.31~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-oracle-5.11",
"purl": "pkg:deb/ubuntu/linux-oracle-5.11@5.11.0-1028.31~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.11.0-1008.8~20.04.1",
"5.11.0-1013.14~20.04.1",
"5.11.0-1016.17~20.04.1",
"5.11.0-1017.18~20.04.1",
"5.11.0-1019.20~20.04.1",
"5.11.0-1020.21~20.04.1",
"5.11.0-1021.22~20.04.1",
"5.11.0-1022.23~20.04.1",
"5.11.0-1023.24~20.04.1",
"5.11.0-1025.27~20.04.1",
"5.11.0-1027.30~20.04.1",
"5.11.0-1028.31~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.13.0-1036-oracle",
"binary_version": "5.13.0-1036.43~20.04.1"
},
{
"binary_name": "linux-headers-5.13.0-1036-oracle",
"binary_version": "5.13.0-1036.43~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.13.0-1036-oracle",
"binary_version": "5.13.0-1036.43~20.04.1"
},
{
"binary_name": "linux-modules-5.13.0-1036-oracle",
"binary_version": "5.13.0-1036.43~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.13.0-1036-oracle",
"binary_version": "5.13.0-1036.43~20.04.1"
},
{
"binary_name": "linux-oracle-5.13-headers-5.13.0-1036",
"binary_version": "5.13.0-1036.43~20.04.1"
},
{
"binary_name": "linux-oracle-5.13-tools-5.13.0-1036",
"binary_version": "5.13.0-1036.43~20.04.1"
},
{
"binary_name": "linux-tools-5.13.0-1036-oracle",
"binary_version": "5.13.0-1036.43~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-oracle-5.13",
"purl": "pkg:deb/ubuntu/linux-oracle-5.13@5.13.0-1036.43~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1011.13~20.04.2",
"5.13.0-1015.19~20.04.1",
"5.13.0-1016.20~20.04.1",
"5.13.0-1018.22~20.04.1",
"5.13.0-1021.26~20.04.1",
"5.13.0-1025.30~20.04.1",
"5.13.0-1027.32~20.04.1",
"5.13.0-1028.33~20.04.1",
"5.13.0-1030.35~20.04.1",
"5.13.0-1033.39~20.04.1",
"5.13.0-1034.40~20.04.1",
"5.13.0-1036.43~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114~20.04.1"
},
{
"binary_name": "linux-oracle-5.15-headers-5.15.0-1108",
"binary_version": "5.15.0-1108.114~20.04.1"
},
{
"binary_name": "linux-oracle-5.15-tools-5.15.0-1108",
"binary_version": "5.15.0-1108.114~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-oracle-5.15",
"purl": "pkg:deb/ubuntu/linux-oracle-5.15@5.15.0-1108.114~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1007.9~20.04.1",
"5.15.0-1013.17~20.04.1",
"5.15.0-1016.20~20.04.1",
"5.15.0-1017.22~20.04.1",
"5.15.0-1018.23~20.04.1",
"5.15.0-1019.24~20.04.1",
"5.15.0-1021.27~20.04.1",
"5.15.0-1022.28~20.04.1",
"5.15.0-1025.31~20.04.2",
"5.15.0-1027.33~20.04.1",
"5.15.0-1029.35~20.04.1",
"5.15.0-1030.36~20.04.1",
"5.15.0-1032.38~20.04.1",
"5.15.0-1033.39~20.04.1",
"5.15.0-1034.40~20.04.1",
"5.15.0-1035.41~20.04.1",
"5.15.0-1036.42~20.04.1",
"5.15.0-1037.43~20.04.1",
"5.15.0-1038.44~20.04.1",
"5.15.0-1039.45~20.04.1",
"5.15.0-1040.46~20.04.1",
"5.15.0-1041.47~20.04.1",
"5.15.0-1042.48~20.04.1",
"5.15.0-1044.50~20.04.1",
"5.15.0-1045.51~20.04.1",
"5.15.0-1046.52~20.04.1",
"5.15.0-1047.53~20.04.1",
"5.15.0-1048.54~20.04.1",
"5.15.0-1049.55~20.04.1",
"5.15.0-1050.56~20.04.1",
"5.15.0-1051.57~20.04.1",
"5.15.0-1052.58~20.04.1",
"5.15.0-1053.59~20.04.1",
"5.15.0-1054.60~20.04.1",
"5.15.0-1055.61~20.04.1",
"5.15.0-1058.64~20.04.1",
"5.15.0-1059.65~20.04.1",
"5.15.0-1061.67~20.04.1",
"5.15.0-1062.68~20.04.1",
"5.15.0-1063.69~20.04.1",
"5.15.0-1065.71~20.04.1",
"5.15.0-1066.72~20.04.1",
"5.15.0-1067.73~20.04.1",
"5.15.0-1068.74~20.04.1",
"5.15.0-1069.75~20.04.1",
"5.15.0-1070.76~20.04.1",
"5.15.0-1071.77~20.04.1",
"5.15.0-1072.78~20.04.1",
"5.15.0-1073.79~20.04.1",
"5.15.0-1074.80~20.04.1",
"5.15.0-1075.81~20.04.1",
"5.15.0-1076.82~20.04.1",
"5.15.0-1077.83~20.04.1",
"5.15.0-1078.84~20.04.1",
"5.15.0-1079.85~20.04.1",
"5.15.0-1080.86~20.04.1",
"5.15.0-1081.87~20.04.1",
"5.15.0-1083.89~20.04.1",
"5.15.0-1084.90~20.04.1",
"5.15.0-1085.91~20.04.3",
"5.15.0-1086.92~20.04.1",
"5.15.0-1088.94~20.04.1",
"5.15.0-1090.96~20.04.1",
"5.15.0-1091.97~20.04.1",
"5.15.0-1092.98~20.04.1",
"5.15.0-1093.99~20.04.1",
"5.15.0-1094.100~20.04.1",
"5.15.0-1095.101~20.04.1",
"5.15.0-1096.102~20.04.1",
"5.15.0-1097.103~20.04.1",
"5.15.0-1098.104~20.04.1",
"5.15.0-1100.106~20.04.1",
"5.15.0-1101.107~20.04.1",
"5.15.0-1102.108~20.04.1",
"5.15.0-1104.110~20.04.1",
"5.15.0-1106.112~20.04.1",
"5.15.0-1108.114~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.8.0-1038-oracle",
"binary_version": "5.8.0-1038.39~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-1038-oracle",
"binary_version": "5.8.0-1038.39~20.04.1"
},
{
"binary_name": "linux-image-unsigned-5.8.0-1038-oracle",
"binary_version": "5.8.0-1038.39~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-1038-oracle",
"binary_version": "5.8.0-1038.39~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.8.0-1038-oracle",
"binary_version": "5.8.0-1038.39~20.04.1"
},
{
"binary_name": "linux-oracle-5.8-headers-5.8.0-1038",
"binary_version": "5.8.0-1038.39~20.04.1"
},
{
"binary_name": "linux-oracle-5.8-tools-5.8.0-1038",
"binary_version": "5.8.0-1038.39~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-1038-oracle",
"binary_version": "5.8.0-1038.39~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-oracle-5.8",
"purl": "pkg:deb/ubuntu/linux-oracle-5.8@5.8.0-1038.39~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.8.0-1031.32~20.04.2",
"5.8.0-1033.34~20.04.1",
"5.8.0-1034.35~20.04.2",
"5.8.0-1037.38~20.04.1",
"5.8.0-1038.39~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156"
},
{
"binary_name": "linux-headers-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156"
},
{
"binary_name": "linux-image-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156"
},
{
"binary_name": "linux-modules-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156"
},
{
"binary_name": "linux-raspi-headers-5.4.0-1143",
"binary_version": "5.4.0-1143.156"
},
{
"binary_name": "linux-raspi-tools-5.4.0-1143",
"binary_version": "5.4.0-1143.156"
},
{
"binary_name": "linux-tools-5.4.0-1143-raspi",
"binary_version": "5.4.0-1143.156"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-raspi",
"purl": "pkg:deb/ubuntu/linux-raspi@5.4.0-1143.156?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1007.7",
"5.4.0-1008.8",
"5.4.0-1011.11",
"5.4.0-1012.12",
"5.4.0-1013.13",
"5.4.0-1015.15",
"5.4.0-1016.17",
"5.4.0-1018.20",
"5.4.0-1019.21",
"5.4.0-1021.24",
"5.4.0-1022.25",
"5.4.0-1023.26",
"5.4.0-1025.28",
"5.4.0-1026.29",
"5.4.0-1028.31",
"5.4.0-1029.32",
"5.4.0-1030.33",
"5.4.0-1032.35",
"5.4.0-1033.36",
"5.4.0-1034.37",
"5.4.0-1035.38",
"5.4.0-1036.39",
"5.4.0-1038.41",
"5.4.0-1041.45",
"5.4.0-1042.46",
"5.4.0-1043.47",
"5.4.0-1044.48",
"5.4.0-1045.49",
"5.4.0-1046.50",
"5.4.0-1047.52",
"5.4.0-1048.53",
"5.4.0-1050.56",
"5.4.0-1052.58",
"5.4.0-1053.60",
"5.4.0-1055.62",
"5.4.0-1056.63",
"5.4.0-1058.65",
"5.4.0-1059.67",
"5.4.0-1060.68",
"5.4.0-1062.70",
"5.4.0-1065.75",
"5.4.0-1066.76",
"5.4.0-1068.78",
"5.4.0-1069.79",
"5.4.0-1070.80",
"5.4.0-1071.81",
"5.4.0-1073.84",
"5.4.0-1074.85",
"5.4.0-1077.88",
"5.4.0-1078.89",
"5.4.0-1079.90",
"5.4.0-1080.91",
"5.4.0-1081.92",
"5.4.0-1082.93",
"5.4.0-1083.94",
"5.4.0-1084.95",
"5.4.0-1085.96",
"5.4.0-1086.97",
"5.4.0-1088.99",
"5.4.0-1089.100",
"5.4.0-1090.101",
"5.4.0-1091.102",
"5.4.0-1092.103",
"5.4.0-1093.104",
"5.4.0-1094.105",
"5.4.0-1095.106",
"5.4.0-1096.107",
"5.4.0-1097.109",
"5.4.0-1098.110",
"5.4.0-1100.112",
"5.4.0-1101.113",
"5.4.0-1102.114",
"5.4.0-1103.115",
"5.4.0-1104.116",
"5.4.0-1105.117",
"5.4.0-1106.118",
"5.4.0-1107.119",
"5.4.0-1108.120",
"5.4.0-1109.121",
"5.4.0-1110.122",
"5.4.0-1111.123",
"5.4.0-1112.124",
"5.4.0-1113.125",
"5.4.0-1114.126",
"5.4.0-1115.127",
"5.4.0-1116.128",
"5.4.0-1117.129",
"5.4.0-1118.130",
"5.4.0-1119.131",
"5.4.0-1120.132",
"5.4.0-1121.133",
"5.4.0-1122.134",
"5.4.0-1129.142",
"5.4.0-1130.143",
"5.4.0-1131.144",
"5.4.0-1132.145",
"5.4.0-1133.146",
"5.4.0-1134.147",
"5.4.0-1135.148",
"5.4.0-1136.149",
"5.4.0-1137.150",
"5.4.0-1139.152",
"5.4.0-1140.153",
"5.4.0-1143.156"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-headers-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-image-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-modules-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-raspi2-headers-5.4.0-1006",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-raspi2-tools-5.4.0-1006",
"binary_version": "5.4.0-1006.6"
},
{
"binary_name": "linux-tools-5.4.0-1006-raspi2",
"binary_version": "5.4.0-1006.6"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-raspi2",
"purl": "pkg:deb/ubuntu/linux-raspi2@5.4.0-1006.6?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.3.0-1007.8",
"5.3.0-1014.16",
"5.3.0-1015.17",
"5.3.0-1017.19",
"5.4.0-1004.4",
"5.4.0-1006.6"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "crypto-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "fat-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "firewire-core-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "fs-core-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "fs-secondary-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "input-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "ipmi-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "kernel-image-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-buildinfo-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-headers-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-image-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-modules-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-modules-extra-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-riscv-headers-5.4.0-40",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-riscv-tools-5.4.0-40",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-tools-5.4.0-40-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "linux-udebs-generic",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "md-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "message-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "mouse-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "multipath-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nfs-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nic-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nic-shared-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "nic-usb-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "parport-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "pata-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "plip-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "ppp-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "sata-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "scsi-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "storage-core-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "usb-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "virtio-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
},
{
"binary_name": "vlan-modules-5.4.0-40-generic-di",
"binary_version": "5.4.0-40.45"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-riscv",
"purl": "pkg:deb/ubuntu/linux-riscv@5.4.0-40.45?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-24.28",
"5.4.0-26.30",
"5.4.0-27.31",
"5.4.0-28.32",
"5.4.0-30.34",
"5.4.0-31.35",
"5.4.0-33.37",
"5.4.0-34.38",
"5.4.0-36.41",
"5.4.0-37.42",
"5.4.0-39.44",
"5.4.0-40.45"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.11.0-1031-generic",
"binary_version": "5.11.0-1031.35"
},
{
"binary_name": "linux-headers-5.11.0-1031-generic",
"binary_version": "5.11.0-1031.35"
},
{
"binary_name": "linux-image-5.11.0-1031-generic",
"binary_version": "5.11.0-1031.35"
},
{
"binary_name": "linux-modules-5.11.0-1031-generic",
"binary_version": "5.11.0-1031.35"
},
{
"binary_name": "linux-modules-extra-5.11.0-1031-generic",
"binary_version": "5.11.0-1031.35"
},
{
"binary_name": "linux-riscv-5.11-headers-5.11.0-1031",
"binary_version": "5.11.0-1031.35"
},
{
"binary_name": "linux-riscv-5.11-tools-5.11.0-1031",
"binary_version": "5.11.0-1031.35"
},
{
"binary_name": "linux-tools-5.11.0-1031-generic",
"binary_version": "5.11.0-1031.35"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-riscv-5.11",
"purl": "pkg:deb/ubuntu/linux-riscv-5.11@5.11.0-1031.35?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.11.0-1015.16~20.04.1",
"5.11.0-1017.18~20.04.1",
"5.11.0-1018.19~20.04.2",
"5.11.0-1020.21~20.04.1",
"5.11.0-1021.22~20.04.1",
"5.11.0-1022.23~20.04.1",
"5.11.0-1023.24~20.04.1",
"5.11.0-1024.25~20.04.1",
"5.11.0-1026.28~20.04.1",
"5.11.0-1028.31~20.04.1",
"5.11.0-1029.32~20.04.1",
"5.11.0-1030.34",
"5.11.0-1031.35"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1105-generic",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-headers-5.15.0-1105-generic",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-image-5.15.0-1105-generic",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-modules-5.15.0-1105-generic",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1105-generic",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-riscv-5.15-headers-5.15.0-1105",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-riscv-5.15-tools-5.15.0-1105",
"binary_version": "5.15.0-1105.109~20.04.1"
},
{
"binary_name": "linux-tools-5.15.0-1105-generic",
"binary_version": "5.15.0-1105.109~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-riscv-5.15",
"purl": "pkg:deb/ubuntu/linux-riscv-5.15@5.15.0-1105.109~20.04.1?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1015.17~20.04.1",
"5.15.0-1017.19~20.04.1",
"5.15.0-1018.21~20.04.1",
"5.15.0-1019.22~20.04.1",
"5.15.0-1022.26~20.04.1",
"5.15.0-1023.27~20.04.1",
"5.15.0-1026.30~20.04.2",
"5.15.0-1027.31~20.04.1",
"5.15.0-1028.32~20.04.1",
"5.15.0-1029.33~20.04.1",
"5.15.0-1030.34~20.04.1",
"5.15.0-1031.35~20.04.1",
"5.15.0-1032.36~20.04.1",
"5.15.0-1033.37~20.04.1",
"5.15.0-1034.38~20.04.1",
"5.15.0-1035.39~20.04.1",
"5.15.0-1036.40~20.04.2",
"5.15.0-1037.41~20.04.2",
"5.15.0-1038.42~20.04.2",
"5.15.0-1039.43~20.04.2",
"5.15.0-1040.44~20.04.3",
"5.15.0-1041.45~20.04.1",
"5.15.0-1043.47~20.04.1",
"5.15.0-1044.48~20.04.1",
"5.15.0-1045.49~20.04.1",
"5.15.0-1046.50~20.04.1",
"5.15.0-1047.51~20.04.1",
"5.15.0-1048.52~20.04.1",
"5.15.0-1049.53~20.04.2",
"5.15.0-1050.54~20.04.1",
"5.15.0-1051.55~20.04.1",
"5.15.0-1052.56~20.04.1",
"5.15.0-1053.57~20.04.1",
"5.15.0-1056.60~20.04.1",
"5.15.0-1057.61~20.04.1",
"5.15.0-1058.62~20.04.1",
"5.15.0-1059.63~20.04.1",
"5.15.0-1060.64~20.04.1",
"5.15.0-1061.65~20.04.1",
"5.15.0-1062.66~20.04.1",
"5.15.0-1063.67~20.04.1",
"5.15.0-1064.68~20.04.1",
"5.15.0-1065.69~20.04.1",
"5.15.0-1066.70~20.04.1",
"5.15.0-1067.71~20.04.1",
"5.15.0-1068.72~20.04.1",
"5.15.0-1069.73~20.04.1",
"5.15.0-1070.74~20.04.1",
"5.15.0-1071.75~20.04.1",
"5.15.0-1072.76~20.04.1",
"5.15.0-1073.77~20.04.1",
"5.15.0-1074.78~20.04.1",
"5.15.0-1075.79~20.04.1",
"5.15.0-1076.80~20.04.1",
"5.15.0-1077.81~20.04.1",
"5.15.0-1078.82~20.04.1",
"5.15.0-1079.83~20.04.1",
"5.15.0-1081.85~20.04.1",
"5.15.0-1082.86~20.04.1",
"5.15.0-1083.87~20.04.1",
"5.15.0-1084.88~20.04.1",
"5.15.0-1085.89~20.04.1",
"5.15.0-1086.90~20.04.1",
"5.15.0-1087.91~20.04.1",
"5.15.0-1088.92~20.04.1",
"5.15.0-1090.94~20.04.1",
"5.15.0-1091.95~20.04.1",
"5.15.0-1092.96~20.04.1",
"5.15.0-1093.97~20.04.2",
"5.15.0-1094.98~20.04.1",
"5.15.0-1095.99~20.04.1",
"5.15.0-1096.100~20.04.1",
"5.15.0-1097.101~20.04.1",
"5.15.0-1098.102~20.04.1",
"5.15.0-1099.103~20.04.1",
"5.15.0-1100.104~20.04.1",
"5.15.0-1102.106~20.04.1",
"5.15.0-1103.107~20.04.1",
"5.15.0-1105.109~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "block-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "crypto-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "fat-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "firewire-core-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "fs-core-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "fs-secondary-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "input-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "ipmi-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "kernel-image-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-buildinfo-5.8.0-29-generic",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-headers-5.8.0-29-generic",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-image-5.8.0-29-generic",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-modules-5.8.0-29-generic",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-modules-extra-5.8.0-29-generic",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-riscv-5.8-headers-5.8.0-29",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-riscv-5.8-tools-5.8.0-29",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-tools-5.8.0-29-generic",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "linux-udebs-generic",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "md-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "message-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "mouse-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "multipath-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "nfs-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "nic-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "nic-shared-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "nic-usb-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "parport-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "pata-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "plip-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "ppp-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "sata-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "scsi-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "storage-core-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "usb-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "virtio-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
},
{
"binary_name": "vlan-modules-5.8.0-29-generic-di",
"binary_version": "5.8.0-29.31~20.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:20.04:LTS",
"name": "linux-riscv-5.8",
"purl": "pkg:deb/ubuntu/linux-riscv-5.8@5.8.0-29.31~20.04.1?arch=source\u0026distro=focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.8.0-14.16~20.04.1",
"5.8.0-14.16~20.04.3",
"5.8.0-16.18~20.04.1",
"5.8.0-17.19~20.04.1",
"5.8.0-18.20~20.04.1",
"5.8.0-20.22~20.04.1",
"5.8.0-22.24~20.04.1",
"5.8.0-25.27~20.04.1",
"5.8.0-26.28~20.04.1",
"5.8.0-29.31~20.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1078-xilinx-zynqmp",
"binary_version": "5.4.0-1078.82"
},
{
"binary_name": "linux-headers-5.4.0-1078-xilinx-zynqmp",
"binary_version": "5.4.0-1078.82"
},
{
"binary_name": "linux-image-5.4.0-1078-xilinx-zynqmp",
"binary_version": "5.4.0-1078.82"
},
{
"binary_name": "linux-modules-5.4.0-1078-xilinx-zynqmp",
"binary_version": "5.4.0-1078.82"
},
{
"binary_name": "linux-tools-5.4.0-1078-xilinx-zynqmp",
"binary_version": "5.4.0-1078.82"
},
{
"binary_name": "linux-xilinx-zynqmp-headers-5.4.0-1078",
"binary_version": "5.4.0-1078.82"
},
{
"binary_name": "linux-xilinx-zynqmp-tools-5.4.0-1078",
"binary_version": "5.4.0-1078.82"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:20.04:LTS",
"name": "linux-xilinx-zynqmp",
"purl": "pkg:deb/ubuntu/linux-xilinx-zynqmp@5.4.0-1078.82?arch=source\u0026distro=esm-infra/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1020.24",
"5.4.0-1021.25",
"5.4.0-1022.26",
"5.4.0-1023.27",
"5.4.0-1024.28",
"5.4.0-1025.29",
"5.4.0-1026.30",
"5.4.0-1027.31",
"5.4.0-1028.32",
"5.4.0-1029.33",
"5.4.0-1030.34",
"5.4.0-1031.35",
"5.4.0-1032.36",
"5.4.0-1033.37",
"5.4.0-1034.38",
"5.4.0-1035.39",
"5.4.0-1036.40",
"5.4.0-1037.41",
"5.4.0-1038.42",
"5.4.0-1039.43",
"5.4.0-1040.44",
"5.4.0-1041.45",
"5.4.0-1042.46",
"5.4.0-1043.47",
"5.4.0-1044.48",
"5.4.0-1045.49",
"5.4.0-1046.50",
"5.4.0-1047.51",
"5.4.0-1048.52",
"5.4.0-1049.53",
"5.4.0-1050.54",
"5.4.0-1051.55",
"5.4.0-1052.56",
"5.4.0-1053.57",
"5.4.0-1054.58",
"5.4.0-1055.59",
"5.4.0-1056.60",
"5.4.0-1058.62",
"5.4.0-1060.64",
"5.4.0-1061.65",
"5.4.0-1062.66",
"5.4.0-1064.68",
"5.4.0-1065.69",
"5.4.0-1066.70",
"5.4.0-1067.71",
"5.4.0-1068.72",
"5.4.0-1069.73",
"5.4.0-1070.74",
"5.4.0-1071.75",
"5.4.0-1072.76",
"5.4.0-1074.78",
"5.4.0-1075.79",
"5.4.0-1076.80",
"5.4.0-1077.81",
"5.4.0-1078.82"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-fips-headers-5.4.0-1160",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-aws-fips-tools-5.4.0-1160",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-buildinfo-5.4.0-1160-aws-fips",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-headers-5.4.0-1160-aws-fips",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1160-aws-fips",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1160-aws-fips",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-modules-5.4.0-1160-aws-fips",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1160-aws-fips",
"binary_version": "5.4.0-1160.170+fips1"
},
{
"binary_name": "linux-tools-5.4.0-1160-aws-fips",
"binary_version": "5.4.0-1160.170+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "linux-aws-fips",
"purl": "pkg:deb/ubuntu/linux-aws-fips@5.4.0-1160.170+fips1?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1021.21+fips2",
"5.4.0-1069.73+fips2",
"5.4.0-1071.76+fips1",
"5.4.0-1072.77+fips1",
"5.4.0-1073.78+fips1",
"5.4.0-1078.84+fips1",
"5.4.0-1080.87+fips1",
"5.4.0-1081.88+fips1",
"5.4.0-1083.90+fips1",
"5.4.0-1085.92+fips1",
"5.4.0-1086.93+fips1",
"5.4.0-1088.96+fips1",
"5.4.0-1089.97+fips1",
"5.4.0-1092.100+fips1",
"5.4.0-1093.101+fips1",
"5.4.0-1094.102+fips1",
"5.4.0-1096.104+fips1",
"5.4.0-1099.107+fips1",
"5.4.0-1100.108+fips1",
"5.4.0-1101.109+fips1",
"5.4.0-1102.110+fips1",
"5.4.0-1103.111+fips1",
"5.4.0-1104.112+fips1",
"5.4.0-1105.113+fips1",
"5.4.0-1106.114+fips1",
"5.4.0-1107.115+fips1",
"5.4.0-1108.116+fips1",
"5.4.0-1109.118+fips1",
"5.4.0-1110.119+fips1",
"5.4.0-1111.120+fips1",
"5.4.0-1112.121+fips1",
"5.4.0-1113.123+fips1",
"5.4.0-1114.124+fips1",
"5.4.0-1116.126+fips1",
"5.4.0-1117.127+fips1",
"5.4.0-1118.128+fips1",
"5.4.0-1119.129+fips1",
"5.4.0-1120.130+fips1",
"5.4.0-1121.131+fips1",
"5.4.0-1122.132+fips1",
"5.4.0-1123.133+fips1",
"5.4.0-1124.134+fips1",
"5.4.0-1125.135+fips1",
"5.4.0-1126.136+fips2",
"5.4.0-1127.137+fips1",
"5.4.0-1128.138+fips1",
"5.4.0-1129.139+fips1",
"5.4.0-1130.140+fips1",
"5.4.0-1131.141+fips1",
"5.4.0-1132.142+fips1",
"5.4.0-1133.143+fips1",
"5.4.0-1134.144+fips1",
"5.4.0-1135.145+fips1",
"5.4.0-1136.146+fips1",
"5.4.0-1137.147+fips1",
"5.4.0-1139.149+fips1",
"5.4.0-1140.151+fips1",
"5.4.0-1142.153+fips1",
"5.4.0-1144.155+fips1",
"5.4.0-1145.156+fips1",
"5.4.0-1146.156+fips1",
"5.4.0-1147.157+fips1",
"5.4.0-1148.158+fips1",
"5.4.0-1149.159+fips1",
"5.4.0-1150.160+fips1",
"5.4.0-1151.161+fips1",
"5.4.0-1152.162+fips1",
"5.4.0-1153.163+fips1",
"5.4.0-1154.164+fips1",
"5.4.0-1155.165+fips1",
"5.4.0-1156.166+fips1",
"5.4.0-1157.167+fips1",
"5.4.0-1158.168+fips1",
"5.4.0-1159.169+fips1",
"5.4.0-1160.170+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-5.4.0-1164",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-azure-fips-headers-5.4.0-1164",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-azure-fips-tools-5.4.0-1164",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-buildinfo-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-headers-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-modules-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
},
{
"binary_name": "linux-tools-5.4.0-1164-azure-fips",
"binary_version": "5.4.0-1164.170+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "linux-azure-fips",
"purl": "pkg:deb/ubuntu/linux-azure-fips@5.4.0-1164.170+fips1?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1022.22+fips1",
"5.4.0-1073.76+fips1",
"5.4.0-1074.77+fips1",
"5.4.0-1076.79+fips1",
"5.4.0-1078.81+fips1",
"5.4.0-1080.83+fips1",
"5.4.0-1083.87+fips1",
"5.4.0-1085.90+fips1",
"5.4.0-1086.91+fips1",
"5.4.0-1089.94+fips1",
"5.4.0-1090.95+fips1",
"5.4.0-1091.96+fips1",
"5.4.0-1094.100+fips1",
"5.4.0-1095.101+fips1",
"5.4.0-1098.104+fips1",
"5.4.0-1100.106+fips1",
"5.4.0-1101.107+fips1",
"5.4.0-1103.109+fips1",
"5.4.0-1104.110+fips1",
"5.4.0-1105.111+fips1",
"5.4.0-1106.112+fips1",
"5.4.0-1107.113+fips1",
"5.4.0-1108.114+fips1",
"5.4.0-1109.115+fips1",
"5.4.0-1110.116+fips1",
"5.4.0-1111.117+fips1",
"5.4.0-1112.118+fips1",
"5.4.0-1113.119+fips1",
"5.4.0-1114.120+fips1",
"5.4.0-1115.122+fips1",
"5.4.0-1116.123+fips1",
"5.4.0-1117.124+fips1",
"5.4.0-1118.125+fips1",
"5.4.0-1119.126+fips1",
"5.4.0-1121.128+fips1",
"5.4.0-1122.129+fips1",
"5.4.0-1123.130+fips1",
"5.4.0-1124.131+fips1",
"5.4.0-1126.133+fips1",
"5.4.0-1127.134+fips1",
"5.4.0-1128.135+fips1",
"5.4.0-1129.136+fips1",
"5.4.0-1130.137+fips1",
"5.4.0-1131.138+fips1",
"5.4.0-1132.139+fips1",
"5.4.0-1133.140+fips1",
"5.4.0-1134.141+fips1",
"5.4.0-1135.142+fips1",
"5.4.0-1136.143+fips1",
"5.4.0-1137.144+fips1",
"5.4.0-1138.145+fips1",
"5.4.0-1139.146+fips1",
"5.4.0-1140.147+fips1",
"5.4.0-1142.149+fips1",
"5.4.0-1143.150+fips1",
"5.4.0-1145.152+fips1",
"5.4.0-1147.154+fips1",
"5.4.0-1148.156+fips1",
"5.4.0-1149.157+fips1",
"5.4.0-1151.158+fips1",
"5.4.0-1152.159+fips1",
"5.4.0-1153.160+fips1",
"5.4.0-1154.161+fips1",
"5.4.0-1155.162+fips1",
"5.4.0-1157.164+fips1",
"5.4.0-1158.165+fips1",
"5.4.0-1160.166+fips1",
"5.4.0-1161.167+fips1",
"5.4.0-1162.168+fips1",
"5.4.0-1163.169+fips1",
"5.4.0-1164.170+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1134-fips",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-fips-headers-5.4.0-1134",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-fips-tools-5.4.0-1134",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-fips-tools-host",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-headers-5.4.0-1134-fips",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1134-fips",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1134-fips",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-modules-5.4.0-1134-fips",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-modules-extra-5.4.0-1134-fips",
"binary_version": "5.4.0-1134.144"
},
{
"binary_name": "linux-tools-5.4.0-1134-fips",
"binary_version": "5.4.0-1134.144"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@5.4.0-1134.144?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1026.30",
"5.4.0-1028.32",
"5.4.0-1031.36",
"5.4.0-1032.37",
"5.4.0-1033.38",
"5.4.0-1034.40",
"5.4.0-1035.41",
"5.4.0-1036.42",
"5.4.0-1037.43",
"5.4.0-1038.44",
"5.4.0-1040.46",
"5.4.0-1041.47",
"5.4.0-1042.48",
"5.4.0-1043.49",
"5.4.0-1045.51",
"5.4.0-1046.52",
"5.4.0-1047.53",
"5.4.0-1048.54",
"5.4.0-1049.55",
"5.4.0-1051.57",
"5.4.0-1054.61",
"5.4.0-1056.64",
"5.4.0-1057.65",
"5.4.0-1059.67",
"5.4.0-1060.68",
"5.4.0-1061.69",
"5.4.0-1062.70",
"5.4.0-1064.73",
"5.4.0-1065.74",
"5.4.0-1068.77",
"5.4.0-1069.78",
"5.4.0-1070.79",
"5.4.0-1072.81",
"5.4.0-1073.82",
"5.4.0-1074.83",
"5.4.0-1075.84",
"5.4.0-1076.85",
"5.4.0-1077.86",
"5.4.0-1078.87",
"5.4.0-1079.88",
"5.4.0-1080.89",
"5.4.0-1081.90",
"5.4.0-1082.91",
"5.4.0-1083.92",
"5.4.0-1084.93",
"5.4.0-1085.94",
"5.4.0-1086.95",
"5.4.0-1087.96",
"5.4.0-1088.97",
"5.4.0-1089.98",
"5.4.0-1090.100",
"5.4.0-1091.101",
"5.4.0-1092.102",
"5.4.0-1094.104",
"5.4.0-1095.105",
"5.4.0-1096.106",
"5.4.0-1097.107",
"5.4.0-1098.108",
"5.4.0-1099.109",
"5.4.0-1100.110",
"5.4.0-1101.111",
"5.4.0-1102.112",
"5.4.0-1103.113",
"5.4.0-1104.114",
"5.4.0-1105.115",
"5.4.0-1106.116",
"5.4.0-1107.117",
"5.4.0-1108.118",
"5.4.0-1109.119",
"5.4.0-1110.120",
"5.4.0-1111.121",
"5.4.0-1112.122",
"5.4.0-1116.126",
"5.4.0-1117.127",
"5.4.0-1118.128",
"5.4.0-1119.129",
"5.4.0-1120.130",
"5.4.0-1121.131",
"5.4.0-1122.132",
"5.4.0-1123.133",
"5.4.0-1124.134",
"5.4.0-1125.135",
"5.4.0-1126.136",
"5.4.0-1127.137",
"5.4.0-1128.138",
"5.4.0-1130.140",
"5.4.0-1131.141",
"5.4.0-1132.142",
"5.4.0-1133.143",
"5.4.0-1134.144"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1163-gcp-fips",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-gcp-fips-headers-5.4.0-1163",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-gcp-fips-tools-5.4.0-1163",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-headers-5.4.0-1163-gcp-fips",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1163-gcp-fips",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1163-gcp-fips",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-modules-5.4.0-1163-gcp-fips",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1163-gcp-fips",
"binary_version": "5.4.0-1163.172+fips1"
},
{
"binary_name": "linux-tools-5.4.0-1163-gcp-fips",
"binary_version": "5.4.0-1163.172+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:20.04:LTS",
"name": "linux-gcp-fips",
"purl": "pkg:deb/ubuntu/linux-gcp-fips@5.4.0-1163.172+fips1?arch=source\u0026distro=fips-updates/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1021.21+fips1",
"5.4.0-1067.71~20.04.1",
"5.4.0-1069.73+fips2",
"5.4.0-1071.75+fips1",
"5.4.0-1073.78+fips1",
"5.4.0-1075.80+fips1",
"5.4.0-1078.84+fips1",
"5.4.0-1080.87+fips1",
"5.4.0-1081.88+fips1",
"5.4.0-1086.94+fips1",
"5.4.0-1087.95+fips1",
"5.4.0-1089.97+fips1",
"5.4.0-1092.101+fips1",
"5.4.0-1093.102+fips1",
"5.4.0-1096.105+fips1",
"5.4.0-1097.106+fips1",
"5.4.0-1098.107+fips1",
"5.4.0-1100.109+fips1",
"5.4.0-1101.110+fips1",
"5.4.0-1102.111+fips1",
"5.4.0-1103.112+fips1",
"5.4.0-1104.113+fips1",
"5.4.0-1105.114+fips1",
"5.4.0-1106.115+fips1",
"5.4.0-1107.116+fips1",
"5.4.0-1108.117+fips1",
"5.4.0-1109.118+fips1",
"5.4.0-1110.119+fips1",
"5.4.0-1111.120+fips1",
"5.4.0-1112.121+fips1",
"5.4.0-1113.122+fips1",
"5.4.0-1115.124+fips1",
"5.4.0-1116.125+fips1",
"5.4.0-1117.126+fips1",
"5.4.0-1118.127+fips1",
"5.4.0-1120.129+fips1",
"5.4.0-1121.130+fips1",
"5.4.0-1122.131+fips1",
"5.4.0-1124.133+fips1",
"5.4.0-1125.134+fips1",
"5.4.0-1126.135+fips1",
"5.4.0-1127.136+fips1",
"5.4.0-1128.137+fips1",
"5.4.0-1129.138+fips1",
"5.4.0-1130.139+fips1",
"5.4.0-1131.140+fips1",
"5.4.0-1132.141+fips1",
"5.4.0-1133.142+fips1",
"5.4.0-1134.143+fips1",
"5.4.0-1135.144+fips1",
"5.4.0-1136.145+fips1",
"5.4.0-1137.146+fips1",
"5.4.0-1138.147+fips1",
"5.4.0-1139.148+fips1",
"5.4.0-1140.149+fips1",
"5.4.0-1141.150+fips1",
"5.4.0-1142.151+fips1",
"5.4.0-1143.152+fips1",
"5.4.0-1145.154+fips1",
"5.4.0-1146.155+fips1",
"5.4.0-1147.156+fips1",
"5.4.0-1148.157+fips1",
"5.4.0-1149.158+fips1",
"5.4.0-1150.159+fips1",
"5.4.0-1151.160+fips1",
"5.4.0-1152.161+fips1",
"5.4.0-1153.162+fips1",
"5.4.0-1154.163+fips1",
"5.4.0-1155.164+fips1",
"5.4.0-1156.165+fips1",
"5.4.0-1157.166+fips1",
"5.4.0-1159.168+fips1",
"5.4.0-1160.169+fips1",
"5.4.0-1161.170+fips1",
"5.4.0-1162.171+fips1",
"5.4.0-1163.172+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-fips-headers-5.4.0-1021",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-aws-fips-tools-5.4.0-1021",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-buildinfo-5.4.0-1021-aws-fips",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-headers-5.4.0-1021-aws-fips",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1021-aws-fips",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1021-aws-fips",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-modules-5.4.0-1021-aws-fips",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-modules-extra-5.4.0-1021-aws-fips",
"binary_version": "5.4.0-1021.21+fips2"
},
{
"binary_name": "linux-tools-5.4.0-1021-aws-fips",
"binary_version": "5.4.0-1021.21+fips2"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "linux-aws-fips",
"purl": "pkg:deb/ubuntu/linux-aws-fips@5.4.0-1021.21+fips2?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1021.21+fips2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-5.4.0-1022",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-azure-fips-headers-5.4.0-1022",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-azure-fips-tools-5.4.0-1022",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-buildinfo-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-cloud-tools-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-headers-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-modules-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
},
{
"binary_name": "linux-tools-5.4.0-1022-azure-fips",
"binary_version": "5.4.0-1022.22+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "linux-azure-fips",
"purl": "pkg:deb/ubuntu/linux-azure-fips@5.4.0-1022.22+fips1?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1022.22+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1007-fips",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-fips-headers-5.4.0-1007",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-fips-tools-5.4.0-1007",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-fips-tools-host",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-headers-5.4.0-1007-fips",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1007-fips",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1007-fips",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-modules-5.4.0-1007-fips",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-modules-extra-5.4.0-1007-fips",
"binary_version": "5.4.0-1007.8"
},
{
"binary_name": "linux-tools-5.4.0-1007-fips",
"binary_version": "5.4.0-1007.8"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@5.4.0-1007.8?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1007.8"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.4.0-1021-gcp-fips",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-gcp-fips-headers-5.4.0-1021",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-gcp-fips-tools-5.4.0-1021",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-headers-5.4.0-1021-gcp-fips",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-image-unsigned-5.4.0-1021-gcp-fips",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.4.0-1021-gcp-fips",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-modules-5.4.0-1021-gcp-fips",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-modules-extra-5.4.0-1021-gcp-fips",
"binary_version": "5.4.0-1021.21+fips1"
},
{
"binary_name": "linux-tools-5.4.0-1021-gcp-fips",
"binary_version": "5.4.0-1021.21+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS:20.04:LTS",
"name": "linux-gcp-fips",
"purl": "pkg:deb/ubuntu/linux-gcp-fips@5.4.0-1021.21+fips1?arch=source\u0026distro=fips/focal"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.4.0-1021.21+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-buildinfo-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-buildinfo-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-cloud-tools-5.15.0-185",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-cloud-tools-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-cloud-tools-common",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-headers-5.15.0-185",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-headers-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-headers-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-headers-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-image-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-image-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-image-unsigned-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-image-unsigned-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-modules-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-modules-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-modules-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-modules-extra-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-source-5.15.0",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-tools-5.15.0-185",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-tools-5.15.0-185-generic",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-tools-5.15.0-185-generic-64k",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-tools-5.15.0-185-generic-lpae",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-tools-common",
"binary_version": "5.15.0-185.195"
},
{
"binary_name": "linux-tools-host",
"binary_version": "5.15.0-185.195"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux",
"purl": "pkg:deb/ubuntu/linux@5.15.0-185.195?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-19.19",
"5.15.0-17.17",
"5.15.0-18.18",
"5.15.0-22.22",
"5.15.0-23.23",
"5.15.0-25.25",
"5.15.0-27.28",
"5.15.0-30.31",
"5.15.0-33.34",
"5.15.0-35.36",
"5.15.0-37.39",
"5.15.0-39.42",
"5.15.0-40.43",
"5.15.0-41.44",
"5.15.0-43.46",
"5.15.0-46.49",
"5.15.0-47.51",
"5.15.0-48.54",
"5.15.0-50.56",
"5.15.0-52.58",
"5.15.0-53.59",
"5.15.0-56.62",
"5.15.0-57.63",
"5.15.0-58.64",
"5.15.0-60.66",
"5.15.0-67.74",
"5.15.0-69.76",
"5.15.0-70.77",
"5.15.0-71.78",
"5.15.0-72.79",
"5.15.0-73.80",
"5.15.0-75.82",
"5.15.0-76.83",
"5.15.0-78.85",
"5.15.0-79.86",
"5.15.0-82.91",
"5.15.0-83.92",
"5.15.0-84.93",
"5.15.0-86.96",
"5.15.0-87.97",
"5.15.0-88.98",
"5.15.0-89.99",
"5.15.0-91.101",
"5.15.0-92.102",
"5.15.0-94.104",
"5.15.0-97.107",
"5.15.0-100.110",
"5.15.0-101.111",
"5.15.0-102.112",
"5.15.0-105.115",
"5.15.0-106.116",
"5.15.0-107.117",
"5.15.0-112.122",
"5.15.0-113.123",
"5.15.0-116.126",
"5.15.0-117.127",
"5.15.0-118.128",
"5.15.0-119.129",
"5.15.0-121.131",
"5.15.0-122.132",
"5.15.0-124.134",
"5.15.0-125.135",
"5.15.0-126.136",
"5.15.0-127.137",
"5.15.0-128.138",
"5.15.0-130.140",
"5.15.0-131.141",
"5.15.0-133.144",
"5.15.0-134.145",
"5.15.0-135.146",
"5.15.0-136.147",
"5.15.0-138.148",
"5.15.0-139.149",
"5.15.0-140.150",
"5.15.0-141.151",
"5.15.0-142.152",
"5.15.0-143.153",
"5.15.0-144.157",
"5.15.0-151.161",
"5.15.0-152.162",
"5.15.0-153.163",
"5.15.0-156.166",
"5.15.0-157.167",
"5.15.0-160.170",
"5.15.0-161.171",
"5.15.0-163.173",
"5.15.0-164.174",
"5.15.0-168.178",
"5.15.0-170.180",
"5.15.0-171.181",
"5.15.0-173.183",
"5.15.0-174.184",
"5.15.0-176.186",
"5.15.0-177.187",
"5.15.0-179.189",
"5.15.0-181.191",
"5.15.0-185.195"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-allwinner-5.19-headers-5.19.0-1015",
"binary_version": "5.19.0-1015.15~22.04.1"
},
{
"binary_name": "linux-allwinner-5.19-tools-5.19.0-1015",
"binary_version": "5.19.0-1015.15~22.04.1"
},
{
"binary_name": "linux-buildinfo-5.19.0-1015-allwinner",
"binary_version": "5.19.0-1015.15~22.04.1"
},
{
"binary_name": "linux-headers-5.19.0-1015-allwinner",
"binary_version": "5.19.0-1015.15~22.04.1"
},
{
"binary_name": "linux-image-5.19.0-1015-allwinner",
"binary_version": "5.19.0-1015.15~22.04.1"
},
{
"binary_name": "linux-modules-5.19.0-1015-allwinner",
"binary_version": "5.19.0-1015.15~22.04.1"
},
{
"binary_name": "linux-modules-extra-5.19.0-1015-allwinner",
"binary_version": "5.19.0-1015.15~22.04.1"
},
{
"binary_name": "linux-tools-5.19.0-1015-allwinner",
"binary_version": "5.19.0-1015.15~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-allwinner-5.19",
"purl": "pkg:deb/ubuntu/linux-allwinner-5.19@5.19.0-1015.15~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1007.7~22.04.1",
"5.19.0-1009.9~22.04.1",
"5.19.0-1010.10~22.04.1",
"5.19.0-1011.11~22.04.1",
"5.19.0-1012.12~22.04.1",
"5.19.0-1013.13~22.04.1",
"5.19.0-1014.14~22.04.1",
"5.19.0-1015.15~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-aws-headers-5.15.0-1111",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-aws-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-buildinfo-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-buildinfo-5.15.0-1111-aws-64k",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1111-aws-64k",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-headers-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-headers-5.15.0-1111-aws-64k",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1111-aws-64k",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-modules-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-modules-5.15.0-1111-aws-64k",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-modules-extra-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-modules-extra-5.15.0-1111-aws-64k",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-tools-5.15.0-1111-aws",
"binary_version": "5.15.0-1111.118"
},
{
"binary_name": "linux-tools-5.15.0-1111-aws-64k",
"binary_version": "5.15.0-1111.118"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@5.15.0-1111.118?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1005.6",
"5.15.0-1002.4",
"5.15.0-1003.5",
"5.15.0-1004.6",
"5.15.0-1005.7",
"5.15.0-1008.10",
"5.15.0-1009.11",
"5.15.0-1011.14",
"5.15.0-1013.17",
"5.15.0-1014.18",
"5.15.0-1015.19",
"5.15.0-1017.21",
"5.15.0-1019.23",
"5.15.0-1020.24",
"5.15.0-1021.25",
"5.15.0-1022.26",
"5.15.0-1023.27",
"5.15.0-1026.30",
"5.15.0-1027.31",
"5.15.0-1028.32",
"5.15.0-1030.34",
"5.15.0-1031.35",
"5.15.0-1033.37",
"5.15.0-1034.38",
"5.15.0-1035.39",
"5.15.0-1036.40",
"5.15.0-1037.41",
"5.15.0-1038.43",
"5.15.0-1039.44",
"5.15.0-1040.45",
"5.15.0-1042.47",
"5.15.0-1043.48",
"5.15.0-1044.49",
"5.15.0-1045.50",
"5.15.0-1047.52",
"5.15.0-1048.53",
"5.15.0-1049.54",
"5.15.0-1050.55",
"5.15.0-1051.56",
"5.15.0-1052.57",
"5.15.0-1053.58",
"5.15.0-1055.60",
"5.15.0-1056.61",
"5.15.0-1057.63",
"5.15.0-1060.66",
"5.15.0-1061.67",
"5.15.0-1062.68",
"5.15.0-1063.69",
"5.15.0-1064.70",
"5.15.0-1065.71",
"5.15.0-1066.72",
"5.15.0-1067.73",
"5.15.0-1068.74",
"5.15.0-1069.75",
"5.15.0-1070.76",
"5.15.0-1071.77",
"5.15.0-1072.78",
"5.15.0-1073.79",
"5.15.0-1076.83",
"5.15.0-1078.85",
"5.15.0-1079.86",
"5.15.0-1080.87",
"5.15.0-1081.88",
"5.15.0-1082.89",
"5.15.0-1083.90",
"5.15.0-1084.91",
"5.15.0-1085.92",
"5.15.0-1086.93",
"5.15.0-1087.94",
"5.15.0-1088.95",
"5.15.0-1089.96",
"5.15.0-1090.97",
"5.15.0-1091.98",
"5.15.0-1092.99",
"5.15.0-1093.100",
"5.15.0-1095.102",
"5.15.0-1096.103",
"5.15.0-1097.104",
"5.15.0-1098.105",
"5.15.0-1099.106",
"5.15.0-1100.107",
"5.15.0-1101.108",
"5.15.0-1103.110",
"5.15.0-1104.111",
"5.15.0-1105.112",
"5.15.0-1106.113",
"5.15.0-1108.115",
"5.15.0-1109.116",
"5.15.0-1111.118"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-5.19-cloud-tools-5.19.0-1029",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-aws-5.19-headers-5.19.0-1029",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-aws-5.19-tools-5.19.0-1029",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-buildinfo-5.19.0-1029-aws",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-cloud-tools-5.19.0-1029-aws",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-headers-5.19.0-1029-aws",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-image-unsigned-5.19.0-1029-aws",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-modules-5.19.0-1029-aws",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-modules-extra-5.19.0-1029-aws",
"binary_version": "5.19.0-1029.30~22.04.1"
},
{
"binary_name": "linux-tools-5.19.0-1029-aws",
"binary_version": "5.19.0-1029.30~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-aws-5.19",
"purl": "pkg:deb/ubuntu/linux-aws-5.19@5.19.0-1029.30~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1019.20~22.04.1",
"5.19.0-1020.21~22.04.1",
"5.19.0-1022.23~22.04.1",
"5.19.0-1023.24~22.04.1",
"5.19.0-1024.25~22.04.1",
"5.19.0-1025.26~22.04.1",
"5.19.0-1026.27~22.04.1",
"5.19.0-1027.28~22.04.1",
"5.19.0-1028.29~22.04.1",
"5.19.0-1029.30~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-6.2-cloud-tools-6.2.0-1018",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-aws-6.2-headers-6.2.0-1018",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-aws-6.2-tools-6.2.0-1018",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.2.0-1018-aws",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.2.0-1018-aws",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-1018-aws",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.2.0-1018-aws",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-1018-aws",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.2.0-1018-aws",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-1018-aws",
"binary_version": "6.2.0-1018.18~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-aws-6.2",
"purl": "pkg:deb/ubuntu/linux-aws-6.2@6.2.0-1018.18~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-1005.5~22.04.1",
"6.2.0-1006.6~22.04.1",
"6.2.0-1007.7~22.04.1",
"6.2.0-1008.8~22.04.1",
"6.2.0-1009.9~22.04.3",
"6.2.0-1010.10~22.04.1",
"6.2.0-1011.11~22.04.1",
"6.2.0-1012.12~22.04.1",
"6.2.0-1013.13~22.04.1",
"6.2.0-1014.14~22.04.1",
"6.2.0-1015.15~22.04.1",
"6.2.0-1016.16~22.04.1",
"6.2.0-1017.17~22.04.1",
"6.2.0-1018.18~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-6.5-cloud-tools-6.5.0-1024",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-aws-6.5-headers-6.5.0-1024",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-aws-6.5-tools-6.5.0-1024",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.5.0-1024-aws",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.5.0-1024-aws",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-1024-aws",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1024-aws",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-1024-aws",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-1024-aws",
"binary_version": "6.5.0-1024.24~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-1024-aws",
"binary_version": "6.5.0-1024.24~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-aws-6.5",
"purl": "pkg:deb/ubuntu/linux-aws-6.5@6.5.0-1024.24~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1008.8~22.04.1",
"6.5.0-1010.10~22.04.1",
"6.5.0-1011.11~22.04.1",
"6.5.0-1012.12~22.04.1",
"6.5.0-1014.14~22.04.1",
"6.5.0-1015.15~22.04.1",
"6.5.0-1016.16~22.04.1",
"6.5.0-1017.17~22.04.2",
"6.5.0-1018.18~22.04.1",
"6.5.0-1020.20~22.04.1",
"6.5.0-1021.21~22.04.1",
"6.5.0-1022.22~22.04.1",
"6.5.0-1023.23~22.04.1",
"6.5.0-1024.24~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-6.8-cloud-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-aws-6.8-headers-6.8.0-1060",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-aws-6.8-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-aws-6.8",
"purl": "pkg:deb/ubuntu/linux-aws-6.8@6.8.0-1060.63~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1009.9~22.04.2",
"6.8.0-1010.10~22.04.2",
"6.8.0-1011.12~22.04.1",
"6.8.0-1013.14~22.04.1",
"6.8.0-1014.15~22.04.1",
"6.8.0-1015.16~22.04.1",
"6.8.0-1016.17~22.04.2",
"6.8.0-1017.18~22.04.1",
"6.8.0-1018.19~22.04.1",
"6.8.0-1019.21~22.04.1",
"6.8.0-1020.22~22.04.1",
"6.8.0-1021.23~22.04.1",
"6.8.0-1023.25~22.04.1",
"6.8.0-1024.26~22.04.1",
"6.8.0-1027.29~22.04.1",
"6.8.0-1028.30~22.04.1",
"6.8.0-1029.31~22.04.1",
"6.8.0-1030.32~22.04.1",
"6.8.0-1031.33~22.04.1",
"6.8.0-1032.34~22.04.1",
"6.8.0-1033.35~22.04.1",
"6.8.0-1035.37~22.04.1",
"6.8.0-1036.38~22.04.1",
"6.8.0-1039.41~22.04.1",
"6.8.0-1040.42~22.04.1",
"6.8.0-1041.43~22.04.1",
"6.8.0-1042.44~22.04.1",
"6.8.0-1043.45~22.04.1",
"6.8.0-1044.46~22.04.1",
"6.8.0-1045.47~22.04.1",
"6.8.0-1046.49~22.04.1",
"6.8.0-1047.50~22.04.1",
"6.8.0-1050.53~22.04.1",
"6.8.0-1051.54~22.04.1",
"6.8.0-1052.55~22.04.1",
"6.8.0-1053.56~22.04.1",
"6.8.0-1055.58~22.04.1",
"6.8.0-1057.60~22.04.1",
"6.8.0-1060.63~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-azure-headers-5.15.0-1116",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-azure-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-buildinfo-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-headers-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-modules-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-modules-extra-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-modules-involflt-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-tools-5.15.0-1116-azure",
"binary_version": "5.15.0-1116.125"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@5.15.0-1116.125?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1006.7",
"5.15.0-1001.2",
"5.15.0-1002.3",
"5.15.0-1003.4",
"5.15.0-1005.6",
"5.15.0-1007.8",
"5.15.0-1008.9",
"5.15.0-1010.12",
"5.15.0-1012.15",
"5.15.0-1013.16",
"5.15.0-1014.17",
"5.15.0-1017.20",
"5.15.0-1019.24",
"5.15.0-1020.25",
"5.15.0-1021.26",
"5.15.0-1022.27",
"5.15.0-1023.29",
"5.15.0-1024.30",
"5.15.0-1029.36",
"5.15.0-1030.37",
"5.15.0-1031.38",
"5.15.0-1033.40",
"5.15.0-1034.41",
"5.15.0-1035.42",
"5.15.0-1036.43",
"5.15.0-1037.44",
"5.15.0-1038.45",
"5.15.0-1039.46",
"5.15.0-1040.47",
"5.15.0-1041.48",
"5.15.0-1042.49",
"5.15.0-1044.51",
"5.15.0-1045.52",
"5.15.0-1046.53",
"5.15.0-1047.54",
"5.15.0-1049.56",
"5.15.0-1050.57",
"5.15.0-1051.59",
"5.15.0-1052.60",
"5.15.0-1053.61",
"5.15.0-1054.62",
"5.15.0-1056.64",
"5.15.0-1057.65",
"5.15.0-1058.66",
"5.15.0-1059.67",
"5.15.0-1060.69",
"5.15.0-1061.70",
"5.15.0-1063.72",
"5.15.0-1064.73",
"5.15.0-1066.75",
"5.15.0-1067.76",
"5.15.0-1068.77",
"5.15.0-1070.79",
"5.15.0-1071.80",
"5.15.0-1072.81",
"5.15.0-1073.82",
"5.15.0-1074.83",
"5.15.0-1075.84",
"5.15.0-1078.87",
"5.15.0-1079.88",
"5.15.0-1081.90",
"5.15.0-1082.91",
"5.15.0-1084.93",
"5.15.0-1086.95",
"5.15.0-1087.96",
"5.15.0-1088.97",
"5.15.0-1089.98",
"5.15.0-1090.99",
"5.15.0-1091.100",
"5.15.0-1092.101",
"5.15.0-1094.103",
"5.15.0-1095.104",
"5.15.0-1096.105",
"5.15.0-1097.106",
"5.15.0-1098.107",
"5.15.0-1099.108",
"5.15.0-1101.110",
"5.15.0-1102.111",
"5.15.0-1103.112",
"5.15.0-1109.118",
"5.15.0-1110.119",
"5.15.0-1111.120",
"5.15.0-1114.123",
"5.15.0-1116.125"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-5.19-cloud-tools-5.19.0-1027",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-azure-5.19-headers-5.19.0-1027",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-azure-5.19-tools-5.19.0-1027",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-buildinfo-5.19.0-1027-azure",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-cloud-tools-5.19.0-1027-azure",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-headers-5.19.0-1027-azure",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-image-unsigned-5.19.0-1027-azure",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-modules-5.19.0-1027-azure",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-modules-extra-5.19.0-1027-azure",
"binary_version": "5.19.0-1027.30~22.04.2"
},
{
"binary_name": "linux-tools-5.19.0-1027-azure",
"binary_version": "5.19.0-1027.30~22.04.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-5.19",
"purl": "pkg:deb/ubuntu/linux-azure-5.19@5.19.0-1027.30~22.04.2?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1020.21~22.04.1",
"5.19.0-1021.22~22.04.1",
"5.19.0-1022.23~22.04.1",
"5.19.0-1023.24~22.04.1",
"5.19.0-1025.28~22.04.1",
"5.19.0-1026.29~22.04.1",
"5.19.0-1027.30~22.04.2"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-6.2-cloud-tools-6.2.0-1019",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-azure-6.2-headers-6.2.0-1019",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-azure-6.2-tools-6.2.0-1019",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.2.0-1019-azure",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.2.0-1019-azure",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-1019-azure",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.2.0-1019-azure",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-1019-azure",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.2.0-1019-azure",
"binary_version": "6.2.0-1019.19~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-1019-azure",
"binary_version": "6.2.0-1019.19~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-6.2",
"purl": "pkg:deb/ubuntu/linux-azure-6.2@6.2.0-1019.19~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-1005.5~22.04.1",
"6.2.0-1006.6~22.04.1",
"6.2.0-1007.7~22.04.1",
"6.2.0-1008.8~22.04.1",
"6.2.0-1009.9~22.04.3",
"6.2.0-1011.11~22.04.1",
"6.2.0-1012.12~22.04.1",
"6.2.0-1014.14~22.04.1",
"6.2.0-1015.15~22.04.1",
"6.2.0-1016.16~22.04.1",
"6.2.0-1017.17~22.04.1",
"6.2.0-1018.18~22.04.1",
"6.2.0-1019.19~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-6.5-cloud-tools-6.5.0-1025",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-azure-6.5-headers-6.5.0-1025",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-azure-6.5-tools-6.5.0-1025",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.5.0-1025-azure",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.5.0-1025-azure",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-1025-azure",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1025-azure",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-1025-azure",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-1025-azure",
"binary_version": "6.5.0-1025.26~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-1025-azure",
"binary_version": "6.5.0-1025.26~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-6.5",
"purl": "pkg:deb/ubuntu/linux-azure-6.5@6.5.0-1025.26~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1007.7~22.04.1",
"6.5.0-1009.9~22.04.1",
"6.5.0-1010.10~22.04.1",
"6.5.0-1011.11~22.04.1",
"6.5.0-1015.15~22.04.1",
"6.5.0-1016.16~22.04.1",
"6.5.0-1017.17~22.04.1",
"6.5.0-1018.19~22.04.2",
"6.5.0-1019.20~22.04.1",
"6.5.0-1021.22~22.04.1",
"6.5.0-1022.23~22.04.1",
"6.5.0-1023.24~22.04.1",
"6.5.0-1024.25~22.04.1",
"6.5.0-1025.26~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-6.8-cloud-tools-6.8.0-1062",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-azure-6.8-headers-6.8.0-1062",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-azure-6.8-tools-6.8.0-1062",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-modules-involflt-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-6.8",
"purl": "pkg:deb/ubuntu/linux-azure-6.8@6.8.0-1062.69~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1008.8~22.04.1",
"6.8.0-1009.9~22.04.1",
"6.8.0-1010.10~22.04.1",
"6.8.0-1012.14~22.04.1",
"6.8.0-1013.15~22.04.1",
"6.8.0-1014.16~22.04.1",
"6.8.0-1015.17~22.04.2",
"6.8.0-1017.20~22.04.1",
"6.8.0-1018.21~22.04.1",
"6.8.0-1020.23~22.04.1",
"6.8.0-1021.25~22.04.1",
"6.8.0-1025.30~22.04.1",
"6.8.0-1026.31~22.04.1",
"6.8.0-1027.32~22.04.1",
"6.8.0-1028.33~22.04.1",
"6.8.0-1029.34~22.04.1",
"6.8.0-1030.35~22.04.1",
"6.8.0-1031.36~22.04.1",
"6.8.0-1034.39~22.04.1",
"6.8.0-1036.42~22.04.1",
"6.8.0-1040.46~22.04.1",
"6.8.0-1041.47~22.04.1",
"6.8.0-1044.50~22.04.1",
"6.8.0-1051.57~22.04.1",
"6.8.0-1052.58~22.04.1",
"6.8.0-1059.65~22.04.1",
"6.8.0-1062.69~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-cloud-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-azure-fde-headers-5.15.0-1116",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-azure-fde-tools-5.15.0-1116",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-buildinfo-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-headers-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-modules-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-modules-extra-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-modules-involflt-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
},
{
"binary_name": "linux-tools-5.15.0-1116-azure-fde",
"binary_version": "5.15.0-1116.125"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-fde",
"purl": "pkg:deb/ubuntu/linux-azure-fde@5.15.0-1116.125?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1019.24.1",
"5.15.0-1024.30.1",
"5.15.0-1029.36.1",
"5.15.0-1030.37.1",
"5.15.0-1031.38.1",
"5.15.0-1033.40.1",
"5.15.0-1034.41.1",
"5.15.0-1035.42.1",
"5.15.0-1036.43.1",
"5.15.0-1037.44.1",
"5.15.0-1038.45.1",
"5.15.0-1039.46.1",
"5.15.0-1041.48.1",
"5.15.0-1042.49.1",
"5.15.0-1044.51.1",
"5.15.0-1045.52.1",
"5.15.0-1046.53.1",
"5.15.0-1047.54.1",
"5.15.0-1049.56.1",
"5.15.0-1050.57.1",
"5.15.0-1051.59.1",
"5.15.0-1052.60.1",
"5.15.0-1053.61.1",
"5.15.0-1054.62.1",
"5.15.0-1056.64.1",
"5.15.0-1057.65.1",
"5.15.0-1058.66.1",
"5.15.0-1059.67.1",
"5.15.0-1060.69.1",
"5.15.0-1061.70.1",
"5.15.0-1063.72.1",
"5.15.0-1064.73.1",
"5.15.0-1065.74.1",
"5.15.0-1067.76.1",
"5.15.0-1068.77.1",
"5.15.0-1070.79.1",
"5.15.0-1071.80.1",
"5.15.0-1072.81.1",
"5.15.0-1073.82.1",
"5.15.0-1076.85.1",
"5.15.0-1078.87.1",
"5.15.0-1081.90.1",
"5.15.0-1082.91.1",
"5.15.0-1084.93.1",
"5.15.0-1086.95.1",
"5.15.0-1087.96.1",
"5.15.0-1088.97.1",
"5.15.0-1089.98.1",
"5.15.0-1090.99.1",
"5.15.0-1091.100.1",
"5.15.0-1092.101.1",
"5.15.0-1094.103.1",
"5.15.0-1095.104.1",
"5.15.0-1096.105.1",
"5.15.0-1097.106.1",
"5.15.0-1098.107.1",
"5.15.0-1102.111.1",
"5.15.0-1109.118.1",
"5.15.0-1110.119.1",
"5.15.0-1111.120.1",
"5.15.0-1114.123",
"5.15.0-1116.125"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-image-unsigned-5.19.0-1027-azure-fde",
"binary_version": "5.19.0-1027.30~22.04.2.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-fde-5.19",
"purl": "pkg:deb/ubuntu/linux-azure-fde-5.19@5.19.0-1027.30~22.04.2.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1025.28~22.04.1.1",
"5.19.0-1026.29~22.04.1.1",
"5.19.0-1027.30~22.04.2.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-image-unsigned-6.2.0-1019-azure-fde",
"binary_version": "6.2.0-1019.19~22.04.1.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-fde-6.2",
"purl": "pkg:deb/ubuntu/linux-azure-fde-6.2@6.2.0-1019.19~22.04.1.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-1008.8~22.04.1.1",
"6.2.0-1009.9~22.04.3.1",
"6.2.0-1011.11~22.04.1.1",
"6.2.0-1012.12~22.04.1.1",
"6.2.0-1014.14~22.04.1.1",
"6.2.0-1015.15~22.04.1.1",
"6.2.0-1016.16~22.04.1.1",
"6.2.0-1017.17~22.04.1.1",
"6.2.0-1018.18~22.04.1.1",
"6.2.0-1019.19~22.04.1.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-6.8-cloud-tools-6.8.0-1061",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-azure-fde-6.8-headers-6.8.0-1061",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-azure-fde-6.8-tools-6.8.0-1061",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-modules-involflt-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-azure-fde-6.8",
"purl": "pkg:deb/ubuntu/linux-azure-fde-6.8@6.8.0-1061.68~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1041.48~22.04.1",
"6.8.0-1042.49~22.04.1",
"6.8.0-1044.51~22.04.1",
"6.8.0-1046.53~22.04.1",
"6.8.0-1053.60~22.04.1",
"6.8.0-1058.65~22.04.1",
"6.8.0-1061.68~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121"
},
{
"binary_name": "linux-gcp-headers-5.15.0-1111",
"binary_version": "5.15.0-1111.121"
},
{
"binary_name": "linux-gcp-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.121"
},
{
"binary_name": "linux-headers-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121"
},
{
"binary_name": "linux-modules-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121"
},
{
"binary_name": "linux-modules-extra-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121"
},
{
"binary_name": "linux-tools-5.15.0-1111-gcp",
"binary_version": "5.15.0-1111.121"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-gcp",
"purl": "pkg:deb/ubuntu/linux-gcp@5.15.0-1111.121?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1005.6",
"5.15.0-1001.3",
"5.15.0-1002.5",
"5.15.0-1003.6",
"5.15.0-1004.7",
"5.15.0-1005.8",
"5.15.0-1006.9",
"5.15.0-1008.12",
"5.15.0-1010.15",
"5.15.0-1013.18",
"5.15.0-1016.21",
"5.15.0-1017.23",
"5.15.0-1018.24",
"5.15.0-1019.25",
"5.15.0-1021.28",
"5.15.0-1022.29",
"5.15.0-1025.32",
"5.15.0-1026.33",
"5.15.0-1027.34",
"5.15.0-1029.36",
"5.15.0-1030.37",
"5.15.0-1031.38",
"5.15.0-1032.40",
"5.15.0-1034.42",
"5.15.0-1035.43",
"5.15.0-1036.44",
"5.15.0-1037.45",
"5.15.0-1038.46",
"5.15.0-1039.47",
"5.15.0-1040.48",
"5.15.0-1041.49",
"5.15.0-1042.50",
"5.15.0-1044.52",
"5.15.0-1045.53",
"5.15.0-1046.54",
"5.15.0-1047.55",
"5.15.0-1048.56",
"5.15.0-1049.57",
"5.15.0-1051.59",
"5.15.0-1052.60",
"5.15.0-1053.61",
"5.15.0-1054.62",
"5.15.0-1055.63",
"5.15.0-1058.66",
"5.15.0-1059.67",
"5.15.0-1060.68",
"5.15.0-1062.70",
"5.15.0-1063.71",
"5.15.0-1064.72",
"5.15.0-1065.73",
"5.15.0-1066.74",
"5.15.0-1067.75",
"5.15.0-1068.76",
"5.15.0-1069.77",
"5.15.0-1070.78",
"5.15.0-1071.79",
"5.15.0-1072.80",
"5.15.0-1073.81",
"5.15.0-1074.83",
"5.15.0-1075.84",
"5.15.0-1077.86",
"5.15.0-1078.87",
"5.15.0-1079.88",
"5.15.0-1080.89",
"5.15.0-1081.90",
"5.15.0-1082.91",
"5.15.0-1083.92",
"5.15.0-1084.93",
"5.15.0-1085.94",
"5.15.0-1086.95",
"5.15.0-1087.96",
"5.15.0-1088.97",
"5.15.0-1090.99",
"5.15.0-1091.100",
"5.15.0-1092.101",
"5.15.0-1093.102",
"5.15.0-1095.104",
"5.15.0-1096.105",
"5.15.0-1097.106",
"5.15.0-1098.107",
"5.15.0-1099.108",
"5.15.0-1100.109",
"5.15.0-1101.110",
"5.15.0-1103.112",
"5.15.0-1104.113",
"5.15.0-1105.114",
"5.15.0-1106.115",
"5.15.0-1108.117",
"5.15.0-1109.118",
"5.15.0-1111.121"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.19.0-1030-gcp",
"binary_version": "5.19.0-1030.32~22.04.1"
},
{
"binary_name": "linux-gcp-5.19-headers-5.19.0-1030",
"binary_version": "5.19.0-1030.32~22.04.1"
},
{
"binary_name": "linux-gcp-5.19-tools-5.19.0-1030",
"binary_version": "5.19.0-1030.32~22.04.1"
},
{
"binary_name": "linux-headers-5.19.0-1030-gcp",
"binary_version": "5.19.0-1030.32~22.04.1"
},
{
"binary_name": "linux-image-unsigned-5.19.0-1030-gcp",
"binary_version": "5.19.0-1030.32~22.04.1"
},
{
"binary_name": "linux-modules-5.19.0-1030-gcp",
"binary_version": "5.19.0-1030.32~22.04.1"
},
{
"binary_name": "linux-modules-extra-5.19.0-1030-gcp",
"binary_version": "5.19.0-1030.32~22.04.1"
},
{
"binary_name": "linux-tools-5.19.0-1030-gcp",
"binary_version": "5.19.0-1030.32~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-gcp-5.19",
"purl": "pkg:deb/ubuntu/linux-gcp-5.19@5.19.0-1030.32~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1020.22~22.04.2",
"5.19.0-1021.23~22.04.1",
"5.19.0-1022.24~22.04.1",
"5.19.0-1024.26~22.04.1",
"5.19.0-1025.27~22.04.1",
"5.19.0-1026.28~22.04.1",
"5.19.0-1027.29~22.04.1",
"5.19.0-1030.32~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.2.0-1021-gcp",
"binary_version": "6.2.0-1021.23~22.04.1"
},
{
"binary_name": "linux-gcp-6.2-headers-6.2.0-1021",
"binary_version": "6.2.0-1021.23~22.04.1"
},
{
"binary_name": "linux-gcp-6.2-tools-6.2.0-1021",
"binary_version": "6.2.0-1021.23~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-1021-gcp",
"binary_version": "6.2.0-1021.23~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.2.0-1021-gcp",
"binary_version": "6.2.0-1021.23~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-1021-gcp",
"binary_version": "6.2.0-1021.23~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.2.0-1021-gcp",
"binary_version": "6.2.0-1021.23~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-1021-gcp",
"binary_version": "6.2.0-1021.23~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-gcp-6.2",
"purl": "pkg:deb/ubuntu/linux-gcp-6.2@6.2.0-1021.23~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-1009.9~22.04.3",
"6.2.0-1010.10~22.04.1",
"6.2.0-1011.11~22.04.1",
"6.2.0-1011.11~22.04.3",
"6.2.0-1012.12~22.04.1",
"6.2.0-1013.13~22.04.1",
"6.2.0-1014.14~22.04.1",
"6.2.0-1016.18~22.04.1",
"6.2.0-1017.19~22.04.1",
"6.2.0-1018.20~22.04.1",
"6.2.0-1019.21~22.04.1",
"6.2.0-1021.23~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-1025-gcp",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-gcp-6.5-headers-6.5.0-1025",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-gcp-6.5-tools-6.5.0-1025",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-1025-gcp",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1025-gcp",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-1025-gcp",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-1025-gcp",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.5.0-1025-gcp",
"binary_version": "6.5.0-1025.27~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-1025-gcp",
"binary_version": "6.5.0-1025.27~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-gcp-6.5",
"purl": "pkg:deb/ubuntu/linux-gcp-6.5@6.5.0-1025.27~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1010.10~22.04.3",
"6.5.0-1011.11~22.04.1",
"6.5.0-1013.13~22.04.1",
"6.5.0-1014.14~22.04.1",
"6.5.0-1015.15~22.04.1",
"6.5.0-1016.16~22.04.1",
"6.5.0-1017.17~22.04.1",
"6.5.0-1018.18~22.04.1",
"6.5.0-1020.20~22.04.1",
"6.5.0-1022.24~22.04.1",
"6.5.0-1023.25~22.04.1",
"6.5.0-1024.26~22.04.1",
"6.5.0-1025.27~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-gcp-6.8-headers-6.8.0-1063",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-gcp-6.8-tools-6.8.0-1063",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-gcp-6.8",
"purl": "pkg:deb/ubuntu/linux-gcp-6.8@6.8.0-1063.69~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1010.11~22.04.1",
"6.8.0-1011.12~22.04.1",
"6.8.0-1012.13~22.04.1",
"6.8.0-1013.14~22.04.1",
"6.8.0-1014.16~22.04.1",
"6.8.0-1015.17~22.04.1",
"6.8.0-1016.18~22.04.1",
"6.8.0-1017.19~22.04.1",
"6.8.0-1018.20~22.04.1",
"6.8.0-1019.21~22.04.1",
"6.8.0-1020.22~22.04.1",
"6.8.0-1021.23~22.04.1",
"6.8.0-1024.26~22.04.1",
"6.8.0-1025.27~22.04.1",
"6.8.0-1026.28~22.04.1",
"6.8.0-1027.29~22.04.1",
"6.8.0-1028.30~22.04.1",
"6.8.0-1029.31~22.04.1",
"6.8.0-1030.32~22.04.1",
"6.8.0-1031.33~22.04.1",
"6.8.0-1032.34~22.04.1",
"6.8.0-1033.35~22.04.1",
"6.8.0-1034.36~22.04.2",
"6.8.0-1036.38~22.04.1",
"6.8.0-1037.39~22.04.1",
"6.8.0-1040.42~22.04.1",
"6.8.0-1041.43~22.04.1",
"6.8.0-1042.45~22.04.1",
"6.8.0-1043.46~22.04.1",
"6.8.0-1044.47~22.04.1",
"6.8.0-1045.48~22.04.1",
"6.8.0-1046.49~22.04.1",
"6.8.0-1047.50~22.04.2",
"6.8.0-1048.51~22.04.1",
"6.8.0-1052.55~22.04.1",
"6.8.0-1053.56~22.04.1",
"6.8.0-1054.57~22.04.1",
"6.8.0-1058.61~22.04.1",
"6.8.0-1060.63~22.04.1",
"6.8.0-1063.69~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1107-gke",
"binary_version": "5.15.0-1107.113"
},
{
"binary_name": "linux-gke-headers-5.15.0-1107",
"binary_version": "5.15.0-1107.113"
},
{
"binary_name": "linux-gke-tools-5.15.0-1107",
"binary_version": "5.15.0-1107.113"
},
{
"binary_name": "linux-headers-5.15.0-1107-gke",
"binary_version": "5.15.0-1107.113"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1107-gke",
"binary_version": "5.15.0-1107.113"
},
{
"binary_name": "linux-modules-5.15.0-1107-gke",
"binary_version": "5.15.0-1107.113"
},
{
"binary_name": "linux-modules-extra-5.15.0-1107-gke",
"binary_version": "5.15.0-1107.113"
},
{
"binary_name": "linux-tools-5.15.0-1107-gke",
"binary_version": "5.15.0-1107.113"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-gke",
"purl": "pkg:deb/ubuntu/linux-gke@5.15.0-1107.113?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1002.2",
"5.15.0-1003.3",
"5.15.0-1004.5",
"5.15.0-1005.6",
"5.15.0-1006.7",
"5.15.0-1008.10",
"5.15.0-1010.13",
"5.15.0-1011.14",
"5.15.0-1014.17",
"5.15.0-1015.18",
"5.15.0-1016.19",
"5.15.0-1017.20",
"5.15.0-1019.23",
"5.15.0-1020.25",
"5.15.0-1023.28",
"5.15.0-1024.29",
"5.15.0-1027.32",
"5.15.0-1028.33",
"5.15.0-1030.35",
"5.15.0-1031.36",
"5.15.0-1032.37",
"5.15.0-1033.38",
"5.15.0-1034.39",
"5.15.0-1035.40",
"5.15.0-1036.41",
"5.15.0-1037.42",
"5.15.0-1038.43",
"5.15.0-1039.44",
"5.15.0-1040.45",
"5.15.0-1041.46",
"5.15.0-1042.47",
"5.15.0-1044.49",
"5.15.0-1045.50",
"5.15.0-1046.51",
"5.15.0-1047.52",
"5.15.0-1048.53",
"5.15.0-1049.54",
"5.15.0-1050.55",
"5.15.0-1051.56",
"5.15.0-1052.57",
"5.15.0-1053.58",
"5.15.0-1054.59",
"5.15.0-1057.62",
"5.15.0-1058.63",
"5.15.0-1059.64",
"5.15.0-1060.66",
"5.15.0-1061.67",
"5.15.0-1062.68",
"5.15.0-1063.69",
"5.15.0-1064.70",
"5.15.0-1065.71",
"5.15.0-1066.72",
"5.15.0-1067.73",
"5.15.0-1068.74",
"5.15.0-1069.75",
"5.15.0-1070.76",
"5.15.0-1071.77",
"5.15.0-1072.78",
"5.15.0-1073.79",
"5.15.0-1075.81",
"5.15.0-1076.82",
"5.15.0-1077.83",
"5.15.0-1078.84",
"5.15.0-1079.85",
"5.15.0-1080.86",
"5.15.0-1081.87",
"5.15.0-1082.88",
"5.15.0-1083.89",
"5.15.0-1084.90",
"5.15.0-1085.91",
"5.15.0-1086.92",
"5.15.0-1087.93",
"5.15.0-1088.94",
"5.15.0-1089.95",
"5.15.0-1090.96",
"5.15.0-1091.97",
"5.15.0-1092.98",
"5.15.0-1093.99",
"5.15.0-1094.100",
"5.15.0-1095.101",
"5.15.0-1096.102",
"5.15.0-1097.103",
"5.15.0-1099.105",
"5.15.0-1100.106",
"5.15.0-1101.107",
"5.15.0-1102.108",
"5.15.0-1104.110",
"5.15.0-1105.111",
"5.15.0-1107.113"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1094-gkeop",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1094-gkeop",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-gkeop-cloud-tools-5.15.0-1094",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-gkeop-headers-5.15.0-1094",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-gkeop-tools-5.15.0-1094",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-headers-5.15.0-1094-gkeop",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1094-gkeop",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-modules-5.15.0-1094-gkeop",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-modules-extra-5.15.0-1094-gkeop",
"binary_version": "5.15.0-1094.102"
},
{
"binary_name": "linux-tools-5.15.0-1094-gkeop",
"binary_version": "5.15.0-1094.102"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-gkeop",
"purl": "pkg:deb/ubuntu/linux-gkeop@5.15.0-1094.102?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1001.2",
"5.15.0-1002.4",
"5.15.0-1003.5",
"5.15.0-1004.6",
"5.15.0-1005.7",
"5.15.0-1007.10",
"5.15.0-1008.12",
"5.15.0-1011.15",
"5.15.0-1012.16",
"5.15.0-1013.17",
"5.15.0-1015.19",
"5.15.0-1016.21",
"5.15.0-1017.22",
"5.15.0-1018.23",
"5.15.0-1019.24",
"5.15.0-1020.25",
"5.15.0-1021.26",
"5.15.0-1022.27",
"5.15.0-1023.28",
"5.15.0-1024.29",
"5.15.0-1025.30",
"5.15.0-1026.31",
"5.15.0-1027.32",
"5.15.0-1028.33",
"5.15.0-1030.35",
"5.15.0-1031.37",
"5.15.0-1032.38",
"5.15.0-1033.39",
"5.15.0-1034.40",
"5.15.0-1035.41",
"5.15.0-1036.42",
"5.15.0-1037.43",
"5.15.0-1038.44",
"5.15.0-1039.45",
"5.15.0-1040.46",
"5.15.0-1043.50",
"5.15.0-1044.51",
"5.15.0-1045.52",
"5.15.0-1046.53",
"5.15.0-1047.54",
"5.15.0-1048.55",
"5.15.0-1049.56",
"5.15.0-1050.57",
"5.15.0-1051.58",
"5.15.0-1052.59",
"5.15.0-1053.60",
"5.15.0-1054.61",
"5.15.0-1055.62",
"5.15.0-1056.63",
"5.15.0-1057.64",
"5.15.0-1058.66",
"5.15.0-1059.67",
"5.15.0-1060.68",
"5.15.0-1061.69",
"5.15.0-1062.70",
"5.15.0-1063.71",
"5.15.0-1064.72",
"5.15.0-1065.73",
"5.15.0-1066.74",
"5.15.0-1067.75",
"5.15.0-1068.76",
"5.15.0-1069.77",
"5.15.0-1070.78",
"5.15.0-1071.79",
"5.15.0-1073.81",
"5.15.0-1074.82",
"5.15.0-1075.83",
"5.15.0-1076.84",
"5.15.0-1078.86",
"5.15.0-1079.87",
"5.15.0-1080.88",
"5.15.0-1081.89",
"5.15.0-1082.90",
"5.15.0-1083.91",
"5.15.0-1084.92",
"5.15.0-1086.94",
"5.15.0-1087.95",
"5.15.0-1088.96",
"5.15.0-1089.97",
"5.15.0-1091.99",
"5.15.0-1092.100",
"5.15.0-1094.102"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-buildinfo-5.19.0-50-generic-64k",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-buildinfo-5.19.0-50-generic-lpae",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-cloud-tools-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-headers-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-headers-5.19.0-50-generic-64k",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-headers-5.19.0-50-generic-lpae",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-hwe-5.19-cloud-tools-5.19.0-50",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-hwe-5.19-cloud-tools-common",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-hwe-5.19-headers-5.19.0-50",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-hwe-5.19-tools-5.19.0-50",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-hwe-5.19-tools-common",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-hwe-5.19-tools-host",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-image-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-image-5.19.0-50-generic-lpae",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-image-unsigned-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-image-unsigned-5.19.0-50-generic-64k",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-modules-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-modules-5.19.0-50-generic-64k",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-modules-5.19.0-50-generic-lpae",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-modules-extra-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-modules-ipu6-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-modules-ivsc-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-modules-iwlwifi-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-source-5.19.0",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-tools-5.19.0-50-generic",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-tools-5.19.0-50-generic-64k",
"binary_version": "5.19.0-50.50"
},
{
"binary_name": "linux-tools-5.19.0-50-generic-lpae",
"binary_version": "5.19.0-50.50"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-hwe-5.19",
"purl": "pkg:deb/ubuntu/linux-hwe-5.19@5.19.0-50.50?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-28.29~22.04.1",
"5.19.0-32.33~22.04.1",
"5.19.0-35.36~22.04.1",
"5.19.0-38.39~22.04.1",
"5.19.0-40.41~22.04.1",
"5.19.0-41.42~22.04.1",
"5.19.0-42.43~22.04.1",
"5.19.0-43.44~22.04.1",
"5.19.0-45.46~22.04.1",
"5.19.0-46.47~22.04.1",
"5.19.0-50.50"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.2.0-39-generic-64k",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.2.0-39-generic-lpae",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-39-generic-64k",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-39-generic-lpae",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-hwe-6.2-cloud-tools-6.2.0-39",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-hwe-6.2-cloud-tools-common",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-hwe-6.2-headers-6.2.0-39",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-hwe-6.2-tools-6.2.0-39",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-hwe-6.2-tools-common",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-hwe-6.2-tools-host",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-image-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-image-6.2.0-39-generic-lpae",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.2.0-39-generic-64k",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-39-generic-64k",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-39-generic-lpae",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-modules-ipu6-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-modules-ivsc-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-source-6.2.0",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-39-generic",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-39-generic-64k",
"binary_version": "6.2.0-39.40~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-39-generic-lpae",
"binary_version": "6.2.0-39.40~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-hwe-6.2",
"purl": "pkg:deb/ubuntu/linux-hwe-6.2@6.2.0-39.40~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-25.25~22.04.2",
"6.2.0-26.26~22.04.1",
"6.2.0-31.31~22.04.1",
"6.2.0-32.32~22.04.1",
"6.2.0-33.33~22.04.1",
"6.2.0-34.34~22.04.1",
"6.2.0-35.35~22.04.1",
"6.2.0-36.37~22.04.1",
"6.2.0-37.38~22.04.1",
"6.2.0-39.40~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.5.0-45-generic-64k",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-45-generic-64k",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-hwe-6.5-cloud-tools-6.5.0-45",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-hwe-6.5-cloud-tools-common",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-hwe-6.5-headers-6.5.0-45",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-hwe-6.5-tools-6.5.0-45",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-hwe-6.5-tools-common",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-hwe-6.5-tools-host",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-image-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-45-generic-64k",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-45-generic-64k",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-modules-ipu6-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-modules-ivsc-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-source-6.5.0",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-45-generic",
"binary_version": "6.5.0-45.45~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-45-generic-64k",
"binary_version": "6.5.0-45.45~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-hwe-6.5",
"purl": "pkg:deb/ubuntu/linux-hwe-6.5@6.5.0-45.45~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-14.14~22.04.1",
"6.5.0-15.15~22.04.1",
"6.5.0-17.17~22.04.1",
"6.5.0-18.18~22.04.1",
"6.5.0-21.21~22.04.1",
"6.5.0-25.25~22.04.1",
"6.5.0-26.26~22.04.1",
"6.5.0-27.28~22.04.1",
"6.5.0-28.29~22.04.1",
"6.5.0-35.35~22.04.1",
"6.5.0-41.41~22.04.2",
"6.5.0-44.44~22.04.1",
"6.5.0-45.45~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-hwe-6.8-cloud-tools-6.8.0-134",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-hwe-6.8-headers-6.8.0-134",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-hwe-6.8-tools-6.8.0-134",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-image-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-modules-ipu6-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-modules-usbio-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-hwe-6.8",
"purl": "pkg:deb/ubuntu/linux-hwe-6.8@6.8.0-134.134~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-38.38~22.04.1",
"6.8.0-39.39~22.04.1",
"6.8.0-40.40~22.04.3",
"6.8.0-45.45~22.04.1",
"6.8.0-47.47~22.04.1",
"6.8.0-48.48~22.04.1",
"6.8.0-49.49~22.04.1",
"6.8.0-50.51~22.04.1",
"6.8.0-51.52~22.04.1",
"6.8.0-52.53~22.04.1",
"6.8.0-57.59~22.04.1",
"6.8.0-58.60~22.04.1",
"6.8.0-59.61~22.04.1",
"6.8.0-60.63~22.04.1",
"6.8.0-64.67~22.04.1",
"6.8.0-65.68~22.04.1",
"6.8.0-78.78~22.04.1",
"6.8.0-79.79~22.04.1",
"6.8.0-83.83~22.04.1",
"6.8.0-84.84~22.04.1",
"6.8.0-85.85~22.04.1",
"6.8.0-86.87~22.04.1",
"6.8.0-87.88~22.04.1",
"6.8.0-88.89~22.04.2",
"6.8.0-90.91~22.04.1",
"6.8.0-94.96~22.04.1",
"6.8.0-100.100~22.04.1",
"6.8.0-101.101~22.04.1",
"6.8.0-106.106~22.04.1",
"6.8.0-107.107~22.04.1",
"6.8.0-110.110~22.04.1",
"6.8.0-111.111~22.04.1",
"6.8.0-117.117~22.04.1",
"6.8.0-124.124~22.04.1",
"6.8.0-134.134~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-headers-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-ibm-cloud-tools-common",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-ibm-headers-5.15.0-1105",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-ibm-source-5.15.0",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-ibm-tools-5.15.0-1105",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-ibm-tools-common",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-modules-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-modules-extra-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109"
},
{
"binary_name": "linux-tools-5.15.0-1105-ibm",
"binary_version": "5.15.0-1105.109"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-ibm",
"purl": "pkg:deb/ubuntu/linux-ibm@5.15.0-1105.109?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1002.2",
"5.15.0-1003.3",
"5.15.0-1004.4",
"5.15.0-1005.5",
"5.15.0-1007.8",
"5.15.0-1009.11",
"5.15.0-1010.12",
"5.15.0-1012.14",
"5.15.0-1013.15",
"5.15.0-1015.17",
"5.15.0-1017.20",
"5.15.0-1018.21",
"5.15.0-1021.24",
"5.15.0-1022.25",
"5.15.0-1023.26",
"5.15.0-1025.28",
"5.15.0-1026.29",
"5.15.0-1027.30",
"5.15.0-1028.31",
"5.15.0-1029.32",
"5.15.0-1030.33",
"5.15.0-1031.34",
"5.15.0-1032.35",
"5.15.0-1033.36",
"5.15.0-1034.37",
"5.15.0-1035.38",
"5.15.0-1036.39",
"5.15.0-1037.40",
"5.15.0-1038.41",
"5.15.0-1040.43",
"5.15.0-1041.44",
"5.15.0-1042.45",
"5.15.0-1043.46",
"5.15.0-1044.47",
"5.15.0-1045.48",
"5.15.0-1046.49",
"5.15.0-1047.50",
"5.15.0-1048.51",
"5.15.0-1049.52",
"5.15.0-1050.53",
"5.15.0-1053.56",
"5.15.0-1054.57",
"5.15.0-1055.58",
"5.15.0-1056.59",
"5.15.0-1057.60",
"5.15.0-1058.61",
"5.15.0-1059.62",
"5.15.0-1060.63",
"5.15.0-1061.64",
"5.15.0-1062.65",
"5.15.0-1063.66",
"5.15.0-1064.67",
"5.15.0-1065.68",
"5.15.0-1066.69",
"5.15.0-1067.70",
"5.15.0-1068.71",
"5.15.0-1069.72",
"5.15.0-1070.73",
"5.15.0-1071.74",
"5.15.0-1072.75",
"5.15.0-1073.76",
"5.15.0-1074.77",
"5.15.0-1075.78",
"5.15.0-1076.79",
"5.15.0-1077.80",
"5.15.0-1078.81",
"5.15.0-1079.82",
"5.15.0-1080.83",
"5.15.0-1081.84",
"5.15.0-1084.87",
"5.15.0-1085.88",
"5.15.0-1086.89",
"5.15.0-1087.90",
"5.15.0-1089.92",
"5.15.0-1090.93",
"5.15.0-1091.94",
"5.15.0-1092.95",
"5.15.0-1093.96",
"5.15.0-1094.97",
"5.15.0-1095.98",
"5.15.0-1097.100",
"5.15.0-1098.101",
"5.15.0-1099.102",
"5.15.0-1100.103",
"5.15.0-1102.105",
"5.15.0-1103.106",
"5.15.0-1105.109"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-ibm-6.8-headers-6.8.0-1060",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-ibm-6.8-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-ibm-6.8",
"purl": "pkg:deb/ubuntu/linux-ibm-6.8@6.8.0-1060.61~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1008.8~22.04.1",
"6.8.0-1010.10~22.04.1",
"6.8.0-1011.11~22.04.1",
"6.8.0-1012.12~22.04.1",
"6.8.0-1013.13~22.04.1",
"6.8.0-1014.14~22.04.1",
"6.8.0-1015.15~22.04.1",
"6.8.0-1016.16~22.04.1",
"6.8.0-1017.17~22.04.1",
"6.8.0-1018.18~22.04.1",
"6.8.0-1019.19~22.04.1",
"6.8.0-1023.23~22.04.1",
"6.8.0-1024.24~22.04.1",
"6.8.0-1025.25~22.04.1",
"6.8.0-1026.26~22.04.1",
"6.8.0-1027.27~22.04.1",
"6.8.0-1028.28~22.04.1",
"6.8.0-1029.29~22.04.1",
"6.8.0-1030.30~22.04.1",
"6.8.0-1033.33~22.04.1",
"6.8.0-1036.36~22.04.1",
"6.8.0-1037.37~22.04.1",
"6.8.0-1038.38~22.04.1",
"6.8.0-1039.39~22.04.1",
"6.8.0-1040.40~22.04.1",
"6.8.0-1041.41~22.04.1",
"6.8.0-1042.42~22.04.1",
"6.8.0-1043.43~22.04.1",
"6.8.0-1044.44~22.04.1",
"6.8.0-1045.45~22.04.1",
"6.8.0-1049.49~22.04.1",
"6.8.0-1050.50~22.04.1",
"6.8.0-1051.51~22.04.1",
"6.8.0-1052.52~22.04.1",
"6.8.0-1055.56~22.04.1",
"6.8.0-1057.58~22.04.1",
"6.8.0-1060.61~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-headers-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-common",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-headers-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-common",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-host",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-modules-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-modules-extra-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-tools-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-intel-iot-realtime",
"purl": "pkg:deb/ubuntu/linux-intel-iot-realtime@5.15.0-1073.75?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1073.75"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-headers-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-intel-iotg-cloud-tools-5.15.0-1106",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-intel-iotg-cloud-tools-common",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-intel-iotg-headers-5.15.0-1106",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-intel-iotg-tools-5.15.0-1106",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-intel-iotg-tools-common",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-intel-iotg-tools-host",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-modules-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-modules-extra-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
},
{
"binary_name": "linux-tools-5.15.0-1106-intel-iotg",
"binary_version": "5.15.0-1106.112"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-intel-iotg",
"purl": "pkg:deb/ubuntu/linux-intel-iotg@5.15.0-1106.112?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1004.6",
"5.15.0-1008.11",
"5.15.0-1010.14",
"5.15.0-1013.17",
"5.15.0-1015.20",
"5.15.0-1016.21",
"5.15.0-1017.22",
"5.15.0-1018.23",
"5.15.0-1021.26",
"5.15.0-1023.28",
"5.15.0-1025.30",
"5.15.0-1026.31",
"5.15.0-1027.32",
"5.15.0-1028.33",
"5.15.0-1030.35",
"5.15.0-1031.36",
"5.15.0-1033.38",
"5.15.0-1034.39",
"5.15.0-1035.40",
"5.15.0-1036.41",
"5.15.0-1037.42",
"5.15.0-1038.43",
"5.15.0-1039.45",
"5.15.0-1040.46",
"5.15.0-1043.49",
"5.15.0-1045.51",
"5.15.0-1046.52",
"5.15.0-1047.53",
"5.15.0-1048.54",
"5.15.0-1049.55",
"5.15.0-1050.56",
"5.15.0-1051.57",
"5.15.0-1052.58",
"5.15.0-1055.61",
"5.15.0-1057.63",
"5.15.0-1058.64",
"5.15.0-1059.65",
"5.15.0-1060.66",
"5.15.0-1061.67",
"5.15.0-1062.68",
"5.15.0-1063.69",
"5.15.0-1064.70",
"5.15.0-1065.71",
"5.15.0-1066.72",
"5.15.0-1067.73",
"5.15.0-1071.77",
"5.15.0-1072.78",
"5.15.0-1073.79",
"5.15.0-1074.80",
"5.15.0-1075.81",
"5.15.0-1076.82",
"5.15.0-1077.83",
"5.15.0-1078.84",
"5.15.0-1079.85",
"5.15.0-1080.86",
"5.15.0-1081.87",
"5.15.0-1082.88",
"5.15.0-1083.89",
"5.15.0-1084.90",
"5.15.0-1085.91",
"5.15.0-1086.92",
"5.15.0-1087.93",
"5.15.0-1088.94",
"5.15.0-1090.96",
"5.15.0-1091.97",
"5.15.0-1092.98",
"5.15.0-1093.99",
"5.15.0-1094.100",
"5.15.0-1095.101",
"5.15.0-1096.102",
"5.15.0-1098.104",
"5.15.0-1099.105",
"5.15.0-1100.106",
"5.15.0-1101.107",
"5.15.0-1103.109",
"5.15.0-1104.110",
"5.15.0-1106.112"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1103-kvm",
"binary_version": "5.15.0-1103.108"
},
{
"binary_name": "linux-headers-5.15.0-1103-kvm",
"binary_version": "5.15.0-1103.108"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1103-kvm",
"binary_version": "5.15.0-1103.108"
},
{
"binary_name": "linux-kvm-headers-5.15.0-1103",
"binary_version": "5.15.0-1103.108"
},
{
"binary_name": "linux-kvm-tools-5.15.0-1103",
"binary_version": "5.15.0-1103.108"
},
{
"binary_name": "linux-modules-5.15.0-1103-kvm",
"binary_version": "5.15.0-1103.108"
},
{
"binary_name": "linux-tools-5.15.0-1103-kvm",
"binary_version": "5.15.0-1103.108"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-kvm",
"purl": "pkg:deb/ubuntu/linux-kvm@5.15.0-1103.108?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1004.4",
"5.13.0-1006.6+22.04.1",
"5.13.0-1007.7+22.04.1",
"5.13.0-1010.11+22.04.1",
"5.15.0-1002.2",
"5.15.0-1004.4",
"5.15.0-1005.5",
"5.15.0-1007.7",
"5.15.0-1008.8",
"5.15.0-1010.11",
"5.15.0-1012.14",
"5.15.0-1013.16",
"5.15.0-1016.19",
"5.15.0-1017.21",
"5.15.0-1018.22",
"5.15.0-1019.23",
"5.15.0-1020.24",
"5.15.0-1021.26",
"5.15.0-1024.29",
"5.15.0-1025.30",
"5.15.0-1026.31",
"5.15.0-1028.33",
"5.15.0-1029.34",
"5.15.0-1030.35",
"5.15.0-1031.36",
"5.15.0-1032.37",
"5.15.0-1033.38",
"5.15.0-1034.39",
"5.15.0-1035.40",
"5.15.0-1037.42",
"5.15.0-1038.43",
"5.15.0-1039.44",
"5.15.0-1040.45",
"5.15.0-1041.46",
"5.15.0-1042.47",
"5.15.0-1044.49",
"5.15.0-1045.50",
"5.15.0-1046.51",
"5.15.0-1047.52",
"5.15.0-1048.53",
"5.15.0-1049.54",
"5.15.0-1050.55",
"5.15.0-1051.56",
"5.15.0-1052.57",
"5.15.0-1053.58",
"5.15.0-1054.59",
"5.15.0-1057.62",
"5.15.0-1058.63",
"5.15.0-1059.64",
"5.15.0-1060.65",
"5.15.0-1061.66",
"5.15.0-1062.67",
"5.15.0-1063.68",
"5.15.0-1064.69",
"5.15.0-1065.70",
"5.15.0-1066.71",
"5.15.0-1067.72",
"5.15.0-1068.73",
"5.15.0-1069.74",
"5.15.0-1070.75",
"5.15.0-1071.76",
"5.15.0-1072.77",
"5.15.0-1073.78",
"5.15.0-1076.81",
"5.15.0-1077.82",
"5.15.0-1078.83",
"5.15.0-1079.84",
"5.15.0-1080.85",
"5.15.0-1081.86",
"5.15.0-1082.87",
"5.15.0-1083.88",
"5.15.0-1084.89",
"5.15.0-1085.90",
"5.15.0-1086.91",
"5.15.0-1087.92",
"5.15.0-1088.93",
"5.15.0-1089.94",
"5.15.0-1090.95",
"5.15.0-1091.96",
"5.15.0-1092.97",
"5.15.0-1093.98",
"5.15.0-1095.100",
"5.15.0-1096.101",
"5.15.0-1097.102",
"5.15.0-1098.103",
"5.15.0-1100.105",
"5.15.0-1101.106",
"5.15.0-1103.108"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-buildinfo-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-cloud-tools-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-headers-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-headers-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-image-unsigned-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-image-unsigned-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-lowlatency-cloud-tools-5.15.0-183",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-lowlatency-headers-5.15.0-183",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-lowlatency-tools-5.15.0-183",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-modules-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-modules-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-tools-5.15.0-183-lowlatency",
"binary_version": "5.15.0-183.193"
},
{
"binary_name": "linux-tools-5.15.0-183-lowlatency-64k",
"binary_version": "5.15.0-183.193"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-lowlatency",
"purl": "pkg:deb/ubuntu/linux-lowlatency@5.15.0-183.193?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-22.22",
"5.15.0-23.23",
"5.15.0-24.24",
"5.15.0-27.28",
"5.15.0-30.31",
"5.15.0-33.34",
"5.15.0-35.36",
"5.15.0-37.39",
"5.15.0-39.42",
"5.15.0-40.43",
"5.15.0-41.44",
"5.15.0-43.46",
"5.15.0-46.49",
"5.15.0-47.53",
"5.15.0-48.54",
"5.15.0-50.56",
"5.15.0-52.58",
"5.15.0-53.59",
"5.15.0-56.62",
"5.15.0-57.63",
"5.15.0-58.64",
"5.15.0-60.66",
"5.15.0-67.74",
"5.15.0-69.76",
"5.15.0-70.77",
"5.15.0-71.78",
"5.15.0-72.79",
"5.15.0-73.80",
"5.15.0-75.82",
"5.15.0-76.83",
"5.15.0-78.85",
"5.15.0-79.88",
"5.15.0-82.91",
"5.15.0-83.92",
"5.15.0-84.93",
"5.15.0-86.95",
"5.15.0-87.96",
"5.15.0-88.98",
"5.15.0-89.99",
"5.15.0-91.101",
"5.15.0-92.102",
"5.15.0-94.104",
"5.15.0-97.107",
"5.15.0-100.110",
"5.15.0-101.111",
"5.15.0-102.112",
"5.15.0-105.115",
"5.15.0-106.116",
"5.15.0-107.117",
"5.15.0-110.120",
"5.15.0-113.123",
"5.15.0-116.126",
"5.15.0-117.127",
"5.15.0-118.128",
"5.15.0-119.129",
"5.15.0-121.131",
"5.15.0-122.132",
"5.15.0-124.134",
"5.15.0-125.135",
"5.15.0-126.136",
"5.15.0-127.137",
"5.15.0-128.138",
"5.15.0-129.139",
"5.15.0-131.141",
"5.15.0-133.143",
"5.15.0-134.145",
"5.15.0-135.146",
"5.15.0-136.147",
"5.15.0-138.148",
"5.15.0-139.149",
"5.15.0-140.150",
"5.15.0-141.151",
"5.15.0-142.152",
"5.15.0-143.153",
"5.15.0-144.157",
"5.15.0-145.158",
"5.15.0-152.162",
"5.15.0-153.163",
"5.15.0-156.166",
"5.15.0-157.167",
"5.15.0-160.170",
"5.15.0-161.171",
"5.15.0-163.173",
"5.15.0-164.174",
"5.15.0-168.178",
"5.15.0-170.180",
"5.15.0-171.181",
"5.15.0-173.183",
"5.15.0-174.184",
"5.15.0-175.185",
"5.15.0-177.187",
"5.15.0-178.188",
"5.15.0-179.189",
"5.15.0-181.191",
"5.15.0-183.193"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-buildinfo-5.19.0-1030-lowlatency-64k",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-cloud-tools-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-headers-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-headers-5.19.0-1030-lowlatency-64k",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-image-unsigned-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-image-unsigned-5.19.0-1030-lowlatency-64k",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-lowlatency-hwe-5.19-cloud-tools-5.19.0-1030",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-lowlatency-hwe-5.19-cloud-tools-common",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-lowlatency-hwe-5.19-headers-5.19.0-1030",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-lowlatency-hwe-5.19-tools-5.19.0-1030",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-lowlatency-hwe-5.19-tools-common",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-lowlatency-hwe-5.19-tools-host",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-modules-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-modules-5.19.0-1030-lowlatency-64k",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-modules-ipu6-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-modules-ivsc-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-modules-iwlwifi-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-tools-5.19.0-1030-lowlatency",
"binary_version": "5.19.0-1030.30"
},
{
"binary_name": "linux-tools-5.19.0-1030-lowlatency-64k",
"binary_version": "5.19.0-1030.30"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-lowlatency-hwe-5.19",
"purl": "pkg:deb/ubuntu/linux-lowlatency-hwe-5.19@5.19.0-1030.30?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1017.18~22.04.1",
"5.19.0-1018.19~22.04.1",
"5.19.0-1021.22~22.04.1",
"5.19.0-1022.23~22.04.1",
"5.19.0-1023.24~22.04.1",
"5.19.0-1024.25~22.04.1",
"5.19.0-1025.26~22.04.1",
"5.19.0-1027.28~22.04.1",
"5.19.0-1028.29~22.04.1",
"5.19.0-1030.30"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.2.0-1018-lowlatency-64k",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-1018-lowlatency-64k",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.2.0-1018-lowlatency-64k",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.2-cloud-tools-6.2.0-1018",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.2-cloud-tools-common",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.2-headers-6.2.0-1018",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.2-tools-6.2.0-1018",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.2-tools-common",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.2-tools-host",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-1018-lowlatency-64k",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-modules-ipu6-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-modules-ivsc-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-1018-lowlatency",
"binary_version": "6.2.0-1018.18~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-1018-lowlatency-64k",
"binary_version": "6.2.0-1018.18~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-lowlatency-hwe-6.2",
"purl": "pkg:deb/ubuntu/linux-lowlatency-hwe-6.2@6.2.0-1018.18~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-1008.8~22.04.1",
"6.2.0-1009.9~22.04.1",
"6.2.0-1011.11~22.04.1",
"6.2.0-1012.12~22.04.1",
"6.2.0-1013.13~22.04.1",
"6.2.0-1014.14~22.04.1",
"6.2.0-1015.15~22.04.1",
"6.2.0-1016.16~22.04.1",
"6.2.0-1017.17~22.04.1",
"6.2.0-1018.18~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.5.0-45-lowlatency-64k",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-45-lowlatency-64k",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-45-lowlatency-64k",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.5-cloud-tools-6.5.0-45",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.5-cloud-tools-common",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.5-headers-6.5.0-45",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.5-lib-rust-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.5-tools-6.5.0-45",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.5-tools-common",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.5-tools-host",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-45-lowlatency-64k",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-45-lowlatency",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-45-lowlatency-64k",
"binary_version": "6.5.0-45.45.1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-lowlatency-hwe-6.5",
"purl": "pkg:deb/ubuntu/linux-lowlatency-hwe-6.5@6.5.0-45.45.1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-14.14.1~22.04.1",
"6.5.0-15.15.1.1~22.04.1",
"6.5.0-17.17.1.1.1~22.04.1",
"6.5.0-21.21.1~22.04.1",
"6.5.0-25.25.1~22.04.1",
"6.5.0-26.26.1~22.04.1",
"6.5.0-27.28.1~22.04.1",
"6.5.0-28.29.1~22.04.1",
"6.5.0-35.35.1~22.04.1",
"6.5.0-41.41.1~22.04.1",
"6.5.0-42.42.1~22.04.1",
"6.5.0-44.44.1~22.04.1",
"6.5.0-45.45.1~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.8-cloud-tools-6.8.0-134",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.8-headers-6.8.0-134",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.8-lib-rust-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.8-tools-6.8.0-134",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-lowlatency-hwe-6.8",
"purl": "pkg:deb/ubuntu/linux-lowlatency-hwe-6.8@6.8.0-134.134.1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-38.38.1~22.04.2",
"6.8.0-40.40.1~22.04.1",
"6.8.0-44.44.1~22.04.1",
"6.8.0-45.45.1~22.04.1",
"6.8.0-47.47.1~22.04.1",
"6.8.0-48.48.3~22.04.1",
"6.8.0-49.49.1~22.04.1",
"6.8.0-50.51.1~22.04.1",
"6.8.0-51.52.1~22.04.1",
"6.8.0-52.53.1~22.04.1",
"6.8.0-54.56.1~22.04.1",
"6.8.0-55.57.1~22.04.1",
"6.8.0-56.58.1~22.04.1",
"6.8.0-57.59.1~22.04.1",
"6.8.0-58.60.1~22.04.1",
"6.8.0-59.61.1~22.04.1",
"6.8.0-60.63.1~22.04.1",
"6.8.0-62.65.1~22.04.1",
"6.8.0-63.66.1~22.04.1",
"6.8.0-64.67.1~22.04.1",
"6.8.0-65.68.1~22.04.1",
"6.8.0-78.78.1~22.04.1",
"6.8.0-79.79.1~22.04.1",
"6.8.0-83.83.1~22.04.1",
"6.8.0-84.84.1~22.04.1",
"6.8.0-85.85.1~22.04.1",
"6.8.0-86.87.1~22.04.1",
"6.8.0-87.88.1~22.04.1",
"6.8.0-88.89.1~22.04.1",
"6.8.0-90.91.1~22.04.1",
"6.8.0-94.96.1~22.04.1",
"6.8.0-100.100.1~22.04.1",
"6.8.0-101.101.1~22.04.1",
"6.8.0-106.106.1~22.04.1",
"6.8.0-107.107.1~22.04.1",
"6.8.0-110.110.1~22.04.1",
"6.8.0-111.111.1~22.04.1",
"6.8.0-117.117.1~22.04.1",
"6.8.0-134.134.1~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-buildinfo-5.15.0-1106-nvidia-lowlatency",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1106-nvidia-lowlatency",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-headers-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-headers-5.15.0-1106-nvidia-lowlatency",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1106-nvidia-lowlatency",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-modules-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-modules-5.15.0-1106-nvidia-lowlatency",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-modules-extra-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-modules-nvidia-fs-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-modules-nvidia-fs-5.15.0-1106-nvidia-lowlatency",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-nvidia-cloud-tools-5.15.0-1106",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-nvidia-cloud-tools-common",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-nvidia-headers-5.15.0-1106",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-nvidia-tools-5.15.0-1106",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-nvidia-tools-common",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-nvidia-tools-host",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-tools-5.15.0-1106-nvidia",
"binary_version": "5.15.0-1106.107"
},
{
"binary_name": "linux-tools-5.15.0-1106-nvidia-lowlatency",
"binary_version": "5.15.0-1106.107"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-nvidia",
"purl": "pkg:deb/ubuntu/linux-nvidia@5.15.0-1106.107?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1005.5",
"5.15.0-1007.7",
"5.15.0-1010.10",
"5.15.0-1015.15",
"5.15.0-1017.17",
"5.15.0-1018.18",
"5.15.0-1023.23",
"5.15.0-1025.25",
"5.15.0-1026.26",
"5.15.0-1027.27",
"5.15.0-1028.28",
"5.15.0-1029.29",
"5.15.0-1030.30",
"5.15.0-1031.31",
"5.15.0-1032.32",
"5.15.0-1033.33",
"5.15.0-1037.37",
"5.15.0-1039.39",
"5.15.0-1040.40",
"5.15.0-1041.41",
"5.15.0-1042.42",
"5.15.0-1043.43",
"5.15.0-1044.44",
"5.15.0-1045.45",
"5.15.0-1046.46",
"5.15.0-1047.47",
"5.15.0-1048.48",
"5.15.0-1053.54",
"5.15.0-1054.55",
"5.15.0-1055.56",
"5.15.0-1058.59",
"5.15.0-1059.60",
"5.15.0-1060.61",
"5.15.0-1061.62",
"5.15.0-1062.63",
"5.15.0-1063.64",
"5.15.0-1064.65",
"5.15.0-1065.66",
"5.15.0-1066.67",
"5.15.0-1067.68",
"5.15.0-1068.69",
"5.15.0-1069.70",
"5.15.0-1070.71",
"5.15.0-1071.72",
"5.15.0-1072.73",
"5.15.0-1073.74",
"5.15.0-1074.75",
"5.15.0-1075.76",
"5.15.0-1076.77",
"5.15.0-1077.78",
"5.15.0-1078.79",
"5.15.0-1079.80",
"5.15.0-1080.81",
"5.15.0-1081.82",
"5.15.0-1082.83",
"5.15.0-1083.84",
"5.15.0-1085.86",
"5.15.0-1086.87",
"5.15.0-1087.88",
"5.15.0-1088.89",
"5.15.0-1090.91",
"5.15.0-1091.92",
"5.15.0-1092.93",
"5.15.0-1093.94",
"5.15.0-1094.95",
"5.15.0-1095.96",
"5.15.0-1096.97",
"5.15.0-1098.99",
"5.15.0-1099.100",
"5.15.0-1100.101",
"5.15.0-1101.102",
"5.15.0-1103.104",
"5.15.0-1104.105",
"5.15.0-1106.107"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.2.0-1015-nvidia",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-buildinfo-6.2.0-1015-nvidia-64k",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-headers-6.2.0-1015-nvidia",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-headers-6.2.0-1015-nvidia-64k",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-image-unsigned-6.2.0-1015-nvidia",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-image-unsigned-6.2.0-1015-nvidia-64k",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-modules-6.2.0-1015-nvidia",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-modules-6.2.0-1015-nvidia-64k",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-modules-extra-6.2.0-1015-nvidia",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-modules-nvidia-fs-6.2.0-1015-nvidia",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-modules-nvidia-fs-6.2.0-1015-nvidia-64k",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-nvidia-6.2-headers-6.2.0-1015",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-nvidia-6.2-tools-6.2.0-1015",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-nvidia-6.2-tools-host",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-tools-6.2.0-1015-nvidia",
"binary_version": "6.2.0-1015.15"
},
{
"binary_name": "linux-tools-6.2.0-1015-nvidia-64k",
"binary_version": "6.2.0-1015.15"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-nvidia-6.2",
"purl": "pkg:deb/ubuntu/linux-nvidia-6.2@6.2.0-1015.15?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-1003.3~22.04.1",
"6.2.0-1009.9",
"6.2.0-1010.10",
"6.2.0-1011.11",
"6.2.0-1012.12",
"6.2.0-1013.13",
"6.2.0-1015.15"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-1024-nvidia",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-buildinfo-6.5.0-1024-nvidia-64k",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-headers-6.5.0-1024-nvidia",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-headers-6.5.0-1024-nvidia-64k",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1024-nvidia",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1024-nvidia-64k",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-modules-6.5.0-1024-nvidia",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-modules-6.5.0-1024-nvidia-64k",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-modules-extra-6.5.0-1024-nvidia",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-modules-nvidia-fs-6.5.0-1024-nvidia",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-modules-nvidia-fs-6.5.0-1024-nvidia-64k",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-nvidia-6.5-headers-6.5.0-1024",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-nvidia-6.5-tools-6.5.0-1024",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-nvidia-6.5-tools-host",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-tools-6.5.0-1024-nvidia",
"binary_version": "6.5.0-1024.25"
},
{
"binary_name": "linux-tools-6.5.0-1024-nvidia-64k",
"binary_version": "6.5.0-1024.25"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-nvidia-6.5",
"purl": "pkg:deb/ubuntu/linux-nvidia-6.5@6.5.0-1024.25?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1004.4",
"6.5.0-1007.7",
"6.5.0-1013.13",
"6.5.0-1014.14",
"6.5.0-1015.15",
"6.5.0-1018.18",
"6.5.0-1019.19",
"6.5.0-1021.22",
"6.5.0-1022.23",
"6.5.0-1023.24",
"6.5.0-1024.25"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-modules-nvidia-fs-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-modules-nvidia-fs-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-nvidia-6.8-headers-6.8.0-1058",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-nvidia-6.8-tools-6.8.0-1058",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-nvidia-6.8",
"purl": "pkg:deb/ubuntu/linux-nvidia-6.8@6.8.0-1058.61~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1008.8~22.04.1",
"6.8.0-1009.9~22.04.1",
"6.8.0-1010.10~22.04.1",
"6.8.0-1011.11~22.04.1",
"6.8.0-1012.12~22.04.1",
"6.8.0-1013.14~22.04.1",
"6.8.0-1014.15~22.04.1",
"6.8.0-1015.16~22.04.1",
"6.8.0-1017.19~22.04.1",
"6.8.0-1018.20~22.04.1",
"6.8.0-1019.21~22.04.1",
"6.8.0-1020.22~22.04.1",
"6.8.0-1021.23~22.04.1",
"6.8.0-1022.25~22.04.2",
"6.8.0-1023.26~22.04.1",
"6.8.0-1024.27~22.04.1",
"6.8.0-1025.28~22.04.1",
"6.8.0-1026.29~22.04.1",
"6.8.0-1027.30~22.04.1",
"6.8.0-1028.31~22.04.1",
"6.8.0-1029.32~22.04.1",
"6.8.0-1030.33~22.04.1",
"6.8.0-1031.34~22.04.1",
"6.8.0-1032.35~22.04.1",
"6.8.0-1035.38~22.04.1",
"6.8.0-1036.39~22.04.1",
"6.8.0-1038.41~22.04.1",
"6.8.0-1039.42~22.04.1",
"6.8.0-1040.43~22.04.1",
"6.8.0-1041.44~22.04.2",
"6.8.0-1042.45~22.04.1",
"6.8.0-1043.46~22.04.1",
"6.8.0-1044.47~22.04.1",
"6.8.0-1045.48~22.04.1",
"6.8.0-1046.49~22.04.1",
"6.8.0-1047.50~22.04.1",
"6.8.0-1049.52~22.04.1",
"6.8.0-1050.53~22.04.1",
"6.8.0-1051.54~22.04.1",
"6.8.0-1052.55~22.04.1",
"6.8.0-1054.57~22.04.1",
"6.8.0-1055.58~22.04.1",
"6.8.0-1058.61~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-buildinfo-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-headers-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-headers-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-modules-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-modules-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-modules-extra-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-nvidia-tegra-headers-5.15.0-1063",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-nvidia-tegra-tools-5.15.0-1063",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-tools-5.15.0-1063-nvidia-tegra",
"binary_version": "5.15.0-1063.63"
},
{
"binary_name": "linux-tools-5.15.0-1063-nvidia-tegra-rt",
"binary_version": "5.15.0-1063.63"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-nvidia-tegra",
"purl": "pkg:deb/ubuntu/linux-nvidia-tegra@5.15.0-1063.63?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1009.9",
"5.15.0-1010.10",
"5.15.0-1012.12",
"5.15.0-1013.13",
"5.15.0-1014.14",
"5.15.0-1015.15",
"5.15.0-1016.16",
"5.15.0-1017.17",
"5.15.0-1018.18",
"5.15.0-1019.19",
"5.15.0-1020.20",
"5.15.0-1021.21",
"5.15.0-1022.22",
"5.15.0-1025.25",
"5.15.0-1026.26",
"5.15.0-1027.27",
"5.15.0-1028.28",
"5.15.0-1030.30",
"5.15.0-1032.32",
"5.15.0-1033.33",
"5.15.0-1034.34",
"5.15.0-1035.35",
"5.15.0-1036.36",
"5.15.0-1037.37",
"5.15.0-1038.38",
"5.15.0-1039.39",
"5.15.0-1040.40",
"5.15.0-1041.41",
"5.15.0-1042.42",
"5.15.0-1043.43",
"5.15.0-1044.44",
"5.15.0-1045.45",
"5.15.0-1046.46",
"5.15.0-1047.47",
"5.15.0-1048.48",
"5.15.0-1049.49",
"5.15.0-1050.50",
"5.15.0-1051.51",
"5.15.0-1052.52",
"5.15.0-1053.53",
"5.15.0-1055.55",
"5.15.0-1056.56",
"5.15.0-1057.57",
"5.15.0-1058.58",
"5.15.0-1060.60",
"5.15.0-1061.61",
"5.15.0-1063.63"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1052-nvidia-tegra-igx",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-buildinfo-5.15.0-1052-nvidia-tegra-igx-rt",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-headers-5.15.0-1052-nvidia-tegra-igx",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-headers-5.15.0-1052-nvidia-tegra-igx-rt",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1052-nvidia-tegra-igx",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1052-nvidia-tegra-igx-rt",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-modules-5.15.0-1052-nvidia-tegra-igx",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-modules-5.15.0-1052-nvidia-tegra-igx-rt",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-modules-extra-5.15.0-1052-nvidia-tegra-igx",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-nvidia-tegra-igx-headers-5.15.0-1052",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-nvidia-tegra-igx-tools-5.15.0-1052",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-tools-5.15.0-1052-nvidia-tegra-igx",
"binary_version": "5.15.0-1052.52"
},
{
"binary_name": "linux-tools-5.15.0-1052-nvidia-tegra-igx-rt",
"binary_version": "5.15.0-1052.52"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-nvidia-tegra-igx",
"purl": "pkg:deb/ubuntu/linux-nvidia-tegra-igx@5.15.0-1052.52?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1001.1",
"5.15.0-1002.2",
"5.15.0-1004.4",
"5.15.0-1005.5",
"5.15.0-1006.6",
"5.15.0-1007.7",
"5.15.0-1008.8",
"5.15.0-1009.9",
"5.15.0-1012.12",
"5.15.0-1013.13",
"5.15.0-1015.15",
"5.15.0-1016.16",
"5.15.0-1018.18",
"5.15.0-1019.19",
"5.15.0-1020.20",
"5.15.0-1021.21",
"5.15.0-1022.22",
"5.15.0-1023.23",
"5.15.0-1024.24",
"5.15.0-1026.26",
"5.15.0-1027.27",
"5.15.0-1028.28",
"5.15.0-1029.29",
"5.15.0-1030.30",
"5.15.0-1031.31",
"5.15.0-1032.32",
"5.15.0-1033.33",
"5.15.0-1034.34",
"5.15.0-1035.35",
"5.15.0-1036.36",
"5.15.0-1037.37",
"5.15.0-1038.38",
"5.15.0-1039.39",
"5.15.0-1040.40",
"5.15.0-1041.41",
"5.15.0-1042.42",
"5.15.0-1044.44",
"5.15.0-1045.45",
"5.15.0-1046.46",
"5.15.0-1047.47",
"5.15.0-1049.49",
"5.15.0-1050.50",
"5.15.0-1052.52"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-headers-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-image-unsigned-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-modules-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-modules-ipu6-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-modules-ivsc-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-modules-iwlwifi-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-oem-5.17-headers-5.17.0-1035",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-oem-5.17-tools-5.17.0-1035",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-oem-5.17-tools-host",
"binary_version": "5.17.0-1035.36"
},
{
"binary_name": "linux-tools-5.17.0-1035-oem",
"binary_version": "5.17.0-1035.36"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-oem-5.17",
"purl": "pkg:deb/ubuntu/linux-oem-5.17@5.17.0-1035.36?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.17.0-1003.3",
"5.17.0-1004.4",
"5.17.0-1006.6",
"5.17.0-1011.12",
"5.17.0-1012.13",
"5.17.0-1013.14",
"5.17.0-1014.15",
"5.17.0-1015.16",
"5.17.0-1016.17",
"5.17.0-1017.18",
"5.17.0-1018.19",
"5.17.0-1019.20",
"5.17.0-1020.21",
"5.17.0-1021.22",
"5.17.0-1024.25",
"5.17.0-1025.26",
"5.17.0-1026.27",
"5.17.0-1027.28",
"5.17.0-1028.29",
"5.17.0-1029.30",
"5.17.0-1030.31",
"5.17.0-1031.32",
"5.17.0-1032.33",
"5.17.0-1033.34",
"5.17.0-1034.35",
"5.17.0-1035.36"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-headers-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-image-unsigned-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-modules-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-modules-ipu6-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-modules-ivsc-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-modules-iwlwifi-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-oem-6.0-headers-6.0.0-1021",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-oem-6.0-tools-6.0.0-1021",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-oem-6.0-tools-host",
"binary_version": "6.0.0-1021.21"
},
{
"binary_name": "linux-tools-6.0.0-1021-oem",
"binary_version": "6.0.0-1021.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-oem-6.0",
"purl": "pkg:deb/ubuntu/linux-oem-6.0@6.0.0-1021.21?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.0.0-1006.6",
"6.0.0-1007.7",
"6.0.0-1008.8",
"6.0.0-1009.9",
"6.0.0-1010.10",
"6.0.0-1011.11",
"6.0.0-1012.12",
"6.0.0-1013.13",
"6.0.0-1014.14",
"6.0.0-1015.15",
"6.0.0-1016.16",
"6.0.0-1017.17",
"6.0.0-1018.18",
"6.0.0-1019.19",
"6.0.0-1020.20",
"6.0.0-1021.21"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-headers-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-image-unsigned-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-modules-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-modules-ipu6-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-modules-ivsc-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-modules-iwlwifi-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-oem-6.1-headers-6.1.0-1036",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-oem-6.1-tools-6.1.0-1036",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-oem-6.1-tools-host",
"binary_version": "6.1.0-1036.36"
},
{
"binary_name": "linux-tools-6.1.0-1036-oem",
"binary_version": "6.1.0-1036.36"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-oem-6.1",
"purl": "pkg:deb/ubuntu/linux-oem-6.1@6.1.0-1036.36?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.1.0-1004.4",
"6.1.0-1006.6",
"6.1.0-1007.7",
"6.1.0-1008.8",
"6.1.0-1009.9",
"6.1.0-1010.10",
"6.1.0-1012.12",
"6.1.0-1013.13",
"6.1.0-1014.14",
"6.1.0-1015.15",
"6.1.0-1016.16",
"6.1.0-1017.17",
"6.1.0-1019.19",
"6.1.0-1020.20",
"6.1.0-1021.21",
"6.1.0-1022.22",
"6.1.0-1023.23",
"6.1.0-1024.24",
"6.1.0-1025.25",
"6.1.0-1026.26",
"6.1.0-1027.27",
"6.1.0-1028.28",
"6.1.0-1029.29",
"6.1.0-1033.33",
"6.1.0-1034.34",
"6.1.0-1035.35",
"6.1.0-1036.36"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-headers-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-modules-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-modules-ipu6-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-modules-ivsc-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-modules-iwlwifi-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-modules-usbio-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-oem-6.5-headers-6.5.0-1027",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-oem-6.5-lib-rust-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-oem-6.5-tools-6.5.0-1027",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-oem-6.5-tools-host",
"binary_version": "6.5.0-1027.28"
},
{
"binary_name": "linux-tools-6.5.0-1027-oem",
"binary_version": "6.5.0-1027.28"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-oem-6.5",
"purl": "pkg:deb/ubuntu/linux-oem-6.5@6.5.0-1027.28?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1003.3",
"6.5.0-1004.4",
"6.5.0-1006.6",
"6.5.0-1007.7",
"6.5.0-1008.8",
"6.5.0-1009.10",
"6.5.0-1011.12",
"6.5.0-1013.14",
"6.5.0-1014.15",
"6.5.0-1015.16",
"6.5.0-1016.17",
"6.5.0-1018.19",
"6.5.0-1019.20",
"6.5.0-1020.21",
"6.5.0-1022.23",
"6.5.0-1023.24",
"6.5.0-1024.25",
"6.5.0-1025.26",
"6.5.0-1027.28"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114"
},
{
"binary_name": "linux-headers-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114"
},
{
"binary_name": "linux-modules-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114"
},
{
"binary_name": "linux-modules-extra-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114"
},
{
"binary_name": "linux-oracle-headers-5.15.0-1108",
"binary_version": "5.15.0-1108.114"
},
{
"binary_name": "linux-oracle-tools-5.15.0-1108",
"binary_version": "5.15.0-1108.114"
},
{
"binary_name": "linux-tools-5.15.0-1108-oracle",
"binary_version": "5.15.0-1108.114"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-oracle",
"purl": "pkg:deb/ubuntu/linux-oracle@5.15.0-1108.114?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1008.10",
"5.15.0-1001.3",
"5.15.0-1002.4",
"5.15.0-1003.5",
"5.15.0-1006.8",
"5.15.0-1007.9",
"5.15.0-1009.12",
"5.15.0-1011.15",
"5.15.0-1013.17",
"5.15.0-1016.20",
"5.15.0-1017.22",
"5.15.0-1018.23",
"5.15.0-1019.24",
"5.15.0-1021.27",
"5.15.0-1022.28",
"5.15.0-1025.31",
"5.15.0-1026.32",
"5.15.0-1027.33",
"5.15.0-1029.35",
"5.15.0-1030.36",
"5.15.0-1032.38",
"5.15.0-1033.39",
"5.15.0-1034.40",
"5.15.0-1035.41",
"5.15.0-1036.42",
"5.15.0-1037.43",
"5.15.0-1038.44",
"5.15.0-1039.45",
"5.15.0-1040.46",
"5.15.0-1041.47",
"5.15.0-1042.48",
"5.15.0-1044.50",
"5.15.0-1045.51",
"5.15.0-1046.52",
"5.15.0-1047.53",
"5.15.0-1048.54",
"5.15.0-1049.55",
"5.15.0-1050.56",
"5.15.0-1051.57",
"5.15.0-1052.58",
"5.15.0-1053.59",
"5.15.0-1054.60",
"5.15.0-1055.61",
"5.15.0-1058.64",
"5.15.0-1059.65",
"5.15.0-1060.66",
"5.15.0-1061.67",
"5.15.0-1062.68",
"5.15.0-1063.69",
"5.15.0-1064.70",
"5.15.0-1065.71",
"5.15.0-1066.72",
"5.15.0-1067.73",
"5.15.0-1068.74",
"5.15.0-1069.75",
"5.15.0-1070.76",
"5.15.0-1071.77",
"5.15.0-1072.78",
"5.15.0-1073.79",
"5.15.0-1074.80",
"5.15.0-1075.81",
"5.15.0-1076.82",
"5.15.0-1077.83",
"5.15.0-1078.84",
"5.15.0-1079.85",
"5.15.0-1080.86",
"5.15.0-1081.87",
"5.15.0-1082.88",
"5.15.0-1083.89",
"5.15.0-1084.90",
"5.15.0-1085.91",
"5.15.0-1086.92",
"5.15.0-1088.94",
"5.15.0-1089.95",
"5.15.0-1090.96",
"5.15.0-1091.97",
"5.15.0-1092.98",
"5.15.0-1093.99",
"5.15.0-1094.100",
"5.15.0-1095.101",
"5.15.0-1096.102",
"5.15.0-1097.103",
"5.15.0-1098.104",
"5.15.0-1100.106",
"5.15.0-1101.107",
"5.15.0-1102.108",
"5.15.0-1103.109",
"5.15.0-1105.111",
"5.15.0-1106.112",
"5.15.0-1108.114"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-1027-oracle",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.5.0-1027-oracle-64k",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-1027-oracle",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-1027-oracle-64k",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1027-oracle",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.5.0-1027-oracle-64k",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-1027-oracle",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-1027-oracle-64k",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-1027-oracle",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-1027-oracle-64k",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-oracle-6.5-headers-6.5.0-1027",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-oracle-6.5-tools-6.5.0-1027",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-1027-oracle",
"binary_version": "6.5.0-1027.27~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-1027-oracle-64k",
"binary_version": "6.5.0-1027.27~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-oracle-6.5",
"purl": "pkg:deb/ubuntu/linux-oracle-6.5@6.5.0-1027.27~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1013.13~22.04.4",
"6.5.0-1014.14~22.04.1",
"6.5.0-1015.15~22.04.1",
"6.5.0-1016.16~22.04.1",
"6.5.0-1018.18~22.04.1",
"6.5.0-1019.19~22.04.1",
"6.5.0-1020.20~22.04.1",
"6.5.0-1021.21~22.04.1",
"6.5.0-1023.23~22.04.1",
"6.5.0-1024.24~22.04.1",
"6.5.0-1025.25~22.04.1",
"6.5.0-1026.26~22.04.1",
"6.5.0-1027.27~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-oracle-6.8-headers-6.8.0-1057",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-oracle-6.8-tools-6.8.0-1057",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-oracle-6.8",
"purl": "pkg:deb/ubuntu/linux-oracle-6.8@6.8.0-1057.58~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1006.6~22.04.3",
"6.8.0-1008.8~22.04.1",
"6.8.0-1010.10~22.04.1",
"6.8.0-1011.11~22.04.1",
"6.8.0-1012.12~22.04.1",
"6.8.0-1013.13~22.04.1",
"6.8.0-1014.14~22.04.1",
"6.8.0-1015.15~22.04.1",
"6.8.0-1016.17~22.04.1",
"6.8.0-1017.18~22.04.1",
"6.8.0-1018.19~22.04.1",
"6.8.0-1019.20~22.04.1",
"6.8.0-1020.21~22.04.1",
"6.8.0-1021.22~22.04.1",
"6.8.0-1022.23~22.04.1",
"6.8.0-1023.24~22.04.1",
"6.8.0-1024.25~22.04.1",
"6.8.0-1025.26~22.04.1",
"6.8.0-1026.27~22.04.1",
"6.8.0-1027.28~22.04.1",
"6.8.0-1028.29~22.04.1",
"6.8.0-1029.30~22.04.1",
"6.8.0-1030.31~22.04.1",
"6.8.0-1032.33~22.04.1",
"6.8.0-1033.34~22.04.1",
"6.8.0-1035.36~22.04.1",
"6.8.0-1037.38~22.04.1",
"6.8.0-1038.39~22.04.1",
"6.8.0-1039.40~22.04.1",
"6.8.0-1040.41~22.04.1",
"6.8.0-1041.42~22.04.1",
"6.8.0-1042.43~22.04.1",
"6.8.0-1043.44~22.04.1",
"6.8.0-1044.45~22.04.1",
"6.8.0-1047.48~22.04.1",
"6.8.0-1049.50~22.04.1",
"6.8.0-1050.51~22.04.1",
"6.8.0-1052.53~22.04.1",
"6.8.0-1054.55~22.04.1",
"6.8.0-1057.58~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1105-raspi",
"binary_version": "5.15.0-1105.108"
},
{
"binary_name": "linux-headers-5.15.0-1105-raspi",
"binary_version": "5.15.0-1105.108"
},
{
"binary_name": "linux-image-5.15.0-1105-raspi",
"binary_version": "5.15.0-1105.108"
},
{
"binary_name": "linux-modules-5.15.0-1105-raspi",
"binary_version": "5.15.0-1105.108"
},
{
"binary_name": "linux-modules-extra-5.15.0-1105-raspi",
"binary_version": "5.15.0-1105.108"
},
{
"binary_name": "linux-raspi-headers-5.15.0-1105",
"binary_version": "5.15.0-1105.108"
},
{
"binary_name": "linux-raspi-tools-5.15.0-1105",
"binary_version": "5.15.0-1105.108"
},
{
"binary_name": "linux-tools-5.15.0-1105-raspi",
"binary_version": "5.15.0-1105.108"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-raspi",
"purl": "pkg:deb/ubuntu/linux-raspi@5.15.0-1105.108?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1008.9",
"5.15.0-1002.2",
"5.15.0-1003.3",
"5.15.0-1004.4",
"5.15.0-1005.5",
"5.15.0-1006.6",
"5.15.0-1008.8",
"5.15.0-1011.13",
"5.15.0-1012.14",
"5.15.0-1013.15",
"5.15.0-1014.16",
"5.15.0-1015.17",
"5.15.0-1016.18",
"5.15.0-1017.19",
"5.15.0-1018.20",
"5.15.0-1021.23",
"5.15.0-1022.24",
"5.15.0-1023.25",
"5.15.0-1024.26",
"5.15.0-1025.27",
"5.15.0-1026.28",
"5.15.0-1027.29",
"5.15.0-1028.30",
"5.15.0-1029.31",
"5.15.0-1030.32",
"5.15.0-1032.35",
"5.15.0-1033.36",
"5.15.0-1034.37",
"5.15.0-1035.38",
"5.15.0-1036.39",
"5.15.0-1037.40",
"5.15.0-1038.41",
"5.15.0-1040.43",
"5.15.0-1041.44",
"5.15.0-1042.45",
"5.15.0-1043.46",
"5.15.0-1044.47",
"5.15.0-1045.48",
"5.15.0-1046.49",
"5.15.0-1047.50",
"5.15.0-1048.51",
"5.15.0-1049.52",
"5.15.0-1050.53",
"5.15.0-1053.56",
"5.15.0-1054.57",
"5.15.0-1055.58",
"5.15.0-1058.61",
"5.15.0-1059.62",
"5.15.0-1060.63",
"5.15.0-1061.64",
"5.15.0-1062.65",
"5.15.0-1063.66",
"5.15.0-1064.67",
"5.15.0-1065.68",
"5.15.0-1066.69",
"5.15.0-1067.70",
"5.15.0-1070.73",
"5.15.0-1071.74",
"5.15.0-1072.75",
"5.15.0-1073.76",
"5.15.0-1074.77",
"5.15.0-1075.78",
"5.15.0-1076.79",
"5.15.0-1077.80",
"5.15.0-1078.81",
"5.15.0-1079.82",
"5.15.0-1080.83",
"5.15.0-1083.86",
"5.15.0-1084.87",
"5.15.0-1085.88",
"5.15.0-1086.89",
"5.15.0-1087.90",
"5.15.0-1089.92",
"5.15.0-1090.93",
"5.15.0-1091.94",
"5.15.0-1092.95",
"5.15.0-1093.96",
"5.15.0-1097.100",
"5.15.0-1098.101",
"5.15.0-1099.102",
"5.15.0-1100.103",
"5.15.0-1102.105",
"5.15.0-1103.106",
"5.15.0-1105.108"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-headers-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-modules-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-modules-extra-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-cloud-tools-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-cloud-tools-common",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-headers-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-common",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-host",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-tools-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-realtime",
"purl": "pkg:deb/ubuntu/linux-realtime@5.15.0-1032.35?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1032.35"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-headers-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-image-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-modules-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-modules-extra-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-riscv-headers-5.15.0-1028",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-riscv-tools-5.15.0-1028",
"binary_version": "5.15.0-1028.32"
},
{
"binary_name": "linux-tools-5.15.0-1028-generic",
"binary_version": "5.15.0-1028.32"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-riscv",
"purl": "pkg:deb/ubuntu/linux-riscv@5.15.0-1028.32?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.13.0-1004.4",
"5.13.0-1006.6+22.04.1",
"5.13.0-1007.7+22.04.1",
"5.13.0-1010.11+22.04.1",
"5.15.0-1004.4",
"5.15.0-1005.5",
"5.15.0-1006.6",
"5.15.0-1007.7",
"5.15.0-1008.8",
"5.15.0-1011.12",
"5.15.0-1012.13",
"5.15.0-1014.16",
"5.15.0-1015.17",
"5.15.0-1016.18",
"5.15.0-1017.19",
"5.15.0-1018.21",
"5.15.0-1019.22",
"5.15.0-1020.23",
"5.15.0-1022.26",
"5.15.0-1023.27",
"5.15.0-1026.30",
"5.15.0-1027.31",
"5.15.0-1028.32"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.19.0-1021-generic",
"binary_version": "5.19.0-1021.23~22.04.1"
},
{
"binary_name": "linux-headers-5.19.0-1021-generic",
"binary_version": "5.19.0-1021.23~22.04.1"
},
{
"binary_name": "linux-image-5.19.0-1021-generic",
"binary_version": "5.19.0-1021.23~22.04.1"
},
{
"binary_name": "linux-modules-5.19.0-1021-generic",
"binary_version": "5.19.0-1021.23~22.04.1"
},
{
"binary_name": "linux-modules-extra-5.19.0-1021-generic",
"binary_version": "5.19.0-1021.23~22.04.1"
},
{
"binary_name": "linux-riscv-5.19-headers-5.19.0-1021",
"binary_version": "5.19.0-1021.23~22.04.1"
},
{
"binary_name": "linux-riscv-5.19-tools-5.19.0-1021",
"binary_version": "5.19.0-1021.23~22.04.1"
},
{
"binary_name": "linux-tools-5.19.0-1021-generic",
"binary_version": "5.19.0-1021.23~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-riscv-5.19",
"purl": "pkg:deb/ubuntu/linux-riscv-5.19@5.19.0-1021.23~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1012.13~22.04.1",
"5.19.0-1015.16~22.04.1",
"5.19.0-1016.17~22.04.1",
"5.19.0-1017.18~22.04.1",
"5.19.0-1018.19~22.04.1",
"5.19.0-1019.21~22.04.1",
"5.19.0-1020.22~22.04.1",
"5.19.0-1021.23~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-45-generic",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-45-generic",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-image-6.5.0-45-generic",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-45-generic",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-45-generic",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-riscv-6.5-headers-6.5.0-45",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-riscv-6.5-tools-6.5.0-45",
"binary_version": "6.5.0-45.45.1~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-45-generic",
"binary_version": "6.5.0-45.45.1~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-riscv-6.5",
"purl": "pkg:deb/ubuntu/linux-riscv-6.5@6.5.0-45.45.1~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-17.17.1.1~22.04.1",
"6.5.0-21.21.1~22.04.1",
"6.5.0-25.25.1~22.04.1",
"6.5.0-26.26.1~22.04.1",
"6.5.0-27.28.1~22.04.1",
"6.5.0-28.29.1~22.04.1",
"6.5.0-35.35.1~22.04.1",
"6.5.0-40.40.1~22.04.1",
"6.5.0-42.42.1~22.04.1",
"6.5.0-45.45.1~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-headers-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-image-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-modules-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-riscv-6.8-headers-6.8.0-134",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-riscv-6.8-tools-6.8.0-134",
"binary_version": "6.8.0-134.134~22.04.1"
},
{
"binary_name": "linux-tools-6.8.0-134-generic",
"binary_version": "6.8.0-134.134~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-riscv-6.8",
"purl": "pkg:deb/ubuntu/linux-riscv-6.8@6.8.0-134.134~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-38.38.1~22.04.1",
"6.8.0-39.39.1~22.04.1",
"6.8.0-40.40.1~22.04.1",
"6.8.0-41.41.1~22.04.1",
"6.8.0-44.44.1~22.04.1",
"6.8.0-47.47.1~22.04.1",
"6.8.0-48.48.1~22.04.2",
"6.8.0-49.49.1~22.04.1",
"6.8.0-50.51.1~22.04.1",
"6.8.0-51.52.1~22.04.1",
"6.8.0-52.53.1~22.04.1",
"6.8.0-53.55.1~22.04.1",
"6.8.0-55.57.1~22.04.1",
"6.8.0-56.58.1~22.04.1",
"6.8.0-57.59.1~22.04.1",
"6.8.0-58.60.1~22.04.1",
"6.8.0-59.61.1~22.04.1",
"6.8.0-62.65~22.04.1",
"6.8.0-63.66~22.04.1",
"6.8.0-64.67~22.04.1",
"6.8.0-71.71~22.04.1",
"6.8.0-78.78~22.04.1",
"6.8.0-79.79~22.04.1",
"6.8.0-83.83~22.04.1",
"6.8.0-84.84~22.04.1",
"6.8.0-86.87~22.04.1",
"6.8.0-87.88~22.04.1",
"6.8.0-88.89~22.04.1",
"6.8.0-90.91~22.04.1",
"6.8.0-94.96~22.04.1",
"6.8.0-100.100~22.04.1",
"6.8.0-101.101~22.04.1",
"6.8.0-106.106~22.04.1",
"6.8.0-107.107~22.04.1",
"6.8.0-110.110~22.04.1",
"6.8.0-111.111~22.04.1",
"6.8.0-117.117~22.04.1",
"6.8.0-124.124~22.04.1",
"6.8.0-134.134~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.19.0-1020-starfive",
"binary_version": "5.19.0-1020.22~22.04.1"
},
{
"binary_name": "linux-headers-5.19.0-1020-starfive",
"binary_version": "5.19.0-1020.22~22.04.1"
},
{
"binary_name": "linux-image-5.19.0-1020-starfive",
"binary_version": "5.19.0-1020.22~22.04.1"
},
{
"binary_name": "linux-modules-5.19.0-1020-starfive",
"binary_version": "5.19.0-1020.22~22.04.1"
},
{
"binary_name": "linux-modules-extra-5.19.0-1020-starfive",
"binary_version": "5.19.0-1020.22~22.04.1"
},
{
"binary_name": "linux-starfive-5.19-headers-5.19.0-1020",
"binary_version": "5.19.0-1020.22~22.04.1"
},
{
"binary_name": "linux-starfive-5.19-tools-5.19.0-1020",
"binary_version": "5.19.0-1020.22~22.04.1"
},
{
"binary_name": "linux-tools-5.19.0-1020-starfive",
"binary_version": "5.19.0-1020.22~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-starfive-5.19",
"purl": "pkg:deb/ubuntu/linux-starfive-5.19@5.19.0-1020.22~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.19.0-1014.16~22.04.1",
"5.19.0-1015.17~22.04.1",
"5.19.0-1016.18~22.04.1",
"5.19.0-1017.19~22.04.1",
"5.19.0-1018.20~22.04.1",
"5.19.0-1019.21~22.04.1",
"5.19.0-1020.22~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.2.0-1009-starfive",
"binary_version": "6.2.0-1009.10~22.04.1"
},
{
"binary_name": "linux-headers-6.2.0-1009-starfive",
"binary_version": "6.2.0-1009.10~22.04.1"
},
{
"binary_name": "linux-image-6.2.0-1009-starfive",
"binary_version": "6.2.0-1009.10~22.04.1"
},
{
"binary_name": "linux-modules-6.2.0-1009-starfive",
"binary_version": "6.2.0-1009.10~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.2.0-1009-starfive",
"binary_version": "6.2.0-1009.10~22.04.1"
},
{
"binary_name": "linux-starfive-6.2-headers-6.2.0-1009",
"binary_version": "6.2.0-1009.10~22.04.1"
},
{
"binary_name": "linux-starfive-6.2-tools-6.2.0-1009",
"binary_version": "6.2.0-1009.10~22.04.1"
},
{
"binary_name": "linux-tools-6.2.0-1009-starfive",
"binary_version": "6.2.0-1009.10~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-starfive-6.2",
"purl": "pkg:deb/ubuntu/linux-starfive-6.2@6.2.0-1009.10~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.2.0-1006.7~22.04.1",
"6.2.0-1007.8~22.04.1",
"6.2.0-1009.10~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.5.0-1018-starfive",
"binary_version": "6.5.0-1018.19~22.04.1"
},
{
"binary_name": "linux-headers-6.5.0-1018-starfive",
"binary_version": "6.5.0-1018.19~22.04.1"
},
{
"binary_name": "linux-image-6.5.0-1018-starfive",
"binary_version": "6.5.0-1018.19~22.04.1"
},
{
"binary_name": "linux-modules-6.5.0-1018-starfive",
"binary_version": "6.5.0-1018.19~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.5.0-1018-starfive",
"binary_version": "6.5.0-1018.19~22.04.1"
},
{
"binary_name": "linux-starfive-6.5-headers-6.5.0-1018",
"binary_version": "6.5.0-1018.19~22.04.1"
},
{
"binary_name": "linux-starfive-6.5-tools-6.5.0-1018",
"binary_version": "6.5.0-1018.19~22.04.1"
},
{
"binary_name": "linux-tools-6.5.0-1018-starfive",
"binary_version": "6.5.0-1018.19~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-starfive-6.5",
"purl": "pkg:deb/ubuntu/linux-starfive-6.5@6.5.0-1018.19~22.04.1?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1007.8~22.04.1",
"6.5.0-1008.9~22.04.1",
"6.5.0-1009.10~22.04.1",
"6.5.0-1010.11~22.04.1",
"6.5.0-1011.12~22.04.1",
"6.5.0-1012.13~22.04.1",
"6.5.0-1014.15~22.04.1",
"6.5.0-1015.16~22.04.1",
"6.5.0-1016.17~22.04.1",
"6.5.0-1017.18~22.04.1",
"6.5.0-1018.19~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1074-xilinx-zynqmp",
"binary_version": "5.15.0-1074.78"
},
{
"binary_name": "linux-headers-5.15.0-1074-xilinx-zynqmp",
"binary_version": "5.15.0-1074.78"
},
{
"binary_name": "linux-image-5.15.0-1074-xilinx-zynqmp",
"binary_version": "5.15.0-1074.78"
},
{
"binary_name": "linux-modules-5.15.0-1074-xilinx-zynqmp",
"binary_version": "5.15.0-1074.78"
},
{
"binary_name": "linux-tools-5.15.0-1074-xilinx-zynqmp",
"binary_version": "5.15.0-1074.78"
},
{
"binary_name": "linux-xilinx-zynqmp-headers-5.15.0-1074",
"binary_version": "5.15.0-1074.78"
},
{
"binary_name": "linux-xilinx-zynqmp-tools-5.15.0-1074",
"binary_version": "5.15.0-1074.78"
}
]
},
"package": {
"ecosystem": "Ubuntu:22.04:LTS",
"name": "linux-xilinx-zynqmp",
"purl": "pkg:deb/ubuntu/linux-xilinx-zynqmp@5.15.0-1074.78?arch=source\u0026distro=jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1022.26",
"5.15.0-1023.27",
"5.15.0-1025.29",
"5.15.0-1027.31",
"5.15.0-1030.34",
"5.15.0-1031.35",
"5.15.0-1035.39",
"5.15.0-1036.40",
"5.15.0-1037.41",
"5.15.0-1038.42",
"5.15.0-1039.43",
"5.15.0-1041.45",
"5.15.0-1044.48",
"5.15.0-1046.50",
"5.15.0-1050.54",
"5.15.0-1051.55",
"5.15.0-1052.56",
"5.15.0-1053.57",
"5.15.0-1054.58",
"5.15.0-1055.59",
"5.15.0-1056.60",
"5.15.0-1057.61",
"5.15.0-1059.63",
"5.15.0-1060.64",
"5.15.0-1061.65",
"5.15.0-1062.66",
"5.15.0-1063.67",
"5.15.0-1064.68",
"5.15.0-1065.69",
"5.15.0-1067.71",
"5.15.0-1068.72",
"5.15.0-1069.73",
"5.15.0-1070.74",
"5.15.0-1074.78"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-bluefield-cloud-tools-common",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-bluefield-headers-5.15.0-1095",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-bluefield-tools-5.15.0-1095",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-bluefield-tools-host",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-buildinfo-5.15.0-1095-bluefield",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-headers-5.15.0-1095-bluefield",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1095-bluefield",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-modules-5.15.0-1095-bluefield",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-modules-extra-5.15.0-1095-bluefield",
"binary_version": "5.15.0-1095.97"
},
{
"binary_name": "linux-tools-5.15.0-1095-bluefield",
"binary_version": "5.15.0-1095.97"
}
]
},
"package": {
"ecosystem": "Ubuntu:Nvidia-BlueField:22.04:LTS",
"name": "linux-bluefield",
"purl": "pkg:deb/ubuntu/linux-bluefield@5.15.0-1095.97?arch=source\u0026distro=bluefield/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1011.13",
"5.15.0-1014.16",
"5.15.0-1015.17",
"5.15.0-1017.19",
"5.15.0-1019.21",
"5.15.0-1021.23",
"5.15.0-1022.24",
"5.15.0-1023.25",
"5.15.0-1024.26",
"5.15.0-1027.29",
"5.15.0-1028.30",
"5.15.0-1031.33",
"5.15.0-1032.34",
"5.15.0-1033.35",
"5.15.0-1035.37",
"5.15.0-1036.38",
"5.15.0-1037.39",
"5.15.0-1038.40",
"5.15.0-1040.42",
"5.15.0-1042.44",
"5.15.0-1043.45",
"5.15.0-1044.46",
"5.15.0-1045.47",
"5.15.0-1047.49",
"5.15.0-1048.50",
"5.15.0-1050.52",
"5.15.0-1051.53",
"5.15.0-1052.54",
"5.15.0-1053.55",
"5.15.0-1054.56",
"5.15.0-1056.58",
"5.15.0-1057.59",
"5.15.0-1058.60",
"5.15.0-1059.61",
"5.15.0-1060.62",
"5.15.0-1061.63",
"5.15.0-1062.64",
"5.15.0-1063.65",
"5.15.0-1064.66",
"5.15.0-1065.67",
"5.15.0-1066.68",
"5.15.0-1067.69",
"5.15.0-1069.71",
"5.15.0-1070.72",
"5.15.0-1072.74",
"5.15.0-1074.76",
"5.15.0-1075.77",
"5.15.0-1076.78",
"5.15.0-1077.79",
"5.15.0-1079.81",
"5.15.0-1080.82",
"5.15.0-1081.83",
"5.15.0-1082.84",
"5.15.0-1083.85",
"5.15.0-1084.86",
"5.15.0-1085.87",
"5.15.0-1086.88",
"5.15.0-1087.89",
"5.15.0-1089.91",
"5.15.0-1090.92",
"5.15.0-1092.94",
"5.15.0-1093.95",
"5.15.0-1095.97"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-fips-cloud-tools-5.15.0-1051",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-aws-fips-headers-5.15.0-1051",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-aws-fips-tools-5.15.0-1051",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-headers-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-modules-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
},
{
"binary_name": "linux-tools-5.15.0-1051-aws-fips",
"binary_version": "5.15.0-1051.56+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-preview:22.04:LTS",
"name": "linux-aws-fips",
"purl": "pkg:deb/ubuntu/linux-aws-fips@5.15.0-1051.56+fips1?arch=source\u0026distro=fips-preview/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1042.47+fips1",
"5.15.0-1051.56+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-5.15.0-1053",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-azure-fips-headers-5.15.0-1053",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-azure-fips-tools-5.15.0-1053",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-headers-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-modules-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
},
{
"binary_name": "linux-tools-5.15.0-1053-azure-fips",
"binary_version": "5.15.0-1053.61+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-preview:22.04:LTS",
"name": "linux-azure-fips",
"purl": "pkg:deb/ubuntu/linux-azure-fips@5.15.0-1053.61+fips1?arch=source\u0026distro=fips-preview/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1053.61+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-fips-headers-5.15.0-73",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-fips-tools-5.15.0-73",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-fips-tools-host",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-headers-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-modules-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
},
{
"binary_name": "linux-tools-5.15.0-73-fips",
"binary_version": "5.15.0-73.80+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-preview:22.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@5.15.0-73.80+fips1?arch=source\u0026distro=fips-preview/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-73.80+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1048-gcp-fips",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-gcp-fips-headers-5.15.0-1048",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-gcp-fips-tools-5.15.0-1048",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-headers-5.15.0-1048-gcp-fips",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1048-gcp-fips",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-1048-gcp-fips",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-modules-5.15.0-1048-gcp-fips",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1048-gcp-fips",
"binary_version": "5.15.0-1048.56+fips1"
},
{
"binary_name": "linux-tools-5.15.0-1048-gcp-fips",
"binary_version": "5.15.0-1048.56+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-preview:22.04:LTS",
"name": "linux-gcp-fips",
"purl": "pkg:deb/ubuntu/linux-gcp-fips@5.15.0-1048.56+fips1?arch=source\u0026distro=fips-preview/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1048.56+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-fips-cloud-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-aws-fips-headers-5.15.0-1111",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-aws-fips-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-headers-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-modules-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
},
{
"binary_name": "linux-tools-5.15.0-1111-aws-fips",
"binary_version": "5.15.0-1111.118+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:22.04:LTS",
"name": "linux-aws-fips",
"purl": "pkg:deb/ubuntu/linux-aws-fips@5.15.0-1111.118+fips1?arch=source\u0026distro=fips-updates/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1051.56+fips1",
"5.15.0-1052.57+fips1",
"5.15.0-1053.58+fips1",
"5.15.0-1055.60+fips1",
"5.15.0-1056.61+fips1",
"5.15.0-1057.63+fips1",
"5.15.0-1060.66+fips1",
"5.15.0-1061.67+fips1",
"5.15.0-1062.68+fips1",
"5.15.0-1063.69+fips1",
"5.15.0-1064.70+fips1",
"5.15.0-1065.71+fips1",
"5.15.0-1066.72+fips1",
"5.15.0-1067.73+fips1",
"5.15.0-1068.74+fips1",
"5.15.0-1069.75+fips1",
"5.15.0-1070.76+fips1",
"5.15.0-1071.77+fips1",
"5.15.0-1072.78+fips1",
"5.15.0-1073.79+fips1",
"5.15.0-1076.83+fips1",
"5.15.0-1077.84+fips1",
"5.15.0-1078.85+fips1",
"5.15.0-1079.86+fips1",
"5.15.0-1080.87+fips1",
"5.15.0-1081.88+fips1",
"5.15.0-1082.89+fips1",
"5.15.0-1083.90+fips1",
"5.15.0-1084.91+fips1",
"5.15.0-1085.92+fips1",
"5.15.0-1086.93+fips1",
"5.15.0-1087.94+fips1",
"5.15.0-1088.95+fips1",
"5.15.0-1089.96+fips1",
"5.15.0-1090.97+fips1",
"5.15.0-1091.98+fips1",
"5.15.0-1092.99+fips1",
"5.15.0-1093.100+fips1",
"5.15.0-1095.102+fips1",
"5.15.0-1096.103+fips1",
"5.15.0-1097.104+fips1",
"5.15.0-1098.105+fips1",
"5.15.0-1099.106+fips1",
"5.15.0-1100.107+fips1",
"5.15.0-1101.108+fips1",
"5.15.0-1103.110+fips1",
"5.15.0-1104.111+fips1",
"5.15.0-1105.112+fips1",
"5.15.0-1106.113+fips1",
"5.15.0-1108.115+fips1",
"5.15.0-1109.116+fips1",
"5.15.0-1111.118+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-5.15.0-1114",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-azure-fips-headers-5.15.0-1114",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-azure-fips-tools-5.15.0-1114",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-buildinfo-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-headers-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-modules-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-modules-involflt-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
},
{
"binary_name": "linux-tools-5.15.0-1114-azure-fips",
"binary_version": "5.15.0-1114.123+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:22.04:LTS",
"name": "linux-azure-fips",
"purl": "pkg:deb/ubuntu/linux-azure-fips@5.15.0-1114.123+fips1?arch=source\u0026distro=fips-updates/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1053.61+fips1",
"5.15.0-1058.66+fips1",
"5.15.0-1059.67+fips1",
"5.15.0-1060.69+fips1",
"5.15.0-1061.70+fips1",
"5.15.0-1063.72+fips1",
"5.15.0-1064.73+fips1",
"5.15.0-1065.74+fips1",
"5.15.0-1067.76+fips1",
"5.15.0-1068.77+fips1",
"5.15.0-1070.79+fips1",
"5.15.0-1071.80+fips1",
"5.15.0-1072.81+fips1",
"5.15.0-1073.82+fips1",
"5.15.0-1074.83+fips1",
"5.15.0-1075.84+fips1",
"5.15.0-1078.87+fips1",
"5.15.0-1079.88+fips1",
"5.15.0-1080.89+fips1",
"5.15.0-1082.91+fips1",
"5.15.0-1083.92+fips1",
"5.15.0-1085.94+fips1",
"5.15.0-1087.96+fips1",
"5.15.0-1088.97+fips1",
"5.15.0-1089.98+fips1",
"5.15.0-1090.99+fips1",
"5.15.0-1091.100+fips1",
"5.15.0-1094.103+fips1",
"5.15.0-1095.104+fips1",
"5.15.0-1096.105+fips1",
"5.15.0-1097.106+fips1",
"5.15.0-1098.107+fips1",
"5.15.0-1101.110+fips1",
"5.15.0-1102.111+fips1",
"5.15.0-1103.112+fips1",
"5.15.0-1109.118+fips1",
"5.15.0-1110.119+fips1",
"5.15.0-1111.120+fips1",
"5.15.0-1114.123+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-cloud-tools-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-fips-cloud-tools-5.15.0-185",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-fips-headers-5.15.0-185",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-fips-tools-5.15.0-185",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-headers-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-modules-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
},
{
"binary_name": "linux-tools-5.15.0-185-fips",
"binary_version": "5.15.0-185.195+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:22.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@5.15.0-185.195+fips1?arch=source\u0026distro=fips-updates/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-73.80+fips1",
"5.15.0-92.102+fips1",
"5.15.0-94.104+fips1",
"5.15.0-97.107+fips1",
"5.15.0-100.110+fips1",
"5.15.0-101.111+fips1",
"5.15.0-102.112+fips1",
"5.15.0-105.115+fips1",
"5.15.0-106.116+fips1",
"5.15.0-107.117+fips1",
"5.15.0-111.121+fips1",
"5.15.0-113.123+fips1",
"5.15.0-115.125+fips1",
"5.15.0-117.127+fips1",
"5.15.0-118.128+fips1",
"5.15.0-119.129+fips1",
"5.15.0-121.131+fips1",
"5.15.0-122.132+fips1",
"5.15.0-124.134+fips1",
"5.15.0-125.135+fips1",
"5.15.0-127.137+fips1",
"5.15.0-128.138+fips1",
"5.15.0-130.140+fips1",
"5.15.0-131.141+fips1",
"5.15.0-133.144+fips1",
"5.15.0-134.145+fips1",
"5.15.0-135.146+fips1",
"5.15.0-136.147+fips1",
"5.15.0-138.148+fips1",
"5.15.0-139.149+fips1",
"5.15.0-140.150+fips1",
"5.15.0-141.151+fips1",
"5.15.0-142.152+fips1",
"5.15.0-143.153+fips1",
"5.15.0-144.157+fips1",
"5.15.0-145.158+fips1",
"5.15.0-152.162+fips1",
"5.15.0-153.163+fips1",
"5.15.0-156.166+fips1",
"5.15.0-157.167+fips1",
"5.15.0-160.170+fips1",
"5.15.0-161.171+fips1",
"5.15.0-163.173+fips1",
"5.15.0-164.174+fips1",
"5.15.0-168.178+fips1",
"5.15.0-170.180+fips1",
"5.15.0-171.181+fips1",
"5.15.0-173.183+fips1",
"5.15.0-174.184+fips1",
"5.15.0-176.186+fips1",
"5.15.0-177.187+fips1",
"5.15.0-179.189+fips1",
"5.15.0-181.191+fips1",
"5.15.0-185.195+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1111-gcp-fips",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-gcp-fips-headers-5.15.0-1111",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-gcp-fips-tools-5.15.0-1111",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-headers-5.15.0-1111-gcp-fips",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1111-gcp-fips",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-5.15.0-1111-gcp-fips",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-modules-5.15.0-1111-gcp-fips",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-modules-extra-5.15.0-1111-gcp-fips",
"binary_version": "5.15.0-1111.121+fips1"
},
{
"binary_name": "linux-tools-5.15.0-1111-gcp-fips",
"binary_version": "5.15.0-1111.121+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:22.04:LTS",
"name": "linux-gcp-fips",
"purl": "pkg:deb/ubuntu/linux-gcp-fips@5.15.0-1111.121+fips1?arch=source\u0026distro=fips-updates/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1048.56+fips1",
"5.15.0-1055.63+fips2",
"5.15.0-1058.66+fips1",
"5.15.0-1059.67+fips1",
"5.15.0-1060.68+fips1",
"5.15.0-1062.70+fips1",
"5.15.0-1063.71+fips1",
"5.15.0-1064.72+fips1",
"5.15.0-1065.73+fips1",
"5.15.0-1066.74+fips1",
"5.15.0-1067.75+fips1",
"5.15.0-1068.76+fips1",
"5.15.0-1069.77+fips1",
"5.15.0-1070.78+fips1",
"5.15.0-1071.79+fips1",
"5.15.0-1072.80+fips1",
"5.15.0-1073.81+fips1",
"5.15.0-1074.83+fips1",
"5.15.0-1075.84+fips1",
"5.15.0-1077.86+fips1",
"5.15.0-1078.87+fips1",
"5.15.0-1079.88+fips1",
"5.15.0-1080.89+fips1",
"5.15.0-1081.90+fips1",
"5.15.0-1082.91+fips1",
"5.15.0-1083.92+fips1",
"5.15.0-1084.93+fips1",
"5.15.0-1085.94+fips1",
"5.15.0-1086.95+fips1",
"5.15.0-1087.96+fips1",
"5.15.0-1088.97+fips1",
"5.15.0-1090.99+fips1",
"5.15.0-1091.100+fips1",
"5.15.0-1092.101+fips1",
"5.15.0-1093.102+fips1",
"5.15.0-1095.104+fips1",
"5.15.0-1096.105+fips1",
"5.15.0-1097.106+fips1",
"5.15.0-1098.107+fips1",
"5.15.0-1099.108+fips1",
"5.15.0-1100.109+fips1",
"5.15.0-1101.110+fips1",
"5.15.0-1103.112+fips1",
"5.15.0-1104.113+fips1",
"5.15.0-1105.114+fips1",
"5.15.0-1106.115+fips1",
"5.15.0-1108.117+fips1",
"5.15.0-1109.118+fips1",
"5.15.0-1111.121+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1103-intel-iot-realtime",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1103-intel-iot-realtime",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-headers-5.15.0-1103-intel-iot-realtime",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1103-intel-iot-realtime",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-5.15.0-1103",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-common",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-intel-iot-realtime-headers-5.15.0-1103",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-intel-iot-realtime-tools-5.15.0-1103",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-intel-iot-realtime-tools-common",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-intel-iot-realtime-tools-host",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-modules-5.15.0-1103-intel-iot-realtime",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-modules-extra-5.15.0-1103-intel-iot-realtime",
"binary_version": "5.15.0-1103.105"
},
{
"binary_name": "linux-tools-5.15.0-1103-intel-iot-realtime",
"binary_version": "5.15.0-1103.105"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:Realtime:22.04:LTS",
"name": "linux-intel-iot-realtime",
"purl": "pkg:deb/ubuntu/linux-intel-iot-realtime@5.15.0-1103.105?arch=source\u0026distro=realtime/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1021.26",
"5.15.0-1022.27",
"5.15.0-1023.28",
"5.15.0-1024.29",
"5.15.0-1028.33",
"5.15.0-1033.35",
"5.15.0-1034.36",
"5.15.0-1035.37",
"5.15.0-1036.38",
"5.15.0-1037.39",
"5.15.0-1038.40",
"5.15.0-1039.41",
"5.15.0-1040.42",
"5.15.0-1041.43",
"5.15.0-1042.44",
"5.15.0-1043.45",
"5.15.0-1044.46",
"5.15.0-1046.48",
"5.15.0-1047.49",
"5.15.0-1048.50",
"5.15.0-1049.51",
"5.15.0-1050.52",
"5.15.0-1053.55",
"5.15.0-1054.56",
"5.15.0-1055.57",
"5.15.0-1056.58",
"5.15.0-1057.59",
"5.15.0-1058.60",
"5.15.0-1059.61",
"5.15.0-1060.62",
"5.15.0-1061.63",
"5.15.0-1063.65",
"5.15.0-1064.66",
"5.15.0-1066.68",
"5.15.0-1071.73",
"5.15.0-1072.74",
"5.15.0-1073.75",
"5.15.0-1074.76",
"5.15.0-1075.77",
"5.15.0-1076.78",
"5.15.0-1077.79",
"5.15.0-1078.80",
"5.15.0-1079.81",
"5.15.0-1080.82",
"5.15.0-1081.83",
"5.15.0-1082.84",
"5.15.0-1083.85",
"5.15.0-1084.86",
"5.15.0-1085.87",
"5.15.0-1086.88",
"5.15.0-1087.89",
"5.15.0-1088.90",
"5.15.0-1089.91",
"5.15.0-1090.92",
"5.15.0-1091.93",
"5.15.0-1092.94",
"5.15.0-1093.95",
"5.15.0-1094.96",
"5.15.0-1096.98",
"5.15.0-1097.99",
"5.15.0-1098.100",
"5.15.0-1099.101",
"5.15.0-1100.102",
"5.15.0-1101.103",
"5.15.0-1103.105"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-headers-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-modules-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-modules-extra-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-modules-iwlwifi-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-realtime-cloud-tools-5.15.0-1110",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-realtime-cloud-tools-common",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-realtime-headers-5.15.0-1110",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-realtime-tools-5.15.0-1110",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-realtime-tools-common",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-realtime-tools-host",
"binary_version": "5.15.0-1110.119"
},
{
"binary_name": "linux-tools-5.15.0-1110-realtime",
"binary_version": "5.15.0-1110.119"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:Realtime:22.04:LTS",
"name": "linux-realtime",
"purl": "pkg:deb/ubuntu/linux-realtime@5.15.0-1110.119?arch=source\u0026distro=realtime/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"5.15.0-1006.6",
"5.15.0-1007.7",
"5.15.0-1009.9",
"5.15.0-1011.11",
"5.15.0-1014.14",
"5.15.0-1015.15",
"5.15.0-1016.16",
"5.15.0-1019.19",
"5.15.0-1020.20",
"5.15.0-1021.21",
"5.15.0-1022.22",
"5.15.0-1024.25",
"5.15.0-1025.28",
"5.15.0-1028.31",
"5.15.0-1029.32",
"5.15.0-1030.33",
"5.15.0-1032.35",
"5.15.0-1033.36",
"5.15.0-1034.37",
"5.15.0-1036.39",
"5.15.0-1037.40",
"5.15.0-1038.41",
"5.15.0-1039.42",
"5.15.0-1040.45",
"5.15.0-1041.46",
"5.15.0-1042.47",
"5.15.0-1043.48",
"5.15.0-1044.49",
"5.15.0-1045.50",
"5.15.0-1046.52",
"5.15.0-1048.54",
"5.15.0-1049.55",
"5.15.0-1050.56",
"5.15.0-1051.57",
"5.15.0-1052.58",
"5.15.0-1053.59",
"5.15.0-1054.60",
"5.15.0-1055.62",
"5.15.0-1056.63",
"5.15.0-1057.64",
"5.15.0-1058.66",
"5.15.0-1061.69",
"5.15.0-1062.70",
"5.15.0-1063.71",
"5.15.0-1064.72",
"5.15.0-1065.73",
"5.15.0-1066.74",
"5.15.0-1067.75",
"5.15.0-1068.76",
"5.15.0-1069.77",
"5.15.0-1070.78",
"5.15.0-1071.79",
"5.15.0-1072.80",
"5.15.0-1073.81",
"5.15.0-1074.82",
"5.15.0-1075.83",
"5.15.0-1076.84",
"5.15.0-1077.85",
"5.15.0-1078.86",
"5.15.0-1079.87",
"5.15.0-1080.88",
"5.15.0-1081.89",
"5.15.0-1082.91",
"5.15.0-1083.92",
"5.15.0-1084.93",
"5.15.0-1085.94",
"5.15.0-1086.95",
"5.15.0-1087.96",
"5.15.0-1088.97",
"5.15.0-1089.98",
"5.15.0-1090.99",
"5.15.0-1091.100",
"5.15.0-1092.101",
"5.15.0-1093.102",
"5.15.0-1094.103",
"5.15.0-1095.104",
"5.15.0-1096.105",
"5.15.0-1097.106",
"5.15.0-1098.107",
"5.15.0-1099.108",
"5.15.0-1100.109",
"5.15.0-1102.111",
"5.15.0-1103.112",
"5.15.0-1104.113",
"5.15.0-1105.114",
"5.15.0-1107.116",
"5.15.0-1108.117",
"5.15.0-1110.119"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-cloud-tools-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-headers-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-image-unsigned-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-modules-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-modules-extra-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-realtime-6.8-cloud-tools-6.8.1-1055",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-realtime-6.8-headers-6.8.1-1055",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-realtime-6.8-tools-6.8.1-1055",
"binary_version": "6.8.1-1055.56~22.04.1"
},
{
"binary_name": "linux-tools-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56~22.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:Realtime:22.04:LTS",
"name": "linux-realtime-6.8",
"purl": "pkg:deb/ubuntu/linux-realtime-6.8@6.8.1-1055.56~22.04.1?arch=source\u0026distro=realtime/jammy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.1-1004.4~22.04.1",
"6.8.1-1005.5~22.04.2",
"6.8.1-1006.6~22.04.1",
"6.8.1-1007.7~22.04.1",
"6.8.1-1008.8~22.04.1",
"6.8.1-1009.9~22.04.1",
"6.8.1-1010.10~22.04.1",
"6.8.1-1011.11~22.04.1",
"6.8.1-1012.12~22.04.1",
"6.8.1-1013.14~22.04.1",
"6.8.1-1014.15~22.04.1",
"6.8.1-1015.16~22.04.1",
"6.8.1-1016.17~22.04.1",
"6.8.1-1017.18~22.04.1",
"6.8.1-1018.19~22.04.1",
"6.8.1-1019.20~22.04.1",
"6.8.1-1020.21~22.04.1",
"6.8.1-1021.22~22.04.1",
"6.8.1-1022.23~22.04.1",
"6.8.1-1023.24~22.04.1",
"6.8.1-1024.25~22.04.1",
"6.8.1-1025.26~22.04.1",
"6.8.1-1026.27~22.04.1",
"6.8.1-1030.31~22.04.1",
"6.8.1-1031.32~22.04.1",
"6.8.1-1034.35~22.04.1",
"6.8.1-1035.36~22.04.1",
"6.8.1-1036.37~22.04.1",
"6.8.1-1037.38~22.04.1",
"6.8.1-1038.39~22.04.1",
"6.8.1-1039.40~22.04.1",
"6.8.1-1040.41~22.04.1",
"6.8.1-1041.42~22.04.1",
"6.8.1-1042.43~22.04.1",
"6.8.1-1045.46~22.04.1",
"6.8.1-1046.47~22.04.2",
"6.8.1-1047.48~22.04.1",
"6.8.1-1048.49~22.04.1",
"6.8.1-1051.52~22.04.1",
"6.8.1-1052.53~22.04.1",
"6.8.1-1055.56~22.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-buildinfo-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-cloud-tools-6.8.0-134",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-cloud-tools-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-cloud-tools-common",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-headers-6.8.0-134",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-headers-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-headers-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-image-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-lib-rust-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-modules-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-modules-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-modules-extra-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-modules-ipu6-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-modules-usbio-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-source-6.8.0",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-tools-6.8.0-134",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-tools-6.8.0-134-generic",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-tools-6.8.0-134-generic-64k",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-tools-common",
"binary_version": "6.8.0-134.134"
},
{
"binary_name": "linux-tools-host",
"binary_version": "6.8.0-134.134"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux",
"purl": "pkg:deb/ubuntu/linux@6.8.0-134.134?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-9.9",
"6.6.0-14.14",
"6.8.0-11.11",
"6.8.0-20.20",
"6.8.0-22.22",
"6.8.0-28.28",
"6.8.0-31.31",
"6.8.0-35.35",
"6.8.0-36.36",
"6.8.0-38.38",
"6.8.0-39.39",
"6.8.0-40.40",
"6.8.0-41.41",
"6.8.0-44.44",
"6.8.0-45.45",
"6.8.0-47.47",
"6.8.0-48.48",
"6.8.0-49.49",
"6.8.0-50.51",
"6.8.0-51.52",
"6.8.0-52.53",
"6.8.0-53.55",
"6.8.0-54.56",
"6.8.0-55.57",
"6.8.0-56.58",
"6.8.0-57.59",
"6.8.0-58.60",
"6.8.0-59.61",
"6.8.0-60.63",
"6.8.0-62.65",
"6.8.0-63.66",
"6.8.0-64.67",
"6.8.0-71.71",
"6.8.0-78.78",
"6.8.0-79.79",
"6.8.0-83.83",
"6.8.0-84.84",
"6.8.0-85.85",
"6.8.0-86.87",
"6.8.0-87.88",
"6.8.0-88.89",
"6.8.0-90.91",
"6.8.0-94.96",
"6.8.0-100.100",
"6.8.0-101.101",
"6.8.0-106.106",
"6.8.0-107.107",
"6.8.0-110.110",
"6.8.0-111.111",
"6.8.0-117.117",
"6.8.0-124.124",
"6.8.0-134.134"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-aws-headers-6.8.0-1060",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-aws-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-buildinfo-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-buildinfo-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-headers-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-headers-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-modules-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-modules-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-modules-extra-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-modules-extra-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-tools-6.8.0-1060-aws",
"binary_version": "6.8.0-1060.63"
},
{
"binary_name": "linux-tools-6.8.0-1060-aws-64k",
"binary_version": "6.8.0-1060.63"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@6.8.0-1060.63?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1008.8",
"6.6.0-1001.1",
"6.8.0-1001.1",
"6.8.0-1006.6",
"6.8.0-1008.8",
"6.8.0-1009.9",
"6.8.0-1010.10",
"6.8.0-1011.12",
"6.8.0-1012.13",
"6.8.0-1013.14",
"6.8.0-1014.15",
"6.8.0-1015.16",
"6.8.0-1016.17",
"6.8.0-1017.18",
"6.8.0-1018.20",
"6.8.0-1019.21",
"6.8.0-1020.22",
"6.8.0-1021.23",
"6.8.0-1023.25",
"6.8.0-1024.26",
"6.8.0-1025.27",
"6.8.0-1026.28",
"6.8.0-1027.29",
"6.8.0-1028.30",
"6.8.0-1029.31",
"6.8.0-1030.32",
"6.8.0-1031.33",
"6.8.0-1032.34",
"6.8.0-1033.35",
"6.8.0-1035.37",
"6.8.0-1036.38",
"6.8.0-1038.40",
"6.8.0-1039.41",
"6.8.0-1040.42",
"6.8.0-1041.43",
"6.8.0-1042.44",
"6.8.0-1043.45",
"6.8.0-1044.46",
"6.8.0-1045.47",
"6.8.0-1046.49",
"6.8.0-1047.50",
"6.8.0-1050.53",
"6.8.0-1051.54",
"6.8.0-1052.55",
"6.8.0-1053.56",
"6.8.0-1055.58",
"6.8.0-1057.60",
"6.8.0-1060.63"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-6.14-cloud-tools-6.14.0-1018",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-aws-6.14-headers-6.14.0-1018",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-aws-6.14-tools-6.14.0-1018",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.14.0-1018-aws",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.14.0-1018-aws-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.14.0-1018-aws",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.14.0-1018-aws-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1018-aws",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1018-aws-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1018-aws",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1018-aws-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1018-aws",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1018-aws-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1018-aws",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1018-aws-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1018-aws",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1018-aws-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-aws-6.14",
"purl": "pkg:deb/ubuntu/linux-aws-6.14@6.14.0-1018.18~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1007.7~24.04.1",
"6.14.0-1009.9~24.04.1",
"6.14.0-1010.10~24.04.1",
"6.14.0-1011.11~24.04.1",
"6.14.0-1012.12~24.04.1",
"6.14.0-1013.13~24.04.1",
"6.14.0-1014.14~24.04.1",
"6.14.0-1015.15~24.04.1",
"6.14.0-1016.16~24.04.1",
"6.14.0-1017.17~24.04.1",
"6.14.0-1018.18~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-6.17-cloud-tools-6.17.0-1019",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-aws-6.17-headers-6.17.0-1019",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-aws-6.17-tools-6.17.0-1019",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-aws-6.17",
"purl": "pkg:deb/ubuntu/linux-aws-6.17@6.17.0-1019.19~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1005.5~24.04.2",
"6.17.0-1007.7~24.04.1",
"6.17.0-1009.9~24.04.2",
"6.17.0-1010.10~24.04.1",
"6.17.0-1012.12~24.04.1",
"6.17.0-1013.13~24.04.1",
"6.17.0-1015.15~24.04.1",
"6.17.0-1017.17~24.04.1",
"6.17.0-1019.19~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-6.8.0-1062",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-azure-headers-6.8.0-1062",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-azure-tools-6.8.0-1062",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-buildinfo-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-headers-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-modules-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-modules-extra-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-modules-involflt-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
},
{
"binary_name": "linux-tools-6.8.0-1062-azure",
"binary_version": "6.8.0-1062.69"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@6.8.0-1062.69?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1007.7",
"6.6.0-1001.1",
"6.8.0-1001.1",
"6.8.0-1005.5",
"6.8.0-1006.6",
"6.8.0-1007.7",
"6.8.0-1008.8",
"6.8.0-1009.9",
"6.8.0-1010.10",
"6.8.0-1012.14",
"6.8.0-1013.15",
"6.8.0-1014.16",
"6.8.0-1015.17",
"6.8.0-1016.18",
"6.8.0-1017.20",
"6.8.0-1018.21",
"6.8.0-1020.23",
"6.8.0-1021.25",
"6.8.0-1025.30",
"6.8.0-1026.31",
"6.8.0-1027.32",
"6.8.0-1028.33",
"6.8.0-1029.34",
"6.8.0-1030.35",
"6.8.0-1031.36",
"6.8.0-1034.39",
"6.8.0-1038.44",
"6.8.0-1040.46",
"6.8.0-1041.47",
"6.8.0-1042.48",
"6.8.0-1044.50",
"6.8.0-1046.52",
"6.8.0-1051.57",
"6.8.0-1052.58",
"6.8.0-1054.60",
"6.8.0-1056.62",
"6.8.0-1058.64",
"6.8.0-1059.65",
"6.8.0-1062.69"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-6.11-cloud-tools-6.11.0-1018",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-azure-6.11-headers-6.11.0-1018",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-azure-6.11-tools-6.11.0-1018",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-headers-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
},
{
"binary_name": "linux-tools-6.11.0-1018-azure",
"binary_version": "6.11.0-1018.18~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-6.11",
"purl": "pkg:deb/ubuntu/linux-azure-6.11@6.11.0-1018.18~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.11.0-1008.8~24.04.1",
"6.11.0-1012.12~24.04.1",
"6.11.0-1013.13~24.04.1",
"6.11.0-1014.14~24.04.1",
"6.11.0-1015.15~24.04.1",
"6.11.0-1017.17~24.04.1",
"6.11.0-1018.18~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-6.14-cloud-tools-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-azure-6.14-headers-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-azure-6.14-tools-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.14.0-1017-azure",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.14.0-1017-azure",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1017-azure",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1017-azure",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1017-azure",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1017-azure",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1017-azure",
"binary_version": "6.14.0-1017.17~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-6.14",
"purl": "pkg:deb/ubuntu/linux-azure-6.14@6.14.0-1017.17~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1010.10~24.04.1",
"6.14.0-1012.12~24.04.1",
"6.14.0-1013.13~24.04.1",
"6.14.0-1014.14~24.04.1",
"6.14.0-1017.17~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-6.17-cloud-tools-6.17.0-1020",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-azure-6.17-headers-6.17.0-1020",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-azure-6.17-tools-6.17.0-1020",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-6.17",
"purl": "pkg:deb/ubuntu/linux-azure-6.17@6.17.0-1020.20~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1008.8~24.04.1",
"6.17.0-1010.10~24.04.1",
"6.17.0-1011.11~24.04.2",
"6.17.0-1013.13~24.04.1",
"6.17.0-1015.15~24.04.1",
"6.17.0-1017.17~24.04.1",
"6.17.0-1018.18~24.04.1",
"6.17.0-1020.20~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-cloud-tools-6.8.0-1061",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-azure-fde-headers-6.8.0-1061",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-azure-fde-tools-6.8.0-1061",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-buildinfo-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-headers-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-modules-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-modules-extra-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-modules-involflt-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
},
{
"binary_name": "linux-tools-6.8.0-1061-azure-fde",
"binary_version": "6.8.0-1061.68"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-fde",
"purl": "pkg:deb/ubuntu/linux-azure-fde@6.8.0-1061.68?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1041.48",
"6.8.0-1044.51",
"6.8.0-1046.53",
"6.8.0-1053.60",
"6.8.0-1058.65",
"6.8.0-1061.68"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-6.14-cloud-tools-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-azure-fde-6.14-headers-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-azure-fde-6.14-tools-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.14.0-1017-azure-fde",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.14.0-1017-azure-fde",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1017-azure-fde",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1017-azure-fde",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1017-azure-fde",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1017-azure-fde",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1017-azure-fde",
"binary_version": "6.14.0-1017.17~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-fde-6.14",
"purl": "pkg:deb/ubuntu/linux-azure-fde-6.14@6.14.0-1017.17~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1012.12~24.04.1",
"6.14.0-1013.13~24.04.1",
"6.14.0-1014.14~24.04.1",
"6.14.0-1015.15~24.04.1",
"6.14.0-1017.17~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-6.17-cloud-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-azure-fde-6.17-headers-6.17.0-1017",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-azure-fde-6.17-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-fde-6.17",
"purl": "pkg:deb/ubuntu/linux-azure-fde-6.17@6.17.0-1017.17~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1005.5~24.04.1",
"6.17.0-1010.10~24.04.1",
"6.17.0-1015.15~24.04.1",
"6.17.0-1017.17~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-nvidia-cloud-tools-6.8.0-1029",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-azure-nvidia-headers-6.8.0-1029",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-azure-nvidia-tools-6.8.0-1029",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-buildinfo-6.8.0-1029-azure-nvidia",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1029-azure-nvidia",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-headers-6.8.0-1029-azure-nvidia",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1029-azure-nvidia",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-modules-6.8.0-1029-azure-nvidia",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-modules-extra-6.8.0-1029-azure-nvidia",
"binary_version": "6.8.0-1029.32"
},
{
"binary_name": "linux-tools-6.8.0-1029-azure-nvidia",
"binary_version": "6.8.0-1029.32"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-nvidia",
"purl": "pkg:deb/ubuntu/linux-azure-nvidia@6.8.0-1029.32?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1013.14",
"6.8.0-1014.15",
"6.8.0-1016.17",
"6.8.0-1018.19",
"6.8.0-1019.20",
"6.8.0-1022.23",
"6.8.0-1025.27",
"6.8.0-1027.30",
"6.8.0-1029.32"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-nvidia-6.14-cloud-tools-6.14.0-1007",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-azure-nvidia-6.14-headers-6.14.0-1007",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-azure-nvidia-6.14-tools-6.14.0-1007",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-buildinfo-6.14.0-1007-azure-nvidia",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-cloud-tools-6.14.0-1007-azure-nvidia",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-headers-6.14.0-1007-azure-nvidia",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1007-azure-nvidia",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-modules-6.14.0-1007-azure-nvidia",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-modules-extra-6.14.0-1007-azure-nvidia",
"binary_version": "6.14.0-1007.7"
},
{
"binary_name": "linux-tools-6.14.0-1007-azure-nvidia",
"binary_version": "6.14.0-1007.7"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-azure-nvidia-6.14",
"purl": "pkg:deb/ubuntu/linux-azure-nvidia-6.14@6.14.0-1007.7?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1003.3",
"6.14.0-1006.6",
"6.14.0-1007.7"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-buildinfo-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-gcp-headers-6.8.0-1063",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-gcp-tools-6.8.0-1063",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-headers-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-headers-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-modules-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-modules-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-modules-extra-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-modules-extra-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-tools-6.8.0-1063-gcp",
"binary_version": "6.8.0-1063.69"
},
{
"binary_name": "linux-tools-6.8.0-1063-gcp-64k",
"binary_version": "6.8.0-1063.69"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-gcp",
"purl": "pkg:deb/ubuntu/linux-gcp@6.8.0-1063.69?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1007.7",
"6.6.0-1001.1",
"6.8.0-1002.2",
"6.8.0-1005.5",
"6.8.0-1006.6",
"6.8.0-1007.7",
"6.8.0-1008.9",
"6.8.0-1009.10",
"6.8.0-1010.11",
"6.8.0-1011.12",
"6.8.0-1012.13",
"6.8.0-1013.14",
"6.8.0-1014.16",
"6.8.0-1015.17",
"6.8.0-1016.18",
"6.8.0-1017.19",
"6.8.0-1018.20",
"6.8.0-1019.21",
"6.8.0-1020.22",
"6.8.0-1021.23",
"6.8.0-1024.26",
"6.8.0-1025.27",
"6.8.0-1026.28",
"6.8.0-1027.29",
"6.8.0-1028.30",
"6.8.0-1029.31",
"6.8.0-1030.32",
"6.8.0-1031.33",
"6.8.0-1032.34",
"6.8.0-1033.35",
"6.8.0-1034.36",
"6.8.0-1036.38",
"6.8.0-1037.39",
"6.8.0-1039.41",
"6.8.0-1040.42",
"6.8.0-1041.43",
"6.8.0-1042.45",
"6.8.0-1043.46",
"6.8.0-1044.47",
"6.8.0-1045.48",
"6.8.0-1046.49",
"6.8.0-1047.50",
"6.8.0-1048.51",
"6.8.0-1052.55",
"6.8.0-1053.56",
"6.8.0-1054.57",
"6.8.0-1055.58",
"6.8.0-1058.61",
"6.8.0-1060.63",
"6.8.0-1063.69"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.11.0-1017-gcp",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.11.0-1017-gcp-64k",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-gcp-6.11-headers-6.11.0-1017",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-gcp-6.11-lib-rust-6.11.0-1017-gcp",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-gcp-6.11-tools-6.11.0-1017",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-headers-6.11.0-1017-gcp",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-headers-6.11.0-1017-gcp-64k",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1017-gcp",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1017-gcp-64k",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-6.11.0-1017-gcp",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-6.11.0-1017-gcp-64k",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.11.0-1017-gcp",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.11.0-1017-gcp-64k",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-tools-6.11.0-1017-gcp",
"binary_version": "6.11.0-1017.17~24.04.1"
},
{
"binary_name": "linux-tools-6.11.0-1017-gcp-64k",
"binary_version": "6.11.0-1017.17~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-gcp-6.11",
"purl": "pkg:deb/ubuntu/linux-gcp-6.11@6.11.0-1017.17~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.11.0-1006.6~24.04.2",
"6.11.0-1011.11~24.04.1",
"6.11.0-1013.13~24.04.1",
"6.11.0-1014.14~24.04.1",
"6.11.0-1015.15~24.04.1",
"6.11.0-1016.16~24.04.1",
"6.11.0-1017.17~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.14.0-1021-gcp",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.14.0-1021-gcp-64k",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-gcp-6.14-headers-6.14.0-1021",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-gcp-6.14-tools-6.14.0-1021",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1021-gcp",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1021-gcp-64k",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1021-gcp",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1021-gcp-64k",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-lib-rust-6.14.0-1021-gcp",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1021-gcp",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1021-gcp-64k",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1021-gcp",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1021-gcp-64k",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1021-gcp",
"binary_version": "6.14.0-1021.22~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1021-gcp-64k",
"binary_version": "6.14.0-1021.22~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-gcp-6.14",
"purl": "pkg:deb/ubuntu/linux-gcp-6.14@6.14.0-1021.22~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1007.7~24.04.1",
"6.14.0-1011.11~24.04.1",
"6.14.0-1012.12~24.04.1",
"6.14.0-1014.15~24.04.1",
"6.14.0-1015.16~24.04.1",
"6.14.0-1016.17~24.04.1",
"6.14.0-1017.18~24.04.1",
"6.14.0-1018.19~24.04.1",
"6.14.0-1019.20~24.04.1",
"6.14.0-1020.21~24.04.1",
"6.14.0-1021.22~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-gcp-6.17-headers-6.17.0-1020",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-gcp-6.17-tools-6.17.0-1020",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-lib-rust-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-gcp-6.17",
"purl": "pkg:deb/ubuntu/linux-gcp-6.17@6.17.0-1020.22~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1004.4~24.04.3",
"6.17.0-1008.8~24.04.1",
"6.17.0-1009.9~24.04.3",
"6.17.0-1010.10~24.04.1",
"6.17.0-1012.12~24.04.1",
"6.17.0-1013.13~24.04.1",
"6.17.0-1016.17~24.04.1",
"6.17.0-1018.19~24.04.1",
"6.17.0-1020.22~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1058-gke",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-buildinfo-6.8.0-1058-gke-64k",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-gke-headers-6.8.0-1058",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-gke-tools-6.8.0-1058",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-headers-6.8.0-1058-gke",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-headers-6.8.0-1058-gke-64k",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-gke",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-gke-64k",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-modules-6.8.0-1058-gke",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-modules-6.8.0-1058-gke-64k",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-modules-extra-6.8.0-1058-gke",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-modules-extra-6.8.0-1058-gke-64k",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1058-gke",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-tools-6.8.0-1058-gke",
"binary_version": "6.8.0-1058.64"
},
{
"binary_name": "linux-tools-6.8.0-1058-gke-64k",
"binary_version": "6.8.0-1058.64"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-gke",
"purl": "pkg:deb/ubuntu/linux-gke@6.8.0-1058.64?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1003.5",
"6.8.0-1004.7",
"6.8.0-1005.8",
"6.8.0-1006.9",
"6.8.0-1007.10",
"6.8.0-1008.11",
"6.8.0-1009.12",
"6.8.0-1010.13",
"6.8.0-1011.14",
"6.8.0-1012.15",
"6.8.0-1013.17",
"6.8.0-1014.18",
"6.8.0-1015.19",
"6.8.0-1016.20",
"6.8.0-1017.21",
"6.8.0-1019.23",
"6.8.0-1020.24",
"6.8.0-1021.25",
"6.8.0-1022.26",
"6.8.0-1023.27",
"6.8.0-1024.28",
"6.8.0-1025.29",
"6.8.0-1026.30",
"6.8.0-1027.31",
"6.8.0-1028.32",
"6.8.0-1029.33",
"6.8.0-1032.36",
"6.8.0-1033.37",
"6.8.0-1035.39",
"6.8.0-1036.40",
"6.8.0-1037.41",
"6.8.0-1038.43",
"6.8.0-1039.44",
"6.8.0-1040.45",
"6.8.0-1041.46",
"6.8.0-1042.47",
"6.8.0-1043.48",
"6.8.0-1044.49",
"6.8.0-1048.53",
"6.8.0-1049.54",
"6.8.0-1050.56",
"6.8.0-1051.57",
"6.8.0-1054.60",
"6.8.0-1055.61",
"6.8.0-1058.64"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1045-gkeop",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1045-gkeop",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-gkeop-cloud-tools-6.8.0-1045",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-gkeop-headers-6.8.0-1045",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-gkeop-tools-6.8.0-1045",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-headers-6.8.0-1045-gkeop",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1045-gkeop",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-modules-6.8.0-1045-gkeop",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-modules-extra-6.8.0-1045-gkeop",
"binary_version": "6.8.0-1045.48"
},
{
"binary_name": "linux-tools-6.8.0-1045-gkeop",
"binary_version": "6.8.0-1045.48"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-gkeop",
"purl": "pkg:deb/ubuntu/linux-gkeop@6.8.0-1045.48?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1001.3",
"6.8.0-1002.4",
"6.8.0-1003.5",
"6.8.0-1004.6",
"6.8.0-1006.8",
"6.8.0-1007.9",
"6.8.0-1008.10",
"6.8.0-1009.11",
"6.8.0-1010.12",
"6.8.0-1011.13",
"6.8.0-1012.14",
"6.8.0-1013.15",
"6.8.0-1014.16",
"6.8.0-1015.17",
"6.8.0-1016.18",
"6.8.0-1019.21",
"6.8.0-1020.22",
"6.8.0-1022.24",
"6.8.0-1023.25",
"6.8.0-1024.26",
"6.8.0-1025.28",
"6.8.0-1026.29",
"6.8.0-1027.30",
"6.8.0-1028.31",
"6.8.0-1029.32",
"6.8.0-1030.33",
"6.8.0-1031.34",
"6.8.0-1035.38",
"6.8.0-1036.39",
"6.8.0-1037.40",
"6.8.0-1038.41",
"6.8.0-1041.44",
"6.8.0-1042.45",
"6.8.0-1045.48"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.11.0-29-generic-64k",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-headers-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-headers-6.11.0-29-generic-64k",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-hwe-6.11-cloud-tools-6.11.0-29",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-hwe-6.11-headers-6.11.0-29",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-hwe-6.11-lib-rust-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-hwe-6.11-tools-6.11.0-29",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-image-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.11.0-29-generic-64k",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-6.11.0-29-generic-64k",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-ipu6-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-ipu7-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-usbio-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-modules-vision-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-tools-6.11.0-29-generic",
"binary_version": "6.11.0-29.29~24.04.1"
},
{
"binary_name": "linux-tools-6.11.0-29-generic-64k",
"binary_version": "6.11.0-29.29~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-hwe-6.11",
"purl": "pkg:deb/ubuntu/linux-hwe-6.11@6.11.0-29.29~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.11.0-17.17~24.04.2",
"6.11.0-19.19~24.04.1",
"6.11.0-21.21~24.04.1",
"6.11.0-24.24~24.04.1",
"6.11.0-25.25~24.04.1",
"6.11.0-26.26~24.04.1",
"6.11.0-28.28~24.04.1",
"6.11.0-29.29~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.14.0-37-generic-64k",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-37-generic-64k",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-hwe-6.14-cloud-tools-6.14.0-37",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-hwe-6.14-headers-6.14.0-37",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-hwe-6.14-tools-6.14.0-37",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-image-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-37-generic-64k",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-lib-rust-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-37-generic-64k",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-ipu6-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-ipu7-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-usbio-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-modules-vision-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-37-generic",
"binary_version": "6.14.0-37.37~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-37-generic-64k",
"binary_version": "6.14.0-37.37~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-hwe-6.14",
"purl": "pkg:deb/ubuntu/linux-hwe-6.14@6.14.0-37.37~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-24.24~24.04.3",
"6.14.0-27.27~24.04.1",
"6.14.0-28.28~24.04.1",
"6.14.0-29.29~24.04.1",
"6.14.0-32.32~24.04.1",
"6.14.0-33.33~24.04.1",
"6.14.0-34.34~24.04.1",
"6.14.0-35.35~24.04.1",
"6.14.0-36.36~24.04.1",
"6.14.0-37.37~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-hwe-6.17-cloud-tools-6.17.0-40",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-hwe-6.17-headers-6.17.0-40",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-hwe-6.17-tools-6.17.0-40",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-image-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-lib-rust-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-ipu6-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-ipu7-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-usbio-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-modules-vision-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-40-generic",
"binary_version": "6.17.0-40.40~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-hwe-6.17",
"purl": "pkg:deb/ubuntu/linux-hwe-6.17@6.17.0-40.40~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-14.14~24.04.1",
"6.17.0-19.19~24.04.2",
"6.17.0-20.20~24.04.1",
"6.17.0-22.22~24.04.1",
"6.17.0-23.23~24.04.1",
"6.17.0-29.29~24.04.1",
"6.17.0-35.35~24.04.1",
"6.17.0-40.40~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-headers-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-ibm-headers-6.8.0-1060",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-ibm-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-modules-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-modules-extra-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61"
},
{
"binary_name": "linux-tools-6.8.0-1060-ibm",
"binary_version": "6.8.0-1060.61"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-ibm",
"purl": "pkg:deb/ubuntu/linux-ibm@6.8.0-1060.61?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1009.9",
"6.8.0-1001.1",
"6.8.0-1003.3",
"6.8.0-1004.4",
"6.8.0-1005.5",
"6.8.0-1006.6",
"6.8.0-1007.7",
"6.8.0-1008.8",
"6.8.0-1009.9",
"6.8.0-1010.10",
"6.8.0-1011.11",
"6.8.0-1012.12",
"6.8.0-1013.13",
"6.8.0-1014.14",
"6.8.0-1015.15",
"6.8.0-1016.16",
"6.8.0-1017.17",
"6.8.0-1018.18",
"6.8.0-1019.19",
"6.8.0-1022.22",
"6.8.0-1023.23",
"6.8.0-1024.24",
"6.8.0-1025.25",
"6.8.0-1026.26",
"6.8.0-1027.27",
"6.8.0-1028.28",
"6.8.0-1029.29",
"6.8.0-1030.30",
"6.8.0-1033.33",
"6.8.0-1036.36",
"6.8.0-1037.37",
"6.8.0-1038.38",
"6.8.0-1039.39",
"6.8.0-1040.40",
"6.8.0-1041.41",
"6.8.0-1042.42",
"6.8.0-1043.43",
"6.8.0-1044.44",
"6.8.0-1045.45",
"6.8.0-1049.49",
"6.8.0-1050.50",
"6.8.0-1051.51",
"6.8.0-1052.52",
"6.8.0-1055.56",
"6.8.0-1057.58",
"6.8.0-1060.61"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-headers-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-headers-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-lowlatency-cloud-tools-6.8.0-134",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-lowlatency-headers-6.8.0-134",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-lowlatency-lib-rust-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-lowlatency-tools-6.8.0-134",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-modules-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-modules-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-tools-6.8.0-134-lowlatency",
"binary_version": "6.8.0-134.134.1"
},
{
"binary_name": "linux-tools-6.8.0-134-lowlatency-64k",
"binary_version": "6.8.0-134.134.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-lowlatency",
"purl": "pkg:deb/ubuntu/linux-lowlatency@6.8.0-134.134.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-9.9.1",
"6.6.0-14.14.1",
"6.8.0-7.7.1",
"6.8.0-25.25.3",
"6.8.0-28.28.1",
"6.8.0-31.31.1",
"6.8.0-35.35.1",
"6.8.0-36.36.1",
"6.8.0-38.38.1",
"6.8.0-39.39.1",
"6.8.0-40.40.1",
"6.8.0-41.41.1",
"6.8.0-44.44.1",
"6.8.0-45.45.1",
"6.8.0-47.47.1",
"6.8.0-48.48.3",
"6.8.0-49.49.1",
"6.8.0-50.51.1",
"6.8.0-51.52.1",
"6.8.0-52.53.1",
"6.8.0-53.55.2",
"6.8.0-54.56.1",
"6.8.0-55.57.1",
"6.8.0-56.58.1",
"6.8.0-57.59.1",
"6.8.0-58.60.1",
"6.8.0-59.61.1",
"6.8.0-60.63.1",
"6.8.0-62.65.1",
"6.8.0-63.66.1",
"6.8.0-64.67.1",
"6.8.0-65.68.1",
"6.8.0-78.78.1",
"6.8.0-79.79.1",
"6.8.0-83.83.1",
"6.8.0-84.84.1",
"6.8.0-85.85.1",
"6.8.0-86.87.1",
"6.8.0-87.88.1",
"6.8.0-88.89.1",
"6.8.0-90.91.1",
"6.8.0-94.96.1",
"6.8.0-100.100.1",
"6.8.0-101.101.1",
"6.8.0-106.106.1",
"6.8.0-107.107.1",
"6.8.0-110.110.1",
"6.8.0-111.111.1",
"6.8.0-117.117.1",
"6.8.0-134.134.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.11.0-1016-lowlatency-64k",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-headers-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-headers-6.11.0-1016-lowlatency-64k",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1016-lowlatency-64k",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.11-cloud-tools-6.11.0-1016",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.11-headers-6.11.0-1016",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.11-lib-rust-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-lowlatency-hwe-6.11-tools-6.11.0-1016",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-modules-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-modules-6.11.0-1016-lowlatency-64k",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-tools-6.11.0-1016-lowlatency",
"binary_version": "6.11.0-1016.17~24.04.1"
},
{
"binary_name": "linux-tools-6.11.0-1016-lowlatency-64k",
"binary_version": "6.11.0-1016.17~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-lowlatency-hwe-6.11",
"purl": "pkg:deb/ubuntu/linux-lowlatency-hwe-6.11@6.11.0-1016.17~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.11.0-1009.10~24.04.1",
"6.11.0-1011.12~24.04.1",
"6.11.0-1012.13~24.04.1",
"6.11.0-1013.14~24.04.1",
"6.11.0-1014.15~24.04.1",
"6.11.0-1015.16~24.04.2",
"6.11.0-1016.17~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-buildinfo-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-headers-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-headers-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-modules-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-modules-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-modules-nvidia-fs-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-modules-nvidia-fs-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-nvidia-headers-6.8.0-1058",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-nvidia-tools-6.8.0-1058",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-tools-6.8.0-1058-nvidia",
"binary_version": "6.8.0-1058.61"
},
{
"binary_name": "linux-tools-6.8.0-1058-nvidia-64k",
"binary_version": "6.8.0-1058.61"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-nvidia",
"purl": "pkg:deb/ubuntu/linux-nvidia@6.8.0-1058.61?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1007.7",
"6.8.0-1008.8",
"6.8.0-1009.9",
"6.8.0-1010.10",
"6.8.0-1011.11",
"6.8.0-1012.12",
"6.8.0-1013.14",
"6.8.0-1014.15",
"6.8.0-1015.16",
"6.8.0-1017.19",
"6.8.0-1018.20",
"6.8.0-1019.21",
"6.8.0-1020.22",
"6.8.0-1021.23",
"6.8.0-1022.25",
"6.8.0-1023.26",
"6.8.0-1024.27",
"6.8.0-1025.28",
"6.8.0-1026.29",
"6.8.0-1027.30",
"6.8.0-1028.31",
"6.8.0-1029.32",
"6.8.0-1030.33",
"6.8.0-1031.34",
"6.8.0-1032.35",
"6.8.0-1035.38",
"6.8.0-1036.39",
"6.8.0-1038.41",
"6.8.0-1039.42",
"6.8.0-1040.43",
"6.8.0-1041.44",
"6.8.0-1042.45",
"6.8.0-1043.46",
"6.8.0-1044.47",
"6.8.0-1045.48",
"6.8.0-1046.49",
"6.8.0-1047.50",
"6.8.0-1049.52",
"6.8.0-1050.53",
"6.8.0-1051.54",
"6.8.0-1052.55",
"6.8.0-1054.57",
"6.8.0-1055.58",
"6.8.0-1058.61"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-buildinfo-6.11.0-1016-nvidia-64k",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-headers-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-headers-6.11.0-1016-nvidia-64k",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1016-nvidia-64k",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-modules-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-modules-6.11.0-1016-nvidia-64k",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-modules-extra-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-modules-extra-6.11.0-1016-nvidia-64k",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-modules-nvidia-fs-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-modules-nvidia-fs-6.11.0-1016-nvidia-64k",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-nvidia-6.11-headers-6.11.0-1016",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-nvidia-6.11-lib-rust-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-nvidia-6.11-tools-6.11.0-1016",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-tools-6.11.0-1016-nvidia",
"binary_version": "6.11.0-1016.16"
},
{
"binary_name": "linux-tools-6.11.0-1016-nvidia-64k",
"binary_version": "6.11.0-1016.16"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-nvidia-6.11",
"purl": "pkg:deb/ubuntu/linux-nvidia-6.11@6.11.0-1016.16?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.11.0-1002.2",
"6.11.0-1003.3",
"6.11.0-1007.7",
"6.11.0-1010.10",
"6.11.0-1011.11",
"6.11.0-1012.12",
"6.11.0-1013.13",
"6.11.0-1016.16"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1026-nvidia",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-buildinfo-6.17.0-1026-nvidia-64k",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-headers-6.17.0-1026-nvidia",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-headers-6.17.0-1026-nvidia-64k",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1026-nvidia",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1026-nvidia-64k",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-modules-6.17.0-1026-nvidia",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-modules-6.17.0-1026-nvidia-64k",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-modules-nvidia-fs-6.17.0-1026-nvidia",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-modules-nvidia-fs-6.17.0-1026-nvidia-64k",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-nvidia-6.17-headers-6.17.0-1026",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-nvidia-6.17-tools-6.17.0-1026",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-tools-6.17.0-1026-nvidia",
"binary_version": "6.17.0-1026.26"
},
{
"binary_name": "linux-tools-6.17.0-1026-nvidia-64k",
"binary_version": "6.17.0-1026.26"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-nvidia-6.17",
"purl": "pkg:deb/ubuntu/linux-nvidia-6.17@6.17.0-1026.26?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1004.4",
"6.17.0-1008.8",
"6.17.0-1014.14",
"6.17.0-1018.18",
"6.17.0-1021.21",
"6.17.0-1026.26"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1058-nvidia-lowlatency",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1058-nvidia-lowlatency-64k",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-headers-6.8.0-1058-nvidia-lowlatency",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-headers-6.8.0-1058-nvidia-lowlatency-64k",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-nvidia-lowlatency",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1058-nvidia-lowlatency-64k",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-modules-6.8.0-1058-nvidia-lowlatency",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-modules-6.8.0-1058-nvidia-lowlatency-64k",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1058-nvidia-lowlatency",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-modules-nvidia-fs-6.8.0-1058-nvidia-lowlatency",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-modules-nvidia-fs-6.8.0-1058-nvidia-lowlatency-64k",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-nvidia-lowlatency-headers-6.8.0-1058",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-nvidia-lowlatency-tools-6.8.0-1058",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-tools-6.8.0-1058-nvidia-lowlatency",
"binary_version": "6.8.0-1058.61.1"
},
{
"binary_name": "linux-tools-6.8.0-1058-nvidia-lowlatency-64k",
"binary_version": "6.8.0-1058.61.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-nvidia-lowlatency",
"purl": "pkg:deb/ubuntu/linux-nvidia-lowlatency@6.8.0-1058.61.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1009.9.1",
"6.8.0-1011.11.1",
"6.8.0-1012.12.1",
"6.8.0-1013.14.1",
"6.8.0-1014.15.1",
"6.8.0-1015.16.1",
"6.8.0-1017.19.1",
"6.8.0-1018.20.1",
"6.8.0-1019.21.1",
"6.8.0-1020.22.1",
"6.8.0-1021.23.1",
"6.8.0-1022.25.2",
"6.8.0-1023.26.1",
"6.8.0-1024.27.1",
"6.8.0-1025.28.1",
"6.8.0-1026.29.1",
"6.8.0-1027.30.1",
"6.8.0-1028.31.1",
"6.8.0-1029.32.1",
"6.8.0-1030.33.1",
"6.8.0-1031.34.1",
"6.8.0-1032.35.1",
"6.8.0-1035.38.1",
"6.8.0-1036.39.1",
"6.8.0-1038.41.1",
"6.8.0-1039.42.1",
"6.8.0-1040.43.1",
"6.8.0-1041.44.1",
"6.8.0-1042.45.1",
"6.8.0-1043.46.1",
"6.8.0-1044.47.1",
"6.8.0-1045.48.1",
"6.8.0-1046.49.1",
"6.8.0-1047.50.1",
"6.8.0-1049.52.1",
"6.8.0-1050.53.1",
"6.8.0-1051.54.1",
"6.8.0-1052.55.1",
"6.8.0-1054.57.1",
"6.8.0-1055.58.1",
"6.8.0-1058.61.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1029-nvidia-tegra",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-buildinfo-6.8.0-1029-nvidia-tegra-rt",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-headers-6.8.0-1029-nvidia-tegra",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-headers-6.8.0-1029-nvidia-tegra-rt",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1029-nvidia-tegra",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1029-nvidia-tegra-rt",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-modules-6.8.0-1029-nvidia-tegra",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-modules-6.8.0-1029-nvidia-tegra-rt",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-modules-extra-6.8.0-1029-nvidia-tegra",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-modules-extra-6.8.0-1029-nvidia-tegra-rt",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-nvidia-tegra-headers-6.8.0-1029",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-nvidia-tegra-tools-6.8.0-1029",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-tools-6.8.0-1029-nvidia-tegra",
"binary_version": "6.8.0-1029.30"
},
{
"binary_name": "linux-tools-6.8.0-1029-nvidia-tegra-rt",
"binary_version": "6.8.0-1029.30"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-nvidia-tegra",
"purl": "pkg:deb/ubuntu/linux-nvidia-tegra@6.8.0-1029.30?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1003.3",
"6.8.0-1004.4",
"6.8.0-1008.8",
"6.8.0-1009.9",
"6.8.0-1010.10",
"6.8.0-1012.12",
"6.8.0-1013.13",
"6.8.0-1016.16",
"6.8.0-1019.19",
"6.8.0-1020.20",
"6.8.0-1021.21",
"6.8.0-1022.22",
"6.8.0-1023.23",
"6.8.0-1024.24",
"6.8.0-1025.25",
"6.8.0-1026.26",
"6.8.0-1029.30"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-headers-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-image-unsigned-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-modules-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-modules-ipu6-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-modules-ipu7-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-modules-iwlwifi-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-modules-usbio-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-modules-vision-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-oem-6.11-headers-6.11.0-1027",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-oem-6.11-tools-6.11.0-1027",
"binary_version": "6.11.0-1027.27"
},
{
"binary_name": "linux-tools-6.11.0-1027-oem",
"binary_version": "6.11.0-1027.27"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-oem-6.11",
"purl": "pkg:deb/ubuntu/linux-oem-6.11@6.11.0-1027.27?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.11.0-1007.7",
"6.11.0-1008.8",
"6.11.0-1009.9",
"6.11.0-1010.10",
"6.11.0-1011.11",
"6.11.0-1012.12",
"6.11.0-1013.13",
"6.11.0-1015.15",
"6.11.0-1016.16",
"6.11.0-1017.17",
"6.11.0-1018.18",
"6.11.0-1020.20",
"6.11.0-1021.21",
"6.11.0-1022.22",
"6.11.0-1023.23",
"6.11.0-1024.24",
"6.11.0-1025.25",
"6.11.0-1027.27"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-headers-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-modules-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-modules-ipu6-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-modules-ipu7-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-modules-iwlwifi-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-modules-usbio-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-modules-vision-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-oem-6.14-headers-6.14.0-1020",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-oem-6.14-tools-6.14.0-1020",
"binary_version": "6.14.0-1020.20"
},
{
"binary_name": "linux-tools-6.14.0-1020-oem",
"binary_version": "6.14.0-1020.20"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-oem-6.14",
"purl": "pkg:deb/ubuntu/linux-oem-6.14@6.14.0-1020.20?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1004.4",
"6.14.0-1005.5",
"6.14.0-1006.6",
"6.14.0-1007.7",
"6.14.0-1008.8",
"6.14.0-1010.10",
"6.14.0-1011.11",
"6.14.0-1012.12",
"6.14.0-1013.13",
"6.14.0-1014.14",
"6.14.0-1015.15",
"6.14.0-1016.16",
"6.14.0-1017.17",
"6.14.0-1018.18",
"6.14.0-1019.19",
"6.14.0-1020.20"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-headers-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-modules-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-modules-evdi-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-modules-ipu6-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-modules-ipu7-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-modules-iwlwifi-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-modules-usbio-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-modules-vision-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-oem-6.17-headers-6.17.0-1028",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-oem-6.17-tools-6.17.0-1028",
"binary_version": "6.17.0-1028.28"
},
{
"binary_name": "linux-tools-6.17.0-1028-oem",
"binary_version": "6.17.0-1028.28"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-oem-6.17",
"purl": "pkg:deb/ubuntu/linux-oem-6.17@6.17.0-1028.28?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1005.5",
"6.17.0-1006.6",
"6.17.0-1007.7",
"6.17.0-1008.8",
"6.17.0-1009.9",
"6.17.0-1010.10",
"6.17.0-1011.11",
"6.17.0-1012.12",
"6.17.0-1017.17",
"6.17.0-1020.20",
"6.17.0-1023.23",
"6.17.0-1024.24",
"6.17.0-1025.25",
"6.17.0-1028.28"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-headers-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-modules-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-modules-ipu6-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-modules-usbio-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-oem-6.8-headers-6.8.0-1032",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-oem-6.8-tools-6.8.0-1032",
"binary_version": "6.8.0-1032.32"
},
{
"binary_name": "linux-tools-6.8.0-1032-oem",
"binary_version": "6.8.0-1032.32"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-oem-6.8",
"purl": "pkg:deb/ubuntu/linux-oem-6.8@6.8.0-1032.32?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1003.3",
"6.8.0-1004.4",
"6.8.0-1005.5",
"6.8.0-1006.6",
"6.8.0-1007.7",
"6.8.0-1008.8",
"6.8.0-1009.9",
"6.8.0-1010.10",
"6.8.0-1011.11",
"6.8.0-1012.12",
"6.8.0-1013.13",
"6.8.0-1014.14",
"6.8.0-1016.16",
"6.8.0-1017.17",
"6.8.0-1018.18",
"6.8.0-1019.19",
"6.8.0-1020.20",
"6.8.0-1024.24",
"6.8.0-1025.25",
"6.8.0-1026.26",
"6.8.0-1027.27",
"6.8.0-1028.28",
"6.8.0-1029.29",
"6.8.0-1030.30",
"6.8.0-1031.31",
"6.8.0-1032.32"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-buildinfo-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-headers-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-headers-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-modules-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-modules-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-modules-extra-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-modules-extra-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-oracle-headers-6.8.0-1057",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-oracle-tools-6.8.0-1057",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-tools-6.8.0-1057-oracle",
"binary_version": "6.8.0-1057.58"
},
{
"binary_name": "linux-tools-6.8.0-1057-oracle-64k",
"binary_version": "6.8.0-1057.58"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-oracle",
"purl": "pkg:deb/ubuntu/linux-oracle@6.8.0-1057.58?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1010.10",
"6.6.0-1001.1",
"6.8.0-1001.1",
"6.8.0-1004.4",
"6.8.0-1005.5",
"6.8.0-1006.6",
"6.8.0-1008.8",
"6.8.0-1010.10",
"6.8.0-1011.11",
"6.8.0-1012.12",
"6.8.0-1013.13",
"6.8.0-1014.14",
"6.8.0-1015.16",
"6.8.0-1016.17",
"6.8.0-1017.18",
"6.8.0-1018.19",
"6.8.0-1019.20",
"6.8.0-1020.21",
"6.8.0-1021.22",
"6.8.0-1022.23",
"6.8.0-1023.24",
"6.8.0-1024.25",
"6.8.0-1025.26",
"6.8.0-1026.27",
"6.8.0-1027.28",
"6.8.0-1028.29",
"6.8.0-1029.30",
"6.8.0-1030.31",
"6.8.0-1032.33",
"6.8.0-1033.34",
"6.8.0-1035.36",
"6.8.0-1037.38",
"6.8.0-1038.39",
"6.8.0-1039.40",
"6.8.0-1040.41",
"6.8.0-1041.42",
"6.8.0-1042.43",
"6.8.0-1043.44",
"6.8.0-1044.45",
"6.8.0-1047.48",
"6.8.0-1049.50",
"6.8.0-1050.51",
"6.8.0-1052.53",
"6.8.0-1054.55",
"6.8.0-1057.58"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.14.0-1018-oracle",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.14.0-1018-oracle-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1018-oracle",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1018-oracle-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1018-oracle",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1018-oracle-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1018-oracle",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1018-oracle-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1018-oracle",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1018-oracle-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-oracle-6.14-headers-6.14.0-1018",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-oracle-6.14-tools-6.14.0-1018",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1018-oracle",
"binary_version": "6.14.0-1018.18~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1018-oracle-64k",
"binary_version": "6.14.0-1018.18~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-oracle-6.14",
"purl": "pkg:deb/ubuntu/linux-oracle-6.14@6.14.0-1018.18~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1007.7~24.04.1",
"6.14.0-1009.9~24.04.1",
"6.14.0-1010.10~24.04.1",
"6.14.0-1011.11~24.04.1",
"6.14.0-1012.12~24.04.1",
"6.14.0-1013.13~24.04.1",
"6.14.0-1014.14~24.04.1",
"6.14.0-1015.15~24.04.1",
"6.14.0-1016.16~24.04.1",
"6.14.0-1017.17~24.04.1",
"6.14.0-1018.18~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-buildinfo-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-oracle-6.17-headers-6.17.0-1018",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-oracle-6.17-tools-6.17.0-1018",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-oracle-6.17",
"purl": "pkg:deb/ubuntu/linux-oracle-6.17@6.17.0-1018.18~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1004.4~24.04.2",
"6.17.0-1007.7~24.04.1",
"6.17.0-1009.9~24.04.1",
"6.17.0-1010.10~24.04.1",
"6.17.0-1011.11~24.04.1",
"6.17.0-1014.14~24.04.1",
"6.17.0-1016.16~24.04.1",
"6.17.0-1018.18~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1060-raspi",
"binary_version": "6.8.0-1060.64"
},
{
"binary_name": "linux-headers-6.8.0-1060-raspi",
"binary_version": "6.8.0-1060.64"
},
{
"binary_name": "linux-image-6.8.0-1060-raspi",
"binary_version": "6.8.0-1060.64"
},
{
"binary_name": "linux-modules-6.8.0-1060-raspi",
"binary_version": "6.8.0-1060.64"
},
{
"binary_name": "linux-raspi-headers-6.8.0-1060",
"binary_version": "6.8.0-1060.64"
},
{
"binary_name": "linux-raspi-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.64"
},
{
"binary_name": "linux-tools-6.8.0-1060-raspi",
"binary_version": "6.8.0-1060.64"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-raspi",
"purl": "pkg:deb/ubuntu/linux-raspi@6.8.0-1060.64?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-1005.7",
"6.7.0-1001.1",
"6.8.0-1001.1",
"6.8.0-1002.2",
"6.8.0-1003.3",
"6.8.0-1004.4",
"6.8.0-1005.5",
"6.8.0-1006.6",
"6.8.0-1007.7",
"6.8.0-1008.8",
"6.8.0-1009.10",
"6.8.0-1010.11",
"6.8.0-1011.12",
"6.8.0-1012.13",
"6.8.0-1013.14",
"6.8.0-1014.16",
"6.8.0-1015.17",
"6.8.0-1016.18",
"6.8.0-1017.19",
"6.8.0-1018.20",
"6.8.0-1019.23",
"6.8.0-1020.24",
"6.8.0-1024.28",
"6.8.0-1028.32",
"6.8.0-1029.33",
"6.8.0-1030.34",
"6.8.0-1031.35",
"6.8.0-1032.36",
"6.8.0-1035.39",
"6.8.0-1036.40",
"6.8.0-1038.42",
"6.8.0-1039.43",
"6.8.0-1040.44",
"6.8.0-1041.45",
"6.8.0-1042.46",
"6.8.0-1043.47",
"6.8.0-1044.48",
"6.8.0-1045.49",
"6.8.0-1047.51",
"6.8.0-1048.52",
"6.8.0-1050.54",
"6.8.0-1051.55",
"6.8.0-1052.56",
"6.8.0-1053.57",
"6.8.0-1056.60",
"6.8.0-1057.61",
"6.8.0-1060.64"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-headers-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-image-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-modules-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-raspi-realtime-headers-6.8.0-2019",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-raspi-realtime-tools-6.8.0-2019",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-tools-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-raspi-realtime",
"purl": "pkg:deb/ubuntu/linux-raspi-realtime@6.8.0-2019.20?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-2019.20"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-cloud-tools-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-headers-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-image-unsigned-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-modules-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-modules-extra-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-realtime-cloud-tools-6.8.1-1015",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-realtime-headers-6.8.1-1015",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-realtime-tools-6.8.1-1015",
"binary_version": "6.8.1-1015.16"
},
{
"binary_name": "linux-tools-6.8.1-1015-realtime",
"binary_version": "6.8.1-1015.16"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-realtime",
"purl": "pkg:deb/ubuntu/linux-realtime@6.8.1-1015.16?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.1-1015.16"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-60-generic",
"binary_version": "6.8.0-60.63.1"
},
{
"binary_name": "linux-headers-6.8.0-60-generic",
"binary_version": "6.8.0-60.63.1"
},
{
"binary_name": "linux-image-6.8.0-60-generic",
"binary_version": "6.8.0-60.63.1"
},
{
"binary_name": "linux-modules-6.8.0-60-generic",
"binary_version": "6.8.0-60.63.1"
},
{
"binary_name": "linux-riscv-headers-6.8.0-60",
"binary_version": "6.8.0-60.63.1"
},
{
"binary_name": "linux-riscv-tools-6.8.0-60",
"binary_version": "6.8.0-60.63.1"
},
{
"binary_name": "linux-tools-6.8.0-60-generic",
"binary_version": "6.8.0-60.63.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-riscv",
"purl": "pkg:deb/ubuntu/linux-riscv@6.8.0-60.63.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.5.0-9.9.1",
"6.8.0-20.20.1",
"6.8.0-28.28.1",
"6.8.0-31.31.1",
"6.8.0-35.35.1",
"6.8.0-36.36.1",
"6.8.0-38.38.1",
"6.8.0-39.39.1",
"6.8.0-40.40.1",
"6.8.0-41.41.1",
"6.8.0-44.44.1",
"6.8.0-47.47.1",
"6.8.0-48.48.1",
"6.8.0-49.49.1",
"6.8.0-50.51.1",
"6.8.0-51.52.1",
"6.8.0-52.53.1",
"6.8.0-53.55.1",
"6.8.0-55.57.1",
"6.8.0-56.58.1",
"6.8.0-57.59.1",
"6.8.0-58.60.1",
"6.8.0-59.61.1",
"6.8.0-60.63.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.14.0-37-generic",
"binary_version": "6.14.0-37.37.1~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-37-generic",
"binary_version": "6.14.0-37.37.1~24.04.1"
},
{
"binary_name": "linux-image-6.14.0-37-generic",
"binary_version": "6.14.0-37.37.1~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-37-generic",
"binary_version": "6.14.0-37.37.1~24.04.1"
},
{
"binary_name": "linux-riscv-6.14-headers-6.14.0-37",
"binary_version": "6.14.0-37.37.1~24.04.1"
},
{
"binary_name": "linux-riscv-6.14-tools-6.14.0-37",
"binary_version": "6.14.0-37.37.1~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-37-generic",
"binary_version": "6.14.0-37.37.1~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-riscv-6.14",
"purl": "pkg:deb/ubuntu/linux-riscv-6.14@6.14.0-37.37.1~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-22.22.1~24.04.1",
"6.14.0-23.23.1~24.04.1",
"6.14.0-24.24.1~24.04.1",
"6.14.0-27.27.1~24.04.1",
"6.14.0-28.28.1~24.04.1",
"6.14.0-29.29.1~24.04.1",
"6.14.0-32.32.1~24.04.1",
"6.14.0-33.33.1~24.04.1",
"6.14.0-34.34.1~24.04.1",
"6.14.0-35.35.1~24.04.1",
"6.14.0-36.36.1~24.04.1",
"6.14.0-37.37.1~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-38-generic",
"binary_version": "6.17.0-38.38.1~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-38-generic",
"binary_version": "6.17.0-38.38.1~24.04.1"
},
{
"binary_name": "linux-image-6.17.0-38-generic",
"binary_version": "6.17.0-38.38.1~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-38-generic",
"binary_version": "6.17.0-38.38.1~24.04.1"
},
{
"binary_name": "linux-riscv-6.17-headers-6.17.0-38",
"binary_version": "6.17.0-38.38.1~24.04.1"
},
{
"binary_name": "linux-riscv-6.17-tools-6.17.0-38",
"binary_version": "6.17.0-38.38.1~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-38-generic",
"binary_version": "6.17.0-38.38.1~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-riscv-6.17",
"purl": "pkg:deb/ubuntu/linux-riscv-6.17@6.17.0-38.38.1~24.04.1?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-14.14.1~24.04.1",
"6.17.0-19.19.1~24.04.1",
"6.17.0-20.20.1~24.04.1",
"6.17.0-22.22.1~24.04.1",
"6.17.0-23.23.1~24.04.1",
"6.17.0-29.29.1~24.04.1",
"6.17.0-35.35.1~24.04.1",
"6.17.0-38.38.1~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1032-xilinx",
"binary_version": "6.8.0-1032.33"
},
{
"binary_name": "linux-headers-6.8.0-1032-xilinx",
"binary_version": "6.8.0-1032.33"
},
{
"binary_name": "linux-image-6.8.0-1032-xilinx",
"binary_version": "6.8.0-1032.33"
},
{
"binary_name": "linux-modules-6.8.0-1032-xilinx",
"binary_version": "6.8.0-1032.33"
},
{
"binary_name": "linux-tools-6.8.0-1032-xilinx",
"binary_version": "6.8.0-1032.33"
},
{
"binary_name": "linux-xilinx-headers-6.8.0-1032",
"binary_version": "6.8.0-1032.33"
},
{
"binary_name": "linux-xilinx-tools-6.8.0-1032",
"binary_version": "6.8.0-1032.33"
}
]
},
"package": {
"ecosystem": "Ubuntu:24.04:LTS",
"name": "linux-xilinx",
"purl": "pkg:deb/ubuntu/linux-xilinx@6.8.0-1032.33?arch=source\u0026distro=noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1008.9",
"6.8.0-1009.10",
"6.8.0-1011.12",
"6.8.0-1012.13",
"6.8.0-1013.14",
"6.8.0-1014.15",
"6.8.0-1015.16",
"6.8.0-1017.18",
"6.8.0-1018.19",
"6.8.0-1019.20",
"6.8.0-1020.21",
"6.8.0-1021.22",
"6.8.0-1022.23",
"6.8.0-1023.24",
"6.8.0-1024.25",
"6.8.0-1028.29",
"6.8.0-1029.30",
"6.8.0-1032.33"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-bluefield-headers-6.8.0-1026",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-bluefield-tools-6.8.0-1026",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-buildinfo-6.8.0-1026-bluefield",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-buildinfo-6.8.0-1026-bluefield-64k",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-headers-6.8.0-1026-bluefield",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-headers-6.8.0-1026-bluefield-64k",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1026-bluefield",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1026-bluefield-64k",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-modules-6.8.0-1026-bluefield",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-modules-6.8.0-1026-bluefield-64k",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-modules-extra-6.8.0-1026-bluefield",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-modules-extra-6.8.0-1026-bluefield-64k",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-tools-6.8.0-1026-bluefield",
"binary_version": "6.8.0-1026.30"
},
{
"binary_name": "linux-tools-6.8.0-1026-bluefield-64k",
"binary_version": "6.8.0-1026.30"
}
]
},
"package": {
"ecosystem": "Ubuntu:Nvidia-BlueField:24.04:LTS",
"name": "linux-bluefield",
"purl": "pkg:deb/ubuntu/linux-bluefield@6.8.0-1026.30?arch=source\u0026distro=bluefield/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1011.15",
"6.8.0-1012.16",
"6.8.0-1013.17",
"6.8.0-1014.18",
"6.8.0-1016.20",
"6.8.0-1017.21",
"6.8.0-1022.26",
"6.8.0-1023.27",
"6.8.0-1026.30"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-fips-cloud-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-aws-fips-headers-6.8.0-1060",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-aws-fips-tools-6.8.0-1060",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-headers-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-modules-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
},
{
"binary_name": "linux-tools-6.8.0-1060-aws-fips",
"binary_version": "6.8.0-1060.63+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:24.04:LTS",
"name": "linux-aws-fips",
"purl": "pkg:deb/ubuntu/linux-aws-fips@6.8.0-1060.63+fips1?arch=source\u0026distro=fips-updates/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1035.37+fips1",
"6.8.0-1036.38+fips1",
"6.8.0-1038.40+fips1",
"6.8.0-1039.41+fips1",
"6.8.0-1040.42+fips1",
"6.8.0-1041.43+fips1",
"6.8.0-1042.44+fips1",
"6.8.0-1043.45+fips1",
"6.8.0-1044.46+fips1",
"6.8.0-1045.47+fips1",
"6.8.0-1046.49+fips1",
"6.8.0-1047.50+fips1",
"6.8.0-1050.53+fips1",
"6.8.0-1051.54+fips1",
"6.8.0-1052.55+fips1",
"6.8.0-1053.56+fips1",
"6.8.0-1055.58+fips1",
"6.8.0-1057.60+fips1",
"6.8.0-1060.63+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fips-cloud-tools-6.8.0-1062",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-azure-fips-headers-6.8.0-1062",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-azure-fips-tools-6.8.0-1062",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-buildinfo-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-headers-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-modules-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-modules-involflt-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
},
{
"binary_name": "linux-tools-6.8.0-1062-azure-fips",
"binary_version": "6.8.0-1062.69+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:24.04:LTS",
"name": "linux-azure-fips",
"purl": "pkg:deb/ubuntu/linux-azure-fips@6.8.0-1062.69+fips1?arch=source\u0026distro=fips-updates/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1034.39+fips1",
"6.8.0-1040.46+fips1",
"6.8.0-1044.50+fips1",
"6.8.0-1046.52+fips1",
"6.8.0-1047.53+fips1",
"6.8.0-1052.58+fips1",
"6.8.0-1053.59+fips1",
"6.8.0-1054.60+fips1",
"6.8.0-1059.65+fips1",
"6.8.0-1062.69+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-cloud-tools-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-fips-cloud-tools-6.8.0-134",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-fips-headers-6.8.0-134",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-fips-lib-rust-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-fips-tools-6.8.0-134",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-headers-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-image-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-image-hmac-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-modules-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-modules-extra-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-modules-ipu6-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-modules-usbio-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
},
{
"binary_name": "linux-tools-6.8.0-134-fips",
"binary_version": "6.8.0-134.134+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:24.04:LTS",
"name": "linux-fips",
"purl": "pkg:deb/ubuntu/linux-fips@6.8.0-134.134+fips1?arch=source\u0026distro=fips-updates/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-38.38+fips4",
"6.8.0-78.78+fips1",
"6.8.0-79.79+fips1",
"6.8.0-83.83+fips1",
"6.8.0-84.84+fips1",
"6.8.0-85.85+fips1",
"6.8.0-86.87+fips1",
"6.8.0-87.88+fips1",
"6.8.0-88.89+fips1",
"6.8.0-90.91+fips1",
"6.8.0-94.96+fips1",
"6.8.0-100.100+fips1",
"6.8.0-101.101+fips1",
"6.8.0-106.106+fips1",
"6.8.0-107.107+fips1",
"6.8.0-110.110+fips2",
"6.8.0-111.111+fips1",
"6.8.0-116.116+fips1",
"6.8.0-124.124+fips1",
"6.8.0-134.134+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-1063-gcp-fips",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-gcp-fips-headers-6.8.0-1063",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-gcp-fips-tools-6.8.0-1063",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-headers-6.8.0-1063-gcp-fips",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-image-unsigned-6.8.0-1063-gcp-fips",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-image-unsigned-hmac-6.8.0-1063-gcp-fips",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-modules-6.8.0-1063-gcp-fips",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-modules-extra-6.8.0-1063-gcp-fips",
"binary_version": "6.8.0-1063.69+fips1"
},
{
"binary_name": "linux-tools-6.8.0-1063-gcp-fips",
"binary_version": "6.8.0-1063.69+fips1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:FIPS-updates:24.04:LTS",
"name": "linux-gcp-fips",
"purl": "pkg:deb/ubuntu/linux-gcp-fips@6.8.0-1063.69+fips1?arch=source\u0026distro=fips-updates/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1036.38+fips1",
"6.8.0-1037.39+fips1",
"6.8.0-1039.41+fips1",
"6.8.0-1040.42+fips1",
"6.8.0-1041.43+fips1",
"6.8.0-1042.45+fips1",
"6.8.0-1043.46+fips1",
"6.8.0-1044.47+fips1",
"6.8.0-1045.48+fips1",
"6.8.0-1046.49+fips1",
"6.8.0-1047.50+fips1",
"6.8.0-1048.51+fips1",
"6.8.0-1052.55+fips1",
"6.8.0-1053.56+fips1",
"6.8.0-1054.57+fips1",
"6.8.0-1055.58+fips1",
"6.8.0-1058.61+fips1",
"6.8.0-1060.63+fips1",
"6.8.0-1063.69+fips1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-2049-raspi-realtime",
"binary_version": "6.8.0-2049.50"
},
{
"binary_name": "linux-headers-6.8.0-2049-raspi-realtime",
"binary_version": "6.8.0-2049.50"
},
{
"binary_name": "linux-image-6.8.0-2049-raspi-realtime",
"binary_version": "6.8.0-2049.50"
},
{
"binary_name": "linux-modules-6.8.0-2049-raspi-realtime",
"binary_version": "6.8.0-2049.50"
},
{
"binary_name": "linux-raspi-realtime-headers-6.8.0-2049",
"binary_version": "6.8.0-2049.50"
},
{
"binary_name": "linux-raspi-realtime-tools-6.8.0-2049",
"binary_version": "6.8.0-2049.50"
},
{
"binary_name": "linux-tools-6.8.0-2049-raspi-realtime",
"binary_version": "6.8.0-2049.50"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:Realtime:24.04:LTS",
"name": "linux-raspi-realtime",
"purl": "pkg:deb/ubuntu/linux-raspi-realtime@6.8.0-2049.50?arch=source\u0026distro=realtime/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.7.0-2001.1",
"6.8.0-2001.1",
"6.8.0-2002.2",
"6.8.0-2004.4",
"6.8.0-2005.5",
"6.8.0-2006.6",
"6.8.0-2007.7",
"6.8.0-2008.8",
"6.8.0-2009.9",
"6.8.0-2010.10",
"6.8.0-2011.11",
"6.8.0-2012.12",
"6.8.0-2013.14",
"6.8.0-2014.15",
"6.8.0-2015.16",
"6.8.0-2016.17",
"6.8.0-2017.18",
"6.8.0-2018.19",
"6.8.0-2019.20",
"6.8.0-2022.23",
"6.8.0-2023.24",
"6.8.0-2024.25",
"6.8.0-2025.26",
"6.8.0-2026.27",
"6.8.0-2028.29",
"6.8.0-2029.30",
"6.8.0-2030.31",
"6.8.0-2031.32",
"6.8.0-2032.33",
"6.8.0-2033.34",
"6.8.0-2034.35",
"6.8.0-2035.36",
"6.8.0-2036.37",
"6.8.0-2037.38",
"6.8.0-2038.39",
"6.8.0-2040.41",
"6.8.0-2041.42",
"6.8.0-2042.43",
"6.8.0-2043.44",
"6.8.0-2045.46",
"6.8.0-2046.47",
"6.8.0-2049.50"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-cloud-tools-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-headers-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-image-unsigned-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-modules-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-modules-extra-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-modules-iwlwifi-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-realtime-cloud-tools-6.8.1-1055",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-realtime-headers-6.8.1-1055",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-realtime-tools-6.8.1-1055",
"binary_version": "6.8.1-1055.56"
},
{
"binary_name": "linux-tools-6.8.1-1055-realtime",
"binary_version": "6.8.1-1055.56"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:Realtime:24.04:LTS",
"name": "linux-realtime",
"purl": "pkg:deb/ubuntu/linux-realtime@6.8.1-1055.56?arch=source\u0026distro=realtime/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.8.0-1008.19",
"6.8.1-1001.1",
"6.8.1-1002.2",
"6.8.1-1003.3",
"6.8.1-1004.4",
"6.8.1-1005.5",
"6.8.1-1006.6",
"6.8.1-1007.7",
"6.8.1-1008.8",
"6.8.1-1009.9",
"6.8.1-1010.10",
"6.8.1-1011.11",
"6.8.1-1012.12",
"6.8.1-1013.14",
"6.8.1-1014.15",
"6.8.1-1015.16",
"6.8.1-1016.17",
"6.8.1-1017.18",
"6.8.1-1018.19",
"6.8.1-1019.20",
"6.8.1-1020.21",
"6.8.1-1021.22",
"6.8.1-1022.23",
"6.8.1-1023.24",
"6.8.1-1024.25",
"6.8.1-1025.26",
"6.8.1-1026.27",
"6.8.1-1030.31",
"6.8.1-1031.32",
"6.8.1-1033.34",
"6.8.1-1034.35",
"6.8.1-1035.36",
"6.8.1-1036.37",
"6.8.1-1037.38",
"6.8.1-1038.39",
"6.8.1-1039.40",
"6.8.1-1040.41",
"6.8.1-1041.42",
"6.8.1-1042.43",
"6.8.1-1045.46",
"6.8.1-1046.47",
"6.8.1-1047.48",
"6.8.1-1048.49",
"6.8.1-1051.52",
"6.8.1-1052.53",
"6.8.1-1055.56"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-headers-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-realtime-6.14-cloud-tools-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-realtime-6.14-headers-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-realtime-6.14-tools-6.14.0-1017",
"binary_version": "6.14.0-1017.17~24.04.1"
},
{
"binary_name": "linux-tools-6.14.0-1017-realtime",
"binary_version": "6.14.0-1017.17~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:Realtime:24.04:LTS",
"name": "linux-realtime-6.14",
"purl": "pkg:deb/ubuntu/linux-realtime-6.14@6.14.0-1017.17~24.04.1?arch=source\u0026distro=realtime/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1003.3~24.04.3",
"6.14.0-1010.10~24.04.1",
"6.14.0-1011.11~24.04.1",
"6.14.0-1012.12~24.04.1",
"6.14.0-1013.13~24.04.1",
"6.14.0-1014.14~24.04.1",
"6.14.0-1015.15~24.04.1",
"6.14.0-1016.16~24.04.1",
"6.14.0-1017.17~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-headers-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-modules-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-modules-extra-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-modules-iwlwifi-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-realtime-6.17-cloud-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-realtime-6.17-headers-6.17.0-1017",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-realtime-6.17-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.19~24.04.1"
},
{
"binary_name": "linux-tools-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19~24.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:Pro:Realtime:24.04:LTS",
"name": "linux-realtime-6.17",
"purl": "pkg:deb/ubuntu/linux-realtime-6.17@6.17.0-1017.19~24.04.1?arch=source\u0026distro=realtime/noble"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1004.5~24.04.2",
"6.17.0-1006.7~24.04.1",
"6.17.0-1008.9~24.04.1",
"6.17.0-1009.10~24.04.1",
"6.17.0-1010.11~24.04.1",
"6.17.0-1011.12~24.04.1",
"6.17.0-1013.15~24.04.1",
"6.17.0-1014.16~24.04.1",
"6.17.0-1017.19~24.04.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "bpftool",
"binary_version": "7.7.0+6.17.0-40.40"
},
{
"binary_name": "linux-buildinfo-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-buildinfo-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-cloud-tools-6.17.0-40",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-cloud-tools-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-cloud-tools-common",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-headers-6.17.0-40",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-headers-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-headers-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-image-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-image-unsigned-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-image-unsigned-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-lib-rust-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-modules-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-modules-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-modules-ipu6-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-modules-ipu7-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-modules-iwlwifi-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-modules-usbio-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-modules-vision-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-perf",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-source-6.17.0",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-tools-6.17.0-40",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-tools-6.17.0-40-generic",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-tools-6.17.0-40-generic-64k",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-tools-common",
"binary_version": "6.17.0-40.40"
},
{
"binary_name": "linux-tools-host",
"binary_version": "6.17.0-40.40"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux",
"purl": "pkg:deb/ubuntu/linux@6.17.0-40.40?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-15.15",
"6.15.0-3.3",
"6.15.0-4.4",
"6.16.0-13.13",
"6.16.0-16.16",
"6.17.0-3.3",
"6.17.0-4.4",
"6.17.0-5.5",
"6.17.0-6.6",
"6.17.0-7.7",
"6.17.0-8.8",
"6.17.0-12.12",
"6.17.0-14.14",
"6.17.0-19.19",
"6.17.0-20.20",
"6.17.0-22.22",
"6.17.0-23.23",
"6.17.0-29.29",
"6.17.0-35.35",
"6.17.0-40.40"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-6.17.0-1019",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-aws-headers-6.17.0-1019",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-aws-tools-6.17.0-1019",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-buildinfo-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-buildinfo-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-headers-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-headers-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-modules-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-modules-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-tools-6.17.0-1019-aws",
"binary_version": "6.17.0-1019.19"
},
{
"binary_name": "linux-tools-6.17.0-1019-aws-64k",
"binary_version": "6.17.0-1019.19"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@6.17.0-1019.19?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1005.5",
"6.14.0-1007.7+25.10.2",
"6.16.0-1001.1",
"6.17.0-1001.1",
"6.17.0-1002.2",
"6.17.0-1003.3",
"6.17.0-1004.4",
"6.17.0-1005.5",
"6.17.0-1006.6",
"6.17.0-1007.7",
"6.17.0-1009.9",
"6.17.0-1010.10",
"6.17.0-1012.12",
"6.17.0-1013.13",
"6.17.0-1015.15",
"6.17.0-1017.17",
"6.17.0-1019.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-6.17.0-1020",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-azure-headers-6.17.0-1020",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-azure-tools-6.17.0-1020",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-buildinfo-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-headers-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-modules-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20"
},
{
"binary_name": "linux-tools-6.17.0-1020-azure",
"binary_version": "6.17.0-1020.20"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-azure",
"purl": "pkg:deb/ubuntu/linux-azure@6.17.0-1020.20?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1004.4",
"6.14.0-1007.7+25.10.1",
"6.16.0-1001.1",
"6.17.0-1002.2",
"6.17.0-1003.3",
"6.17.0-1004.4",
"6.17.0-1006.6",
"6.17.0-1007.7",
"6.17.0-1008.8",
"6.17.0-1010.10",
"6.17.0-1011.11",
"6.17.0-1013.13",
"6.17.0-1015.15",
"6.17.0-1017.17",
"6.17.0-1018.18",
"6.17.0-1020.20"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-cloud-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-azure-fde-headers-6.17.0-1017",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-azure-fde-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-buildinfo-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-headers-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-modules-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17"
},
{
"binary_name": "linux-tools-6.17.0-1017-azure-fde",
"binary_version": "6.17.0-1017.17"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-azure-fde",
"purl": "pkg:deb/ubuntu/linux-azure-fde@6.17.0-1017.17?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.17.0-1003.3",
"6.17.0-1004.4",
"6.17.0-1005.5",
"6.17.0-1007.7",
"6.17.0-1008.8",
"6.17.0-1010.10",
"6.17.0-1012.12",
"6.17.0-1014.14",
"6.17.0-1015.15",
"6.17.0-1017.17"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-buildinfo-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-gcp-headers-6.17.0-1020",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-gcp-tools-6.17.0-1020",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-headers-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-headers-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-modules-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-modules-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-tools-6.17.0-1020-gcp",
"binary_version": "6.17.0-1020.22"
},
{
"binary_name": "linux-tools-6.17.0-1020-gcp-64k",
"binary_version": "6.17.0-1020.22"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-gcp",
"purl": "pkg:deb/ubuntu/linux-gcp@6.17.0-1020.22?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1006.6",
"6.14.0-1009.9+25.10.1",
"6.16.0-1001.1",
"6.17.0-1001.1",
"6.17.0-1002.2",
"6.17.0-1003.3",
"6.17.0-1004.4",
"6.17.0-1005.5",
"6.17.0-1006.6",
"6.17.0-1007.7",
"6.17.0-1009.9",
"6.17.0-1010.10",
"6.17.0-1012.12",
"6.17.0-1013.13",
"6.17.0-1016.17",
"6.17.0-1018.19",
"6.17.0-1020.22"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-buildinfo-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-headers-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-headers-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-modules-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-modules-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-oracle-headers-6.17.0-1018",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-oracle-tools-6.17.0-1018",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-tools-6.17.0-1018-oracle",
"binary_version": "6.17.0-1018.18"
},
{
"binary_name": "linux-tools-6.17.0-1018-oracle-64k",
"binary_version": "6.17.0-1018.18"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-oracle",
"purl": "pkg:deb/ubuntu/linux-oracle@6.17.0-1018.18?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1005.5",
"6.14.0-1007.7+25.10.1",
"6.16.0-1001.1",
"6.17.0-1001.1",
"6.17.0-1002.2",
"6.17.0-1003.3",
"6.17.0-1005.5",
"6.17.0-1006.6",
"6.17.0-1007.7",
"6.17.0-1009.9",
"6.17.0-1010.10",
"6.17.0-1011.11",
"6.17.0-1012.12",
"6.17.0-1014.14",
"6.17.0-1016.16",
"6.17.0-1018.18"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1021-raspi",
"binary_version": "6.17.0-1021.21"
},
{
"binary_name": "linux-headers-6.17.0-1021-raspi",
"binary_version": "6.17.0-1021.21"
},
{
"binary_name": "linux-image-6.17.0-1021-raspi",
"binary_version": "6.17.0-1021.21"
},
{
"binary_name": "linux-modules-6.17.0-1021-raspi",
"binary_version": "6.17.0-1021.21"
},
{
"binary_name": "linux-raspi-headers-6.17.0-1021",
"binary_version": "6.17.0-1021.21"
},
{
"binary_name": "linux-raspi-tools-6.17.0-1021",
"binary_version": "6.17.0-1021.21"
},
{
"binary_name": "linux-tools-6.17.0-1021-raspi",
"binary_version": "6.17.0-1021.21"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-raspi",
"purl": "pkg:deb/ubuntu/linux-raspi@6.17.0-1021.21?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1005.5",
"6.17.0-1003.3",
"6.17.0-1004.4",
"6.17.0-1005.5",
"6.17.0-1006.6",
"6.17.0-1007.7",
"6.17.0-1008.8",
"6.17.0-1010.10",
"6.17.0-1011.11",
"6.17.0-1013.13",
"6.17.0-1014.14",
"6.17.0-1017.17",
"6.17.0-1018.18",
"6.17.0-1021.21"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-cloud-tools-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-headers-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-image-unsigned-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-modules-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-modules-iwlwifi-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-realtime-cloud-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-realtime-headers-6.17.0-1017",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-realtime-tools-6.17.0-1017",
"binary_version": "6.17.0-1017.19"
},
{
"binary_name": "linux-tools-6.17.0-1017-realtime",
"binary_version": "6.17.0-1017.19"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-realtime",
"purl": "pkg:deb/ubuntu/linux-realtime@6.17.0-1017.19?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-1002.2",
"6.17.0-1001.2",
"6.17.0-1002.3",
"6.17.0-1003.4",
"6.17.0-1004.5",
"6.17.0-1005.6",
"6.17.0-1006.7",
"6.17.0-1008.9",
"6.17.0-1009.10",
"6.17.0-1010.11",
"6.17.0-1011.12",
"6.17.0-1013.15",
"6.17.0-1014.16",
"6.17.0-1017.19"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-buildinfo-6.17.0-40-generic",
"binary_version": "6.17.0-40.40.1"
},
{
"binary_name": "linux-headers-6.17.0-40-generic",
"binary_version": "6.17.0-40.40.1"
},
{
"binary_name": "linux-image-6.17.0-40-generic",
"binary_version": "6.17.0-40.40.1"
},
{
"binary_name": "linux-modules-6.17.0-40-generic",
"binary_version": "6.17.0-40.40.1"
},
{
"binary_name": "linux-riscv-headers-6.17.0-40",
"binary_version": "6.17.0-40.40.1"
},
{
"binary_name": "linux-riscv-tools-6.17.0-40",
"binary_version": "6.17.0-40.40.1"
},
{
"binary_name": "linux-tools-6.17.0-40-generic",
"binary_version": "6.17.0-40.40.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:25.10",
"name": "linux-riscv",
"purl": "pkg:deb/ubuntu/linux-riscv@6.17.0-40.40.1?arch=source\u0026distro=questing"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"6.14.0-13.13.2",
"6.17.0-4.4.1",
"6.17.0-5.5.1",
"6.17.0-6.6.1",
"6.17.0-7.7.1",
"6.17.0-8.8.1",
"6.17.0-12.12.1",
"6.17.0-14.14.1",
"6.17.0-19.19.1",
"6.17.0-20.20.1",
"6.17.0-22.22.1",
"6.17.0-23.23.1",
"6.17.0-29.29.1",
"6.17.0-35.35.1",
"6.17.0-40.40.1"
]
},
{
"ecosystem_specific": {
"binaries": [
{
"binary_name": "linux-azure-fde-cloud-tools-7.0.0-1008",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-azure-fde-headers-7.0.0-1008",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-azure-fde-tools-7.0.0-1008",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-buildinfo-7.0.0-1008-azure-fde",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-cloud-tools-7.0.0-1008-azure-fde",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-headers-7.0.0-1008-azure-fde",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-image-unsigned-7.0.0-1008-azure-fde",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-modules-7.0.0-1008-azure-fde",
"binary_version": "7.0.0-1008.8"
},
{
"binary_name": "linux-tools-7.0.0-1008-azure-fde",
"binary_version": "7.0.0-1008.8"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "linux-azure-fde",
"purl": "pkg:deb/ubuntu/linux-azure-fde@7.0.0-1008.8?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"7.0.0-1003.3",
"7.0.0-1004.4",
"7.0.0-1006.6",
"7.0.0-1008.8"
]
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-buildinfo-7.0.0-1006-nvidia",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-buildinfo-7.0.0-1006-nvidia-64k",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-headers-7.0.0-1006-nvidia",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-headers-7.0.0-1006-nvidia-64k",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-image-unsigned-7.0.0-1006-nvidia",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-image-unsigned-7.0.0-1006-nvidia-64k",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-modules-7.0.0-1006-nvidia",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-modules-7.0.0-1006-nvidia-64k",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-nvidia-headers-7.0.0-1006",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-nvidia-tools-7.0.0-1006",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-tools-7.0.0-1006-nvidia",
"binary_version": "7.0.0-1006.6"
},
{
"binary_name": "linux-tools-7.0.0-1006-nvidia-64k",
"binary_version": "7.0.0-1006.6"
}
]
},
"package": {
"ecosystem": "Ubuntu:26.04:LTS",
"name": "linux-nvidia",
"purl": "pkg:deb/ubuntu/linux-nvidia@7.0.0-1006.6?arch=source\u0026distro=resolute"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "7.0.0-1006.6"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"7.0.0-1005.5"
]
}
],
"aliases": [],
"details": "In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears the trailing padding bytes of struct xfrm_user_expire after setting the hard field via memset_after(), but the analogous function build_polexpire() does not do this for struct xfrm_user_polexpire. The padding bytes after the __u8 hard field are left uninitialized from the heap allocation, and are then sent to userspace via netlink multicast to XFRMNLGRP_EXPIRE listeners, leaking kernel heap memory contents. Add the missing memset_after() call, matching build_expire().",
"id": "UBUNTU-CVE-2026-31664",
"modified": "2026-07-14T13:48:55Z",
"published": "2026-04-24T15:16:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2026-31664"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31664"
},
{
"type": "REPORT",
"url": "https://git.kernel.org/linus/71a98248c63c535eaa4d4c22f099b68d902006d0"
}
],
"related": [],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2026-31664"
]
}
WID-SEC-W-2026-1279
Vulnerability from csaf_certbund - Published: 2026-04-26 22:00 - Updated: 2026-06-16 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, welche zu einem Denial-of-Service-Zustand, einer Rechteausweitung, der Ausf\u00fchrung von Code oder einer Speicherbesch\u00e4digung f\u00fchren k\u00f6nnten.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1279 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1279.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1279 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1279"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31535",
"url": "https://lore.kernel.org/linux-cve-announce/2026042433-CVE-2026-31535-1c83@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31536",
"url": "https://lore.kernel.org/linux-cve-announce/2026042433-CVE-2026-31536-d7cc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31537",
"url": "https://lore.kernel.org/linux-cve-announce/2026042434-CVE-2026-31537-6202@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31538",
"url": "https://lore.kernel.org/linux-cve-announce/2026042434-CVE-2026-31538-a6f7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31539",
"url": "https://lore.kernel.org/linux-cve-announce/2026042434-CVE-2026-31539-fe1a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31540",
"url": "https://lore.kernel.org/linux-cve-announce/2026042422-CVE-2026-31540-c37f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31541",
"url": "https://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31541-af1d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31542",
"url": "https://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31542-ba9f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31543",
"url": "https://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31543-803c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31544",
"url": "https://lore.kernel.org/linux-cve-announce/2026042424-CVE-2026-31544-7fc3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31545",
"url": "https://lore.kernel.org/linux-cve-announce/2026042424-CVE-2026-31545-ed19@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31546",
"url": "https://lore.kernel.org/linux-cve-announce/2026042425-CVE-2026-31546-2ca3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31547",
"url": "https://lore.kernel.org/linux-cve-announce/2026042425-CVE-2026-31547-639e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31548",
"url": "https://lore.kernel.org/linux-cve-announce/2026042425-CVE-2026-31548-3d88@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31549",
"url": "https://lore.kernel.org/linux-cve-announce/2026042426-CVE-2026-31549-81f8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31550",
"url": "https://lore.kernel.org/linux-cve-announce/2026042426-CVE-2026-31550-17d2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31551",
"url": "https://lore.kernel.org/linux-cve-announce/2026042426-CVE-2026-31551-81e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31552",
"url": "https://lore.kernel.org/linux-cve-announce/2026042427-CVE-2026-31552-505c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31553",
"url": "https://lore.kernel.org/linux-cve-announce/2026042456-CVE-2026-31553-0d39@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31554",
"url": "https://lore.kernel.org/linux-cve-announce/2026042456-CVE-2026-31554-377c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31555",
"url": "https://lore.kernel.org/linux-cve-announce/2026042456-CVE-2026-31555-ba94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31556",
"url": "https://lore.kernel.org/linux-cve-announce/2026042457-CVE-2026-31556-9b84@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31557",
"url": "https://lore.kernel.org/linux-cve-announce/2026042457-CVE-2026-31557-dca7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31558",
"url": "https://lore.kernel.org/linux-cve-announce/2026042457-CVE-2026-31558-1140@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31559",
"url": "https://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31559-01e9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31560",
"url": "https://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31560-9e2c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31561",
"url": "https://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31561-ca96@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31562",
"url": "https://lore.kernel.org/linux-cve-announce/2026042459-CVE-2026-31562-893e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31563",
"url": "https://lore.kernel.org/linux-cve-announce/2026042459-CVE-2026-31563-ae94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31564",
"url": "https://lore.kernel.org/linux-cve-announce/2026042459-CVE-2026-31564-c762@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31565",
"url": "https://lore.kernel.org/linux-cve-announce/2026042400-CVE-2026-31565-932b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31566",
"url": "https://lore.kernel.org/linux-cve-announce/2026042400-CVE-2026-31566-2d8b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31567",
"url": "https://lore.kernel.org/linux-cve-announce/2026042400-CVE-2026-31567-6abf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31568",
"url": "https://lore.kernel.org/linux-cve-announce/2026042401-CVE-2026-31568-cefd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31569",
"url": "https://lore.kernel.org/linux-cve-announce/2026042401-CVE-2026-31569-41ce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31570",
"url": "https://lore.kernel.org/linux-cve-announce/2026042402-CVE-2026-31570-5f18@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31571",
"url": "https://lore.kernel.org/linux-cve-announce/2026042402-CVE-2026-31571-41f9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31572",
"url": "https://lore.kernel.org/linux-cve-announce/2026042402-CVE-2026-31572-0eec@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31573",
"url": "https://lore.kernel.org/linux-cve-announce/2026042403-CVE-2026-31573-4d0a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31574",
"url": "https://lore.kernel.org/linux-cve-announce/2026042409-CVE-2026-31574-ff0b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31575",
"url": "https://lore.kernel.org/linux-cve-announce/2026042409-CVE-2026-31575-c1bf@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31576",
"url": "https://lore.kernel.org/linux-cve-announce/2026042410-CVE-2026-31576-e770@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31577",
"url": "https://lore.kernel.org/linux-cve-announce/2026042410-CVE-2026-31577-5e81@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31578",
"url": "https://lore.kernel.org/linux-cve-announce/2026042410-CVE-2026-31578-fd48@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31579",
"url": "https://lore.kernel.org/linux-cve-announce/2026042411-CVE-2026-31579-3f05@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31580",
"url": "https://lore.kernel.org/linux-cve-announce/2026042411-CVE-2026-31580-7d94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31581",
"url": "https://lore.kernel.org/linux-cve-announce/2026042411-CVE-2026-31581-9bc2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31582",
"url": "https://lore.kernel.org/linux-cve-announce/2026042412-CVE-2026-31582-cf91@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31583",
"url": "https://lore.kernel.org/linux-cve-announce/2026042412-CVE-2026-31583-edcc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31584",
"url": "https://lore.kernel.org/linux-cve-announce/2026042412-CVE-2026-31584-d806@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31585",
"url": "https://lore.kernel.org/linux-cve-announce/2026042413-CVE-2026-31585-b423@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31586",
"url": "https://lore.kernel.org/linux-cve-announce/2026042413-CVE-2026-31586-3a32@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31587",
"url": "https://lore.kernel.org/linux-cve-announce/2026042413-CVE-2026-31587-5afb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31588",
"url": "https://lore.kernel.org/linux-cve-announce/2026042414-CVE-2026-31588-333a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31589",
"url": "https://lore.kernel.org/linux-cve-announce/2026042414-CVE-2026-31589-18ae@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31590",
"url": "https://lore.kernel.org/linux-cve-announce/2026042414-CVE-2026-31590-a7e3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31591",
"url": "https://lore.kernel.org/linux-cve-announce/2026042415-CVE-2026-31591-4148@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31592",
"url": "https://lore.kernel.org/linux-cve-announce/2026042415-CVE-2026-31592-954a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31593",
"url": "https://lore.kernel.org/linux-cve-announce/2026042415-CVE-2026-31593-455f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31594",
"url": "https://lore.kernel.org/linux-cve-announce/2026042416-CVE-2026-31594-29aa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31595",
"url": "https://lore.kernel.org/linux-cve-announce/2026042416-CVE-2026-31595-b754@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31596",
"url": "https://lore.kernel.org/linux-cve-announce/2026042416-CVE-2026-31596-0201@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31597",
"url": "https://lore.kernel.org/linux-cve-announce/2026042417-CVE-2026-31597-79cd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31598",
"url": "https://lore.kernel.org/linux-cve-announce/2026042417-CVE-2026-31598-6408@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31599",
"url": "https://lore.kernel.org/linux-cve-announce/2026042418-CVE-2026-31599-b2c6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31600",
"url": "https://lore.kernel.org/linux-cve-announce/2026042418-CVE-2026-31600-3260@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31601",
"url": "https://lore.kernel.org/linux-cve-announce/2026042418-CVE-2026-31601-1cb0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31602",
"url": "https://lore.kernel.org/linux-cve-announce/2026042419-CVE-2026-31602-39fc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31603",
"url": "https://lore.kernel.org/linux-cve-announce/2026042419-CVE-2026-31603-bfce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31604",
"url": "https://lore.kernel.org/linux-cve-announce/2026042419-CVE-2026-31604-cd65@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31605",
"url": "https://lore.kernel.org/linux-cve-announce/2026042420-CVE-2026-31605-f29f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31606",
"url": "https://lore.kernel.org/linux-cve-announce/2026042420-CVE-2026-31606-baa6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31607",
"url": "https://lore.kernel.org/linux-cve-announce/2026042420-CVE-2026-31607-7bac@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31608",
"url": "https://lore.kernel.org/linux-cve-announce/2026042421-CVE-2026-31608-1786@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31609",
"url": "https://lore.kernel.org/linux-cve-announce/2026042421-CVE-2026-31609-fc3f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31610",
"url": "https://lore.kernel.org/linux-cve-announce/2026042421-CVE-2026-31610-40ea@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31611",
"url": "https://lore.kernel.org/linux-cve-announce/2026042422-CVE-2026-31611-6396@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31612",
"url": "https://lore.kernel.org/linux-cve-announce/2026042422-CVE-2026-31612-24a7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31613",
"url": "https://lore.kernel.org/linux-cve-announce/2026042422-CVE-2026-31613-b061@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31614",
"url": "https://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31614-4bf1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31615",
"url": "https://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31615-f19f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31616",
"url": "https://lore.kernel.org/linux-cve-announce/2026042423-CVE-2026-31616-ace5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31617",
"url": "https://lore.kernel.org/linux-cve-announce/2026042424-CVE-2026-31617-6e1b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31618",
"url": "https://lore.kernel.org/linux-cve-announce/2026042424-CVE-2026-31618-baf8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31619",
"url": "https://lore.kernel.org/linux-cve-announce/2026042424-CVE-2026-31619-4a8c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31620",
"url": "https://lore.kernel.org/linux-cve-announce/2026042425-CVE-2026-31620-8a5a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31621",
"url": "https://lore.kernel.org/linux-cve-announce/2026042425-CVE-2026-31621-0c38@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31622",
"url": "https://lore.kernel.org/linux-cve-announce/2026042426-CVE-2026-31622-dc00@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31623",
"url": "https://lore.kernel.org/linux-cve-announce/2026042426-CVE-2026-31623-64d8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31624",
"url": "https://lore.kernel.org/linux-cve-announce/2026042426-CVE-2026-31624-e19a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31625",
"url": "https://lore.kernel.org/linux-cve-announce/2026042427-CVE-2026-31625-71c1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31626",
"url": "https://lore.kernel.org/linux-cve-announce/2026042427-CVE-2026-31626-2085@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31627",
"url": "https://lore.kernel.org/linux-cve-announce/2026042427-CVE-2026-31627-bd9b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31628",
"url": "https://lore.kernel.org/linux-cve-announce/2026042428-CVE-2026-31628-8187@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31629",
"url": "https://lore.kernel.org/linux-cve-announce/2026042428-CVE-2026-31629-84ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31630",
"url": "https://lore.kernel.org/linux-cve-announce/2026042453-CVE-2026-31630-4218@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31631",
"url": "https://lore.kernel.org/linux-cve-announce/2026042453-CVE-2026-31631-ac3f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31632",
"url": "https://lore.kernel.org/linux-cve-announce/2026042454-CVE-2026-31632-4da1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31633",
"url": "https://lore.kernel.org/linux-cve-announce/2026042454-CVE-2026-31633-8b07@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31634",
"url": "https://lore.kernel.org/linux-cve-announce/2026042454-CVE-2026-31634-35fc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31635",
"url": "https://lore.kernel.org/linux-cve-announce/2026042455-CVE-2026-31635-73bd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31636",
"url": "https://lore.kernel.org/linux-cve-announce/2026042455-CVE-2026-31636-2951@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31637",
"url": "https://lore.kernel.org/linux-cve-announce/2026042455-CVE-2026-31637-0433@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31638",
"url": "https://lore.kernel.org/linux-cve-announce/2026042456-CVE-2026-31638-e40c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31639",
"url": "https://lore.kernel.org/linux-cve-announce/2026042456-CVE-2026-31639-ef94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31640",
"url": "https://lore.kernel.org/linux-cve-announce/2026042456-CVE-2026-31640-3477@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31641",
"url": "https://lore.kernel.org/linux-cve-announce/2026042457-CVE-2026-31641-2dee@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31642",
"url": "https://lore.kernel.org/linux-cve-announce/2026042457-CVE-2026-31642-b2f3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31643",
"url": "https://lore.kernel.org/linux-cve-announce/2026042457-CVE-2026-31643-54c3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31644",
"url": "https://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31644-34ba@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31645",
"url": "https://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31645-812d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31646",
"url": "https://lore.kernel.org/linux-cve-announce/2026042458-CVE-2026-31646-0187@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31647",
"url": "https://lore.kernel.org/linux-cve-announce/2026042459-CVE-2026-31647-3188@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31648",
"url": "https://lore.kernel.org/linux-cve-announce/2026042459-CVE-2026-31648-f2de@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31649",
"url": "https://lore.kernel.org/linux-cve-announce/2026042459-CVE-2026-31649-b45c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31650",
"url": "https://lore.kernel.org/linux-cve-announce/2026042400-CVE-2026-31650-fb3f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31651",
"url": "https://lore.kernel.org/linux-cve-announce/2026042400-CVE-2026-31651-6fe7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31652",
"url": "https://lore.kernel.org/linux-cve-announce/2026042400-CVE-2026-31652-e967@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31653",
"url": "https://lore.kernel.org/linux-cve-announce/2026042401-CVE-2026-31653-cb56@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31654",
"url": "https://lore.kernel.org/linux-cve-announce/2026042401-CVE-2026-31654-d30c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31655",
"url": "https://lore.kernel.org/linux-cve-announce/2026042401-CVE-2026-31655-17ab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31656",
"url": "https://lore.kernel.org/linux-cve-announce/2026042402-CVE-2026-31656-050b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31657",
"url": "https://lore.kernel.org/linux-cve-announce/2026042402-CVE-2026-31657-fbab@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31658",
"url": "https://lore.kernel.org/linux-cve-announce/2026042402-CVE-2026-31658-a6d5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31659",
"url": "https://lore.kernel.org/linux-cve-announce/2026042403-CVE-2026-31659-58eb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31660",
"url": "https://lore.kernel.org/linux-cve-announce/2026042403-CVE-2026-31660-9293@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31661",
"url": "https://lore.kernel.org/linux-cve-announce/2026042404-CVE-2026-31661-16ae@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31662",
"url": "https://lore.kernel.org/linux-cve-announce/2026042404-CVE-2026-31662-3728@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31663",
"url": "https://lore.kernel.org/linux-cve-announce/2026042404-CVE-2026-31663-164c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31664",
"url": "https://lore.kernel.org/linux-cve-announce/2026042405-CVE-2026-31664-d315@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31665",
"url": "https://lore.kernel.org/linux-cve-announce/2026042405-CVE-2026-31665-f586@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31666",
"url": "https://lore.kernel.org/linux-cve-announce/2026042405-CVE-2026-31666-f817@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31667",
"url": "https://lore.kernel.org/linux-cve-announce/2026042406-CVE-2026-31667-a1a7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31668",
"url": "https://lore.kernel.org/linux-cve-announce/2026042406-CVE-2026-31668-50e7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31669",
"url": "https://lore.kernel.org/linux-cve-announce/2026042406-CVE-2026-31669-0e0d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31670",
"url": "https://lore.kernel.org/linux-cve-announce/2026042407-CVE-2026-31670-d54c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31671",
"url": "https://lore.kernel.org/linux-cve-announce/2026042407-CVE-2026-31671-c4b9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31672",
"url": "https://lore.kernel.org/linux-cve-announce/2026042407-CVE-2026-31672-e116@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31673",
"url": "https://lore.kernel.org/linux-cve-announce/2026042539-CVE-2026-31673-b5f6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31674",
"url": "https://lore.kernel.org/linux-cve-announce/2026042543-CVE-2026-31674-7e8a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31675",
"url": "https://lore.kernel.org/linux-cve-announce/2026042543-CVE-2026-31675-e5da@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31676",
"url": "https://lore.kernel.org/linux-cve-announce/2026042543-CVE-2026-31676-ff79@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31677",
"url": "https://lore.kernel.org/linux-cve-announce/2026042544-CVE-2026-31677-1a29@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31678",
"url": "https://lore.kernel.org/linux-cve-announce/2026042544-CVE-2026-31678-79f5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31679",
"url": "https://lore.kernel.org/linux-cve-announce/2026042544-CVE-2026-31679-7f32@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31680",
"url": "https://lore.kernel.org/linux-cve-announce/2026042544-CVE-2026-31680-7624@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31681",
"url": "https://lore.kernel.org/linux-cve-announce/2026042545-CVE-2026-31681-3c5b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31682",
"url": "https://lore.kernel.org/linux-cve-announce/2026042545-CVE-2026-31682-fe50@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31683",
"url": "https://lore.kernel.org/linux-cve-announce/2026042545-CVE-2026-31683-b833@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31684",
"url": "https://lore.kernel.org/linux-cve-announce/2026042545-CVE-2026-31684-6974@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31685",
"url": "https://lore.kernel.org/linux-cve-announce/2026042545-CVE-2026-31685-3fcc@gregkh/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6243 vom 2026-05-04",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00154.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6238 vom 2026-05-04",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00148.html"
},
{
"category": "external",
"summary": "Container-Optimized OS release notes vom 2026-05-02",
"url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#May_01_2026"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4561 vom 2026-05-02",
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00005.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-13566 vom 2026-05-06",
"url": "https://linux.oracle.com/errata/ELSA-2026-13566.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-13565 vom 2026-05-07",
"url": "http://linux.oracle.com/errata/ELSA-2026-13565.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-13577 vom 2026-05-07",
"url": "http://linux.oracle.com/errata/ELSA-2026-13577.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50261 vom 2026-05-12",
"url": "https://linux.oracle.com/errata/ELSA-2026-50261.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50262 vom 2026-05-12",
"url": "https://linux.oracle.com/errata/ELSA-2026-50262.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:19225 vom 2026-05-20",
"url": "https://access.redhat.com/errata/RHSA-2026:19225"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:19074 vom 2026-05-20",
"url": "https://access.redhat.com/errata/RHSA-2026:19074"
},
{
"category": "external",
"summary": "DirtyDecrypt PoC CVE-2026-31635 vom 2026-05-19",
"url": "https://github.com/0xBlackash/CVE-2026-31635"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:19569 vom 2026-05-20",
"url": "https://access.redhat.com/errata/RHSA-2026:19569"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:19568 vom 2026-05-21",
"url": "https://access.redhat.com/errata/RHSA-2026:19568"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50280 vom 2026-05-22",
"url": "https://oss.oracle.com/pipermail/el-errata/2026-May/020528.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50281 vom 2026-05-22",
"url": "https://linux.oracle.com/errata/ELSA-2026-50281.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2068-1 vom 2026-05-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026278.html"
},
{
"category": "external",
"summary": "Container-Optimized OS release notes vom 2026-05-26",
"url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#May_01_2026"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:21557 vom 2026-05-28",
"url": "https://access.redhat.com/errata/RHSA-2026:21557"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:21706 vom 2026-05-28",
"url": "https://access.redhat.com/errata/RHSA-2026:21706"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:21556 vom 2026-05-28",
"url": "https://access.redhat.com/errata/RHSA-2026:21556"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:21745 vom 2026-05-28",
"url": "https://access.redhat.com/errata/RHSA-2026:21745"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2111-1 vom 2026-05-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026397.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4606 vom 2026-05-29",
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00051.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:21745 vom 2026-05-31",
"url": "https://errata.build.resf.org/RLSA-2026:21745"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:21706 vom 2026-05-31",
"url": "https://errata.build.resf.org/RLSA-2026:21706"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:21556 vom 2026-05-30",
"url": "https://errata.build.resf.org/RLSA-2026:21556"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21841-1 vom 2026-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026384.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20826-1 vom 2026-05-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7D6UU5UPSRF74AUKK2CVVWC3NKU2VIUP/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21834-1 vom 2026-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026381.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-21706 vom 2026-05-29",
"url": "https://linux.oracle.com/errata/ELSA-2026-21706.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21845-1 vom 2026-06-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026437.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2195-1 vom 2026-06-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026416.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2202-1 vom 2026-06-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026424.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21860-1 vom 2026-06-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026426.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2217-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026441.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21877-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026514.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21876-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026515.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21916-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026478.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21866-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026524.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21919-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026475.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8371-1 vom 2026-06-02",
"url": "https://ubuntu.com/security/notices/USN-8371-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21947-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026447.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2216-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026444.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8373-1 vom 2026-06-02",
"url": "https://ubuntu.com/security/notices/USN-8373-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2215-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026445.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21868-1 vom 2026-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026522.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8374-1 vom 2026-06-02",
"url": "https://ubuntu.com/security/notices/USN-8374-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2238-1 vom 2026-06-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026559.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50293 vom 2026-06-04",
"url": "http://linux.oracle.com/errata/ELSA-2026-50293.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:23237 vom 2026-06-04",
"url": "https://access.redhat.com/errata/RHSA-2026:23237"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:23224 vom 2026-06-04",
"url": "https://access.redhat.com/errata/RHSA-2026:23224"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50299 vom 2026-06-04",
"url": "http://linux.oracle.com/errata/ELSA-2026-50299.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:21557 vom 2026-06-04",
"url": "https://errata.build.resf.org/RLSA-2026:21557"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50294 vom 2026-06-04",
"url": "http://linux.oracle.com/errata/ELSA-2026-50294.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:23329 vom 2026-06-04",
"url": "https://access.redhat.com/errata/RHSA-2026:23329"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-23258 vom 2026-06-06",
"url": "https://linux.oracle.com/errata/ELSA-2026-23258.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:24343 vom 2026-06-08",
"url": "https://access.redhat.com/errata/RHSA-2026:24343"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:24381 vom 2026-06-08",
"url": "https://access.redhat.com/errata/RHSA-2026:24381"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20912-1 vom 2026-06-08",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/FZM3URQQWLAAXA44ZXVWIGRPJ3OVLFFC/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22043-1 vom 2026-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026665.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50306 vom 2026-06-09",
"url": "https://linux.oracle.com/errata/ELSA-2026-50306.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22048-1 vom 2026-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026660.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2310-1 vom 2026-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026651.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2317-1 vom 2026-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026672.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25191 vom 2026-06-11",
"url": "https://access.redhat.com/errata/RHSA-2026:25191"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2331-1 vom 2026-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026686.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2332-1 vom 2026-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026685.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25217 vom 2026-06-11",
"url": "https://access.redhat.com/errata/RHSA-2026:25217"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25121 vom 2026-06-10",
"url": "https://access.redhat.com/errata/RHSA-2026:25121"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25095 vom 2026-06-10",
"url": "https://access.redhat.com/errata/RHSA-2026:25095"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25120 vom 2026-06-10",
"url": "https://access.redhat.com/errata/RHSA-2026:25120"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:25120 vom 2026-06-12",
"url": "https://errata.build.resf.org/RLSA-2026:25120"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:25217 vom 2026-06-13",
"url": "https://errata.build.resf.org/RLSA-2026:25217"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:25533 vom 2026-06-13",
"url": "https://access.redhat.com/errata/RHSA-2026:25533"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:25191 vom 2026-06-13",
"url": "https://errata.build.resf.org/RLSA-2026:25191"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:25121 vom 2026-06-12",
"url": "https://errata.build.resf.org/RLSA-2026:25121"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2383-1 vom 2026-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026723.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22076-1 vom 2026-06-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026754.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22087-1 vom 2026-06-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026746.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RXSA-2026:25217 vom 2026-06-15",
"url": "https://errata.build.resf.org/RXSA-2026:25217"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-50318 vom 2026-06-16",
"url": "https://linux.oracle.com/errata/ELSA-2026-50318.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-25121 vom 2026-06-16",
"url": "https://linux.oracle.com/errata/ELSA-2026-25121.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22112-1 vom 2026-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026783.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26428 vom 2026-06-16",
"url": "https://access.redhat.com/errata/RHSA-2026:26428"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26462 vom 2026-06-17",
"url": "https://access.redhat.com/errata/RHSA-2026:26462"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22108-1 vom 2026-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026784.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22117-1 vom 2026-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026781.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22127-1 vom 2026-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026776.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22099-1 vom 2026-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026791.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:22100-1 vom 2026-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026790.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2421-1 vom 2026-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026795.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26515 vom 2026-06-17",
"url": "https://access.redhat.com/errata/RHSA-2026:26515"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26535 vom 2026-06-17",
"url": "https://access.redhat.com/errata/RHSA-2026:26535"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-16T22:00:00.000+00:00",
"generator": {
"date": "2026-06-17T10:00:20.013+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1279",
"initial_release_date": "2026-04-26T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-26T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-05-05T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-05-12T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und PoC f\u00fcr CVE-2026-31635 \"DirtyDecrypt\" aufgenommen"
},
{
"date": "2026-05-20T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-21T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-05-25T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-05-26T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-27T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-28T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-31T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE, Debian, Rocky Enterprise Software Foundation, openSUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-06-01T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-06-02T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE und Ubuntu aufgenommen"
},
{
"date": "2026-06-04T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE, Oracle Linux, Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-06-07T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-06-08T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat und openSUSE aufgenommen"
},
{
"date": "2026-06-09T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-06-10T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2026-06-14T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Rocky Enterprise Software Foundation, Red Hat und SUSE aufgenommen"
},
{
"date": "2026-06-15T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-06-16T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
}
],
"status": "final",
"version": "23"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Container-Optimized OS",
"product": {
"name": "Google Container-Optimized OS",
"product_id": "1607324",
"product_identification_helper": {
"cpe": "cpe:/o:google:container-optimized_os:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T053351",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-31535",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31535"
},
{
"cve": "CVE-2026-31536",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31536"
},
{
"cve": "CVE-2026-31537",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31537"
},
{
"cve": "CVE-2026-31538",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31538"
},
{
"cve": "CVE-2026-31539",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31539"
},
{
"cve": "CVE-2026-31540",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31540"
},
{
"cve": "CVE-2026-31541",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31541"
},
{
"cve": "CVE-2026-31542",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31542"
},
{
"cve": "CVE-2026-31543",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31543"
},
{
"cve": "CVE-2026-31544",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31544"
},
{
"cve": "CVE-2026-31545",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31545"
},
{
"cve": "CVE-2026-31546",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31546"
},
{
"cve": "CVE-2026-31547",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31547"
},
{
"cve": "CVE-2026-31548",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31548"
},
{
"cve": "CVE-2026-31549",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31549"
},
{
"cve": "CVE-2026-31550",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31550"
},
{
"cve": "CVE-2026-31551",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31551"
},
{
"cve": "CVE-2026-31552",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31552"
},
{
"cve": "CVE-2026-31553",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31553"
},
{
"cve": "CVE-2026-31554",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31554"
},
{
"cve": "CVE-2026-31555",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31556",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31556"
},
{
"cve": "CVE-2026-31557",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31557"
},
{
"cve": "CVE-2026-31558",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31558"
},
{
"cve": "CVE-2026-31559",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31559"
},
{
"cve": "CVE-2026-31560",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31560"
},
{
"cve": "CVE-2026-31561",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31561"
},
{
"cve": "CVE-2026-31562",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31562"
},
{
"cve": "CVE-2026-31563",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31563"
},
{
"cve": "CVE-2026-31564",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31564"
},
{
"cve": "CVE-2026-31565",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31565"
},
{
"cve": "CVE-2026-31566",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31566"
},
{
"cve": "CVE-2026-31567",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31567"
},
{
"cve": "CVE-2026-31568",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31568"
},
{
"cve": "CVE-2026-31569",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31569"
},
{
"cve": "CVE-2026-31570",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31570"
},
{
"cve": "CVE-2026-31571",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31571"
},
{
"cve": "CVE-2026-31572",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31572"
},
{
"cve": "CVE-2026-31573",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31573"
},
{
"cve": "CVE-2026-31574",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31574"
},
{
"cve": "CVE-2026-31575",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31575"
},
{
"cve": "CVE-2026-31576",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31576"
},
{
"cve": "CVE-2026-31577",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31577"
},
{
"cve": "CVE-2026-31578",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31578"
},
{
"cve": "CVE-2026-31579",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31579"
},
{
"cve": "CVE-2026-31580",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31580"
},
{
"cve": "CVE-2026-31581",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31581"
},
{
"cve": "CVE-2026-31582",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31582"
},
{
"cve": "CVE-2026-31583",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31583"
},
{
"cve": "CVE-2026-31584",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31584"
},
{
"cve": "CVE-2026-31585",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31585"
},
{
"cve": "CVE-2026-31586",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31586"
},
{
"cve": "CVE-2026-31587",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31587"
},
{
"cve": "CVE-2026-31588",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31588"
},
{
"cve": "CVE-2026-31589",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31589"
},
{
"cve": "CVE-2026-31590",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31590"
},
{
"cve": "CVE-2026-31591",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31591"
},
{
"cve": "CVE-2026-31592",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31593",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31593"
},
{
"cve": "CVE-2026-31594",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31594"
},
{
"cve": "CVE-2026-31595",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31595"
},
{
"cve": "CVE-2026-31596",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31596"
},
{
"cve": "CVE-2026-31597",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31597"
},
{
"cve": "CVE-2026-31598",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31598"
},
{
"cve": "CVE-2026-31599",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31599"
},
{
"cve": "CVE-2026-31600",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31600"
},
{
"cve": "CVE-2026-31601",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31601"
},
{
"cve": "CVE-2026-31602",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31602"
},
{
"cve": "CVE-2026-31603",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31603"
},
{
"cve": "CVE-2026-31604",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31604"
},
{
"cve": "CVE-2026-31605",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31605"
},
{
"cve": "CVE-2026-31606",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31606"
},
{
"cve": "CVE-2026-31607",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31607"
},
{
"cve": "CVE-2026-31608",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31608"
},
{
"cve": "CVE-2026-31609",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31609"
},
{
"cve": "CVE-2026-31610",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31610"
},
{
"cve": "CVE-2026-31611",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31611"
},
{
"cve": "CVE-2026-31612",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31612"
},
{
"cve": "CVE-2026-31613",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31613"
},
{
"cve": "CVE-2026-31614",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31614"
},
{
"cve": "CVE-2026-31615",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31615"
},
{
"cve": "CVE-2026-31616",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31616"
},
{
"cve": "CVE-2026-31617",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31617"
},
{
"cve": "CVE-2026-31618",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31618"
},
{
"cve": "CVE-2026-31619",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31619"
},
{
"cve": "CVE-2026-31620",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31620"
},
{
"cve": "CVE-2026-31621",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31621"
},
{
"cve": "CVE-2026-31622",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31622"
},
{
"cve": "CVE-2026-31623",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31623"
},
{
"cve": "CVE-2026-31624",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31624"
},
{
"cve": "CVE-2026-31625",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31625"
},
{
"cve": "CVE-2026-31626",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31626"
},
{
"cve": "CVE-2026-31627",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31627"
},
{
"cve": "CVE-2026-31628",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31628"
},
{
"cve": "CVE-2026-31629",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31629"
},
{
"cve": "CVE-2026-31630",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31630"
},
{
"cve": "CVE-2026-31631",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31631"
},
{
"cve": "CVE-2026-31632",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31632"
},
{
"cve": "CVE-2026-31633",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31633"
},
{
"cve": "CVE-2026-31634",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31634"
},
{
"cve": "CVE-2026-31635",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31635"
},
{
"cve": "CVE-2026-31636",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31636"
},
{
"cve": "CVE-2026-31637",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31637"
},
{
"cve": "CVE-2026-31638",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31638"
},
{
"cve": "CVE-2026-31639",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31639"
},
{
"cve": "CVE-2026-31640",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31640"
},
{
"cve": "CVE-2026-31641",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31641"
},
{
"cve": "CVE-2026-31642",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31642"
},
{
"cve": "CVE-2026-31643",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31643"
},
{
"cve": "CVE-2026-31644",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31644"
},
{
"cve": "CVE-2026-31645",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31645"
},
{
"cve": "CVE-2026-31646",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31646"
},
{
"cve": "CVE-2026-31647",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31647"
},
{
"cve": "CVE-2026-31648",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31648"
},
{
"cve": "CVE-2026-31649",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31649"
},
{
"cve": "CVE-2026-31650",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31650"
},
{
"cve": "CVE-2026-31651",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31651"
},
{
"cve": "CVE-2026-31652",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31652"
},
{
"cve": "CVE-2026-31653",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31653"
},
{
"cve": "CVE-2026-31654",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31654"
},
{
"cve": "CVE-2026-31655",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31655"
},
{
"cve": "CVE-2026-31656",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31656"
},
{
"cve": "CVE-2026-31657",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31657"
},
{
"cve": "CVE-2026-31658",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31658"
},
{
"cve": "CVE-2026-31659",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31659"
},
{
"cve": "CVE-2026-31660",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31660"
},
{
"cve": "CVE-2026-31661",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31661"
},
{
"cve": "CVE-2026-31662",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31662"
},
{
"cve": "CVE-2026-31663",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31663"
},
{
"cve": "CVE-2026-31664",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31666",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31666"
},
{
"cve": "CVE-2026-31667",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31667"
},
{
"cve": "CVE-2026-31668",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31668"
},
{
"cve": "CVE-2026-31669",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31669"
},
{
"cve": "CVE-2026-31670",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31670"
},
{
"cve": "CVE-2026-31671",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31671"
},
{
"cve": "CVE-2026-31672",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31672"
},
{
"cve": "CVE-2026-31673",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31673"
},
{
"cve": "CVE-2026-31674",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31675",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31675"
},
{
"cve": "CVE-2026-31676",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31676"
},
{
"cve": "CVE-2026-31677",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31677"
},
{
"cve": "CVE-2026-31678",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31678"
},
{
"cve": "CVE-2026-31679",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31679"
},
{
"cve": "CVE-2026-31680",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31681",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31681"
},
{
"cve": "CVE-2026-31682",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31682"
},
{
"cve": "CVE-2026-31683",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31683"
},
{
"cve": "CVE-2026-31684",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31684"
},
{
"cve": "CVE-2026-31685",
"product_status": {
"known_affected": [
"T053351",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"T004914",
"1607324",
"T032255"
]
},
"release_date": "2026-04-26T22:00:00.000+00:00",
"title": "CVE-2026-31685"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.